Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Explorer & Windows Start-Up Application network usage


  • Please log in to reply

#1
40154

40154

    Member

  • Member
  • PipPip
  • 11 posts

Windows Explorer & Windows Start-Up Application are always using large amounts of network usage (usually showing about 1mbps each in task manager)  have tried googling, cant find a fix. anything would be greatly appreciated. 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,021 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    •  
     
  • Get FRST from
  • You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Check the Addition.txt box
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #3
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    Adwcleaner logs: # AdwCleaner v5.201 - Logfile created 30/07/2016 at 00:12:23

    # Updated 30/06/2016 by ToolsLib
    # Database : 2016-07-29.2 [Server]
    # Operating system : Windows 8 Pro  (X64)
    # Username : Garrett - GARRETTPC
    # Running from : C:\Users\Garrett\Downloads\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
     
    ***** [ Folders ] *****
     
    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vertech
    [-] Folder Deleted : C:\Users\Garrett\AppData\Local\Temp\MPC
    [-] Folder Deleted : C:\Windows\SysNative\Tasks\TweakBit
    [#] Folder Deleted : C:\Windows\SysNative\Tasks\TweakBit
    [-] Folder Deleted : C:\Users\Garrett\AppData\Local\app
    [-] Folder Deleted : C:\Users\Garrett\AppData\Local\Geckofx
     
    ***** [ Files ] *****
     
     
    ***** [ DLLs ] *****
     
     
    ***** [ WMI ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Scheduled tasks ] *****
     
     
    ***** [ Registry ] *****
     
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    [-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
    [-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
    [-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    [-] Key Deleted : HKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B4F3851-2F84-4D94-B435-ADECF283BF96}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{79F768ED-0B12-42EF-8257-36751A0ECF3A}]
    [-] Key Deleted : HKCU\Software\eSupport.com
    [-] Key Deleted : HKCU\Software\Microsoft\Tinstalls
    [-] Key Deleted : HKCU\Software\powerpack
    [-] Key Deleted : HKCU\Software\Reimage
    [-] Key Deleted : HKCU\Software\Rocket Browser
    [-] Key Deleted : HKCU\Software\Tutorials
    [-] Key Deleted : HKCU\Software\WeatherAlerts
    [-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
    [-] Key Deleted : HKCU\Software\PC
    [-] Key Deleted : HKCU\Software\systweak
    [-] Key Deleted : HKCU\Software\INSTALLPATH\STATUS
    [-] Key Deleted : HKCU\Software\winmnt
    [-] Key Deleted : HKLM\SOFTWARE\PC
    [-] Key Deleted : HKLM\SOFTWARE\xs
    [-] Key Deleted : HKLM\SOFTWARE\systweak
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
    [-] Key Deleted : HKLM\SOFTWARE\Xtp
    [-] Key Deleted : HKLM\SOFTWARE\TWEAKBIT
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
    [-] Key Deleted : [x64] HKLM\SOFTWARE\{61FFE1F9-137D-4c31-A181-3415FCAA5946}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Xtp
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
    [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DailyWiki]
    [-] Value Deleted : HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Smart Driver Updater]
    [-] Value Deleted : HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Vertech]
    [-] Value Deleted : HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [applica]
    [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Dataup
    [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuHeatMapping
     
    ***** [ Web browsers ] *****
     
     
    *************************
     
    :: "Tracing" keys deleted
    :: Winsock settings cleared
     
    *************************
     
    C:\AdwCleaner\AdwCleaner[C1].txt - [4384 bytes] - [30/07/2016 00:12:23]
    C:\AdwCleaner\AdwCleaner[S1].txt - [6459 bytes] - [29/07/2016 23:50:52]
    C:\AdwCleaner\AdwCleaner[S2].txt - [5313 bytes] - [29/07/2016 23:59:44]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4603 bytes] ##########
    JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.7 (07.03.2016)
    Operating System: Windows 8 Pro x64 
    Ran by Garrett (Administrator) on Fri 07/29/2016 at 23:52:31.24
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    File System: 25 
     
    Successfully deleted: C:\end (File) 
    Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
    Successfully deleted: C:\ProgramData\productdata (Folder) 
    Successfully deleted: C:\ProgramData\reimage protector (Folder) 
    Successfully deleted: C:\ProgramData\Start Menu\Programs\tweakbit (Folder) 
    Successfully deleted: C:\ProgramData\tweakbit (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Local\crashrpt (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Local\esupport.com (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Local\innovative solutions (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Roaming\iobit\driver booster (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\searchplugins\bingp.xml (File) 
    Successfully deleted: C:\Users\Garrett\AppData\Roaming\productdata (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Roaming\systweak (Folder) 
    Successfully deleted: C:\Users\Garrett\Start Menu\Programs\weather alerts (Folder) 
    Successfully deleted: C:\users\Public\Documents\guid (Folder) 
    Successfully deleted: C:\Windows\reimage.ini (File) 
    Successfully deleted: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job (Task) 
    Successfully deleted: C:\Program Files (x86)\esupport.com (Folder) 
    Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
    Successfully deleted: C:\Program Files (x86)\tweakbit (Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJSCGCH6 (Temporary Internet Files Folder) 
    Successfully deleted: C:\Users\Garrett\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5VRKVIR (Temporary Internet Files Folder) 
    Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf (File) 
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJSCGCH6 (Temporary Internet Files Folder) 
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5VRKVIR (Temporary Internet Files Folder) 
     
     
     
    Registry: 3 
     
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} (Registry Key)
    Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80AEC1CC-B9F0-4851-9B9E-8AC15696238F} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80AEC1CC-B9F0-4851-9B9E-8AC15696238F} (Registry Key)
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 07/29/2016 at 23:56:39.87
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (30-07-2016 00:05:03)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Service.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-Network.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-BlockDevice.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-SharedFolder.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    () C:\Users\Garrett\Downloads\AdwCleaner.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-19] (SUPERAntiSpyware)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-28]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-28]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-28]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe [2016-07-27] ()
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk [2016-07-28]
    ShortcutTarget: sartain.lnk -> C:\Program Files (x86)\homeopathy\misquotes.exe (No File)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk [2016-07-28]
    ShortcutTarget: tascmgr.exe.lnk -> C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe ()
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-08] (Oracle Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-08] (Oracle Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-08] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-08] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Bing) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-02]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Skype) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-25]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
    S2 ApppaznoR; C:\ProgramData\\ApppaznoR\\ApppaznoR.exe -f "C:\ProgramData\\ApppaznoR\\ApppaznoR.dat" -l -a
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    R3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-29] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
    S3 cpuz136; \??\C:\Users\Garrett\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-30 00:05 - 2016-07-30 00:05 - 00018992 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-07-30 00:05 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-29 23:59 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 17:43 - 2016-07-29 17:43 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-29 23:58 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 23:53 - 2016-07-28 23:53 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:01 - 2016-07-29 19:01 - 00000534 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944.job
    2016-07-28 11:01 - 2016-07-29 02:00 - 00000534 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9.job
    2016-07-28 11:01 - 2016-07-28 11:01 - 00003598 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9
    2016-07-28 11:01 - 2016-07-28 11:01 - 00003516 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944
    2016-07-28 11:00 - 2016-07-28 11:00 - 00001831 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-07-28 21:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:23 - 2016-07-28 00:08 - 00000000 ____D C:\Users\Garrett\AppData\Local\bvyvbvhx
    2016-07-27 22:22 - 2016-07-27 22:29 - 00000000 ____D C:\Users\Garrett\AppData\Local\app
    2016-07-27 22:21 - 2016-07-28 00:08 - 00000000 ____D C:\Program Files\Ozagpaaadt
    2016-07-27 22:21 - 2016-07-27 22:21 - 00000000 ____D C:\Program Files\8089a5fd39ddff50783304a3e18afa33
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:16 - 2016-07-27 22:19 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MicrosoftExch
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 22:04 - 2016-07-27 22:04 - 00000000 ____D C:\Users\Garrett\AppData\Local\Geckofx
    2016-07-27 21:41 - 2016-07-27 21:41 - 07129600 _____ C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 00018432 _____ C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:41 - 2016-07-27 21:37 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Unotech.exe
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vertech
    2016-07-27 21:34 - 2016-07-25 23:25 - 00629760 _____ () C:\Users\Public\Documents\usblock.exe
    2016-07-27 21:33 - 2016-07-27 21:33 - 00000000 _____ C:\Users\Garrett\AppData\Local\icka78915464.txt
    2016-07-27 21:28 - 2016-07-27 21:58 - 00000000 ____D C:\Windows\SysWOW64\databases-incognito
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 00129024 _____ C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Tools
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Baidu
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 21:03 - 2016-07-27 21:03 - 00127646 _____ C:\Users\Garrett\AppData\Local\72499818.exe
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-07-29 23:49 - 00198956 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-28 17:34 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-28 23:50 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 23:48 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 20:31 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-07-29 20:07 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-07-29 20:06 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-07-29 20:05 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-29 18:23 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-29 17:43 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-07-29 17:42 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:46 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 14:33 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-25 14:33 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-11 00:55 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2016-07-27 21:41 - 2016-07-27 21:41 - 7129600 _____ () C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 0129024 _____ () C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 0018432 _____ () C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Unotech.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:03 - 2016-07-27 21:03 - 0127646 _____ () C:\Users\Garrett\AppData\Local\72499818.exe
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-07-27 21:33 - 2016-07-27 21:33 - 0000000 _____ () C:\Users\Garrett\AppData\Local\icka78915464.txt
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================
    Additional Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-07-30 00:06:04)
    Running from C:\Users\Garrett\Downloads
    Windows 8 Pro (X64) (2014-06-21 18:49:11)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-3463171804-1537994893-3906066650-500 - Administrator - Disabled)
    Garrett (S-1-5-21-3463171804-1537994893-3906066650-1001 - Administrator - Enabled) => C:\Users\Garrett
    Guest (S-1-5-21-3463171804-1537994893-3906066650-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3463171804-1537994893-3906066650-1005 - Limited - Enabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
    cFosSpeed v10.10 (HKLM\...\cFosSpeed) (Version: 10.10 - cFos Software GmbH, Bonn)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
    Discord (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Discord) (Version: 0.0.294 - Hammer & Chisel, Inc.)
    DuelystLauncher (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\launcher) (Version: 0.0.9 - Counterplay Games Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    H&R Block Basic + Efile 2015 (HKLM-x32\...\{7BDAAEFD-7F67-4484-BED2-BEB6FE7FB216}) (Version: 15.02.8101 - HRB Technology, LLC.)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
    Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft OneDrive (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
    MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
    Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
    Overwolf (HKLM-x32\...\Overwolf) (Version: 0.96.218.0 - Overwolf Ltd.)
    Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
    Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
    Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
    Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {29B9592C-6824-455A-8358-A02B64BA893B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {39B3DE9E-E2AA-4EDA-9D54-12371A82EC46} - \SmartDefrag3_Update -> No File <==== ATTENTION
    Task: {43F84262-6062-4680-9D61-600DE9AA21C0} - System32\Tasks\TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon => C:\Program Files (x86)\TweakBit\Speedtest Optimizer\SpeedtestOptimizer.exe <==== ATTENTION
    Task: {4DE6ACF4-C533-455A-A068-90A10A646FDC} - \Driver Booster SkipUAC (Garrett) -> No File <==== ATTENTION
    Task: {5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8} - \{057D0947-7D79-0E79-0A11-7A050E79117D} -> No File <==== ATTENTION
    Task: {5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51} - \Overwolf Updater Task -> No File <==== ATTENTION
    Task: {7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25} - \SmartDefrag3_Startup -> No File <==== ATTENTION
    Task: {7E2C533A-9D61-4F01-97E0-E40CC4F810B3} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://localhost:1487/cfosspeed/console.htm"
    Task: {82135536-AD12-4285-B8C2-3627E18B7400} - System32\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {9F0D8314-DC1A-4093-8C88-12DCA336EF79} - \Adobe Flash Player Updater -> No File <==== ATTENTION
    Task: {B148CD0D-F3FA-4A45-BE84-129E535B625C} - \MSIAfterburner -> No File <==== ATTENTION
    Task: {B3952EC3-562D-4646-BF84-4F84218268A4} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
    Task: {C6AA87E4-732B-48C3-B911-0E9487956B24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {DD652D00-A001-430F-B965-1BC4CE018501} - \{991BE8EB-52BA-464F-AB02-D10FD1968B9B} -> No File <==== ATTENTION
    Task: {E43BE519-89CC-4779-9F3A-2B3CC6004AF0} - System32\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\Garrett\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe (Google Inc.) -> --profile-directory="Profile 1"
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2014-11-21 21:44 - 2016-03-20 14:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ () C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-06-17 16:24 - 2016-06-15 03:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
    2016-06-17 16:24 - 2016-06-15 03:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100sexlinks.com -> 100sexlinks.com
     
    There are 4788 more sites.
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2012-07-25 23:26 - 2016-07-27 21:37 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       down.baidu2016.com
    127.0.0.1       123.sogou.com
    127.0.0.1       www.czzsyzgm.com
    127.0.0.1       www.czzsyzxl.com
    127.0.0.1       union.baidu2019.com
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Garrett\Downloads\downloaded.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AdvancedSystemCareService7 => 2
    MSCONFIG\Services: cFosSpeedS => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: IMFservice => 2
    MSCONFIG\Services: LiveUpdateSvc => 2
    MSCONFIG\Services: PnkBstrA => 2
    MSCONFIG\Services: SkypeUpdate => 2
    HKLM\...\StartupApproved\Run: => "cFosSpeed"
    HKLM\...\StartupApproved\Run: => "niels"
    HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
    HKLM\...\StartupApproved\Run32: => "RaidCall"
    HKLM\...\StartupApproved\Run32: => "Raptr"
    HKLM\...\StartupApproved\Run32: => "StartCCC"
    HKLM\...\StartupApproved\Run32: => "DailyWiki"
    HKLM\...\StartupApproved\Run32: => "binging"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "FreeDownloadmanager.exe"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "sartain.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "tascmgr.exe.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "EADM"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "MK LOL"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "WTFast Tray"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "applica"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "jacks"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "mountaineering"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "vim"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "cooperations"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Restore Points =========================
     
    28-07-2016 16:18:51 Removed Oracle VM VirtualBox 5.0.4
    28-07-2016 16:23:23 Removed Apple Application Support (64-bit)
    28-07-2016 16:25:14 Removed Apple Software Update
    28-07-2016 17:10:55 Removed Cisco EAP-FAST Module
    28-07-2016 17:11:28 Removed Cisco LEAP Module
    28-07-2016 17:11:41 Removed Cisco PEAP Module
    28-07-2016 17:14:20 Removed LogMeIn Hamachi
    29-07-2016 23:52:36 JRT Pre-Junkware Removal
     
    ==================== Faulty Device Manager Devices =============
     
    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: Microsoft Teredo Tunneling Adapter
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (07/29/2016 11:00:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Garrettpc)
    Description: Activation of app microsoft.windowsphotos_8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.wwa failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (07/29/2016 10:57:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Garrettpc)
    Description: Activation of app Microsoft.ZuneVideo_1.5.909.0_x64__8wekyb3d8bbwe:Microsoft.ZuneVideo.AppX0691txe4bqr477kft85hfv93agd4v0e0.wwa failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (07/29/2016 10:56:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Garrettpc)
    Description: Activation of app Microsoft.ZuneVideo_1.5.909.0_x64__8wekyb3d8bbwe:Microsoft.ZuneVideo.AppX0691txe4bqr477kft85hfv93agd4v0e0.wwa failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (07/29/2016 10:55:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Garrettpc)
    Description: Activation of app Microsoft.ZuneVideo_1.5.909.0_x64__8wekyb3d8bbwe:Microsoft.ZuneVideo.AppX0691txe4bqr477kft85hfv93agd4v0e0.wwa failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
     
    Error: (07/29/2016 08:07:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable
     
    Error: (07/29/2016 08:07:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
     
    Error: (07/29/2016 08:03:47 PM) (Source: Wininit) (EventID: 1015) (User: )
    Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 255.  The machine must now be restarted.
     
    Error: (07/29/2016 08:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: lsass.exe, version: 6.2.9200.16864, time stamp: 0x531d1a86
    Faulting module name: ntdll.dll, version: 6.2.9200.17581, time stamp: 0x5644f0f7
    Exception code: 0xc0000008
    Fault offset: 0x0000000000004bf9
    Faulting process id: 0x2a4
    Faulting application start time: 0xlsass.exe0
    Faulting application path: lsass.exe1
    Faulting module path: lsass.exe2
    Report Id: lsass.exe3
    Faulting package full name: lsass.exe4
    Faulting package-relative application ID: lsass.exe5
     
    Error: (07/29/2016 06:22:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable
     
    Error: (07/29/2016 06:22:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
     
     
    System errors:
    =============
    Error: (07/29/2016 08:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The LiveUpdate service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/29/2016 08:05:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The ApppaznoR service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/29/2016 08:05:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The UAC File Virtualization service failed to start due to the following error: 
    %%1275 = This driver has been blocked from loading
     
     
    Error: (07/29/2016 08:05:15 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0
     
    Error: (07/29/2016 08:05:27 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 7:41:02 PM on ‎7/‎29/‎2016 was unexpected.
     
    Error: (07/29/2016 08:03:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: 
    %%1069 = The service did not start due to a logon failure.
     
     
    Error: (07/29/2016 08:03:47 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
    Description: The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
    %%1722 = The RPC server is unavailable.
     
     
    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
     
    Error: (07/29/2016 06:21:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The LiveUpdate service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/29/2016 06:21:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The ApppaznoR service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/29/2016 06:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The UAC File Virtualization service failed to start due to the following error: 
    %%1275 = This driver has been blocked from loading
     
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
    Percentage of memory in use: 57%
    Total physical RAM: 3965.61 MB
    Available physical RAM: 1669.29 MB
    Total Virtual: 7483.61 MB
    Available Virtual: 4658.11 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:148.81 GB) (Free:23.18 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 834AE775)
    Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=148.8 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================
     Problem is still here after all of that :(

    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    Looks like you might have a password and bank info stealing infection so after we finish you should change any passwords you might have used on this PC and check your bank accounts.

     

    The file TASCMGR.EXE is identified as the Trojan Program that is used for stealing bank information and users passwords.

     

     
    This is from Averscanner.com.  They tend to be a bit alarmist but it's definitely malware of some kind.
     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   10.76KB   130 downloads
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
     
    I would uninstall SuperAntiSpyware 
    Also 
    Skype Click to Call (This is that annoying program that changes random 10 digit numbers into call links.  Removing it will not hurt Skype.
     
    You do not have the latest Java.
    First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
    I see:
    Java 8 Update 65 
     
    Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
     
    If you feel you must have Java:
    Get the latest Java at:
     
    Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
    Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
     
    (If you also want the 64 bit version then use the 64 bit version of IE to get it.)
     
    You only have Windows Defender which obviously isn't good enough.  Let's install the free Avast and let it do a boot-time scan tonight as you sleep.
     
    Click on Download then choose the free version.
     
     
    Download, Save, and go to the download folder and right click and Run As Administrator.  Register when it asks you to.  Decline any free trial offers and any optional software like Chrome, Google Toolbar, Dropbox.  
     
    Once you have it installed and uptodate:   Run a boot-time scan (or wait until tonight - it takes 6 hours or so.).
     
    Open Avast, Scan, Scan for Viruses, Change the Quick Scan (in the box in the center of the page) to Boot-time Scan.  Then at the bottom of the page click on Scan Settings.
     
    Make sure both boxes are checked and click on the gray box to the right of the orange ones.  It should turn orange.  Change where it says "Fix Automatically" to "Move to
    Chest."
     
    orange.jpg
     
     
     OK.  Now click on Start and then close Avast.  Mute your speakers so it doesn't wake you up when Windows boots.
     
    When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:
     
     
    Copy and paste the text from the log to a Reply when done.
     
     
     

     


    • 0

    #5
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    Fix log Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016

    Ran by Garrett (2016-07-30 12:39:37) Run:1
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-28]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-28]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-28]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe [2016-07-27] ()
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk [2016-07-28]
    ShortcutTarget: sartain.lnk -> C:\Program Files (x86)\homeopathy\misquotes.exe (No File)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk [2016-07-28]
    ShortcutTarget: tascmgr.exe.lnk -> C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe ()
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
    S2 ApppaznoR; C:\ProgramData\\ApppaznoR\\ApppaznoR.exe -f "C:\ProgramData\\ApppaznoR\\ApppaznoR.dat" -l -a
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
    S3 cpuz136; \??\C:\Users\Garrett\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] 
    2016-07-27 22:23 - 2016-07-28 00:08 - 00000000 ____D C:\Users\Garrett\AppData\Local\bvyvbvhx
    2016-07-27 22:22 - 2016-07-27 22:29 - 00000000 ____D C:\Users\Garrett\AppData\Local\app
    2016-07-27 22:21 - 2016-07-28 00:08 - 00000000 ____D C:\Program Files\Ozagpaaadt
    2016-07-27 22:21 - 2016-07-27 22:21 - 00000000 ____D C:\Program Files\8089a5fd39ddff50783304a3e18afa33
    2016-07-27 21:41 - 2016-07-27 21:41 - 07129600 _____ C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 00018432 _____ C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:41 - 2016-07-27 21:37 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Unotech.exe
    Task: {39B3DE9E-E2AA-4EDA-9D54-12371A82EC46} - \SmartDefrag3_Update -> No File <==== ATTENTION
    Task: {43F84262-6062-4680-9D61-600DE9AA21C0} - System32\Tasks\TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon => C:\Program Files (x86)\TweakBit\Speedtest Optimizer\SpeedtestOptimizer.exe <==== ATTENTION
    Task: {4DE6ACF4-C533-455A-A068-90A10A646FDC} - \Driver Booster SkipUAC (Garrett) -> No File <==== ATTENTION
    Task: {5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8} - \{057D0947-7D79-0E79-0A11-7A050E79117D} -> No File <==== ATTENTION
    Task: {5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51} - \Overwolf Updater Task -> No File <==== ATTENTION
    Task: {7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25} - \SmartDefrag3_Startup -> No File <==== ATTENTION
    Task: {9F0D8314-DC1A-4093-8C88-12DCA336EF79} - \Adobe Flash Player Updater -> No File <==== ATTENTION
    Task: {B148CD0D-F3FA-4A45-BE84-129E535B625C} - \MSIAfterburner -> No File <==== ATTENTION
    Task: {B3952EC3-562D-4646-BF84-4F84218268A4} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
    Task: {DD652D00-A001-430F-B965-1BC4CE018501} - \{991BE8EB-52BA-464F-AB02-D10FD1968B9B} -> No File <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
     
    *****************
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WinResSync => value removed successfully
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WinResSync => value removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\WinResSync => value removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WinResSync => value removed successfully
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk => moved successfully
    C:\Program Files\WinZip\FAHConsole.exe => not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk => moved successfully
    C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe => moved successfully
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk => moved successfully
    C:\Program Files\WinZip\WzPreloader_IObitDel.exe => moved successfully
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe => moved successfully
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk => moved successfully
    C:\Program Files (x86)\homeopathy\misquotes.exe => not found.
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk => moved successfully
    C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe => moved successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
    C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] => path removed successfully
    C:\Program Files (x86)\IObit Apps Toolbar\FF => path removed successfully
    C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] => path removed successfully
    ApppaznoR => service removed successfully
    LiveUpdateSvc => service removed successfully
    cpuz136 => service removed successfully
    C:\Users\Garrett\AppData\Local\bvyvbvhx => moved successfully
    "C:\Users\Garrett\AppData\Local\app" => not found.
    C:\Program Files\Ozagpaaadt => moved successfully
    C:\Program Files\8089a5fd39ddff50783304a3e18afa33 => moved successfully
    C:\Users\Garrett\AppData\Roaming\agent.dat => moved successfully
    C:\Users\Garrett\AppData\Roaming\Main.dat => moved successfully
    C:\Windows\system32\Drivers\etc\hp.bak => moved successfully
    C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe => moved successfully
    C:\Users\Garrett\AppData\Roaming\Unotech.exe => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{39B3DE9E-E2AA-4EDA-9D54-12371A82EC46}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39B3DE9E-E2AA-4EDA-9D54-12371A82EC46}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Update" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43F84262-6062-4680-9D61-600DE9AA21C0}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F84262-6062-4680-9D61-600DE9AA21C0}" => key removed successfully
    C:\Windows\System32\Tasks\TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon => not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DE6ACF4-C533-455A-A068-90A10A646FDC}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE6ACF4-C533-455A-A068-90A10A646FDC}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Garrett)" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{057D0947-7D79-0E79-0A11-7A050E79117D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Startup" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F0D8314-DC1A-4093-8C88-12DCA336EF79}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F0D8314-DC1A-4093-8C88-12DCA336EF79}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B148CD0D-F3FA-4A45-BE84-129E535B625C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B148CD0D-F3FA-4A45-BE84-129E535B625C}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MSIAfterburner" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3952EC3-562D-4646-BF84-4F84218268A4}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3952EC3-562D-4646-BF84-4F84218268A4}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC}" => key removed successfully
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\EOSNotify => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD652D00-A001-430F-B965-1BC4CE018501}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD652D00-A001-430F-B965-1BC4CE018501}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{991BE8EB-52BA-464F-AB02-D10FD1968B9B}" => key removed successfully
    C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
    C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 82f55711-4baa-4f78-9660-bcab7d500944.job => not found.
    C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task be233e3a-ea54-4e5e-a05c-a85eaa5b79b9.job => not found.
     
    ==== End of Fixlog 12:39:42 ====
    FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (30-07-2016 12:35:45)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
    (WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe
    (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader_IObitDel.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Microsoft Corporation) C:\Windows\System32\SrTasks.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\SrTasks.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-07-30] (AVAST Software)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-18\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-30] (AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-28]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-28]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-28]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe [2016-07-27] ()
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk [2016-07-28]
    ShortcutTarget: sartain.lnk -> C:\Program Files (x86)\homeopathy\misquotes.exe (No File)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk [2016-07-28]
    ShortcutTarget: tascmgr.exe.lnk -> C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe ()
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-30] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30] (AVAST Software)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF Extension: No Name - C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default\extensions\[email protected] [not found]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-30]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> search.mpc.am
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Avast SafePrice) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Avast Online Security) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-30]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-07-30] (AVAST Software)
    S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
    S2 ApppaznoR; C:\ProgramData\\ApppaznoR\\ApppaznoR.exe -f "C:\ProgramData\\ApppaznoR\\ApppaznoR.dat" -l -a
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-07-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-30] (AVAST Software)
    S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-30] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-07-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-07-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-07-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-07-30] (AVAST Software)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-30] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
    S3 cpuz136; \??\C:\Users\Garrett\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-30 12:31 - 2016-07-30 12:31 - 00001935 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-30 12:30 - 2016-07-30 12:30 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-07-30 12:30 - 2016-07-30 12:30 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-07-30 12:30 - 2016-07-30 12:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00011022 _____ C:\Users\Garrett\Downloads\fixlist.txt
    2016-07-30 12:30 - 2016-07-30 12:30 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2016-07-30 12:23 - 2016-07-30 12:23 - 00000000 ____D C:\Program Files\AVAST Software
    2016-07-30 12:21 - 2016-07-30 12:22 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-07-30 12:20 - 2016-07-30 12:20 - 06319040 _____ (AVAST Software) C:\Users\Garrett\Downloads\avast_free_antivirus_setup_online.exe
    2016-07-30 00:06 - 2016-07-30 00:06 - 00027199 _____ C:\Users\Garrett\Downloads\Addition.txt
    2016-07-30 00:05 - 2016-07-30 12:36 - 00019406 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-07-30 12:35 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-30 00:12 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 17:43 - 2016-07-29 17:43 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-30 00:58 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 23:53 - 2016-07-28 23:53 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-07-28 21:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:23 - 2016-07-28 00:08 - 00000000 ____D C:\Users\Garrett\AppData\Local\bvyvbvhx
    2016-07-27 22:21 - 2016-07-28 00:08 - 00000000 ____D C:\Program Files\Ozagpaaadt
    2016-07-27 22:21 - 2016-07-27 22:21 - 00000000 ____D C:\Program Files\8089a5fd39ddff50783304a3e18afa33
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:16 - 2016-07-27 22:19 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MicrosoftExch
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 21:41 - 2016-07-27 21:41 - 07129600 _____ C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 00018432 _____ C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:41 - 2016-07-27 21:37 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Unotech.exe
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:34 - 2016-07-25 23:25 - 00629760 _____ () C:\Users\Public\Documents\usblock.exe
    2016-07-27 21:33 - 2016-07-27 21:33 - 00000000 _____ C:\Users\Garrett\AppData\Local\icka78915464.txt
    2016-07-27 21:28 - 2016-07-27 21:58 - 00000000 ____D C:\Windows\SysWOW64\databases-incognito
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 00129024 _____ C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Tools
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Baidu
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 21:03 - 2016-07-27 21:03 - 00127646 _____ C:\Users\Garrett\AppData\Local\72499818.exe
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-07-30 12:31 - 00218438 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-28 17:34 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-28 23:50 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-30 12:29 - 2014-12-31 23:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-07-30 12:20 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-30 12:20 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-30 12:09 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-07-30 12:08 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-07-30 12:08 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-07-30 12:08 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-30 00:14 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 18:23 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-29 17:43 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-07-29 17:42 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:46 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-11 00:55 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2016-07-27 21:41 - 2016-07-27 21:41 - 7129600 _____ () C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 0129024 _____ () C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 0018432 _____ () C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Unotech.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:03 - 2016-07-27 21:03 - 0127646 _____ () C:\Users\Garrett\AppData\Local\72499818.exe
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-07-27 21:33 - 2016-07-27 21:33 - 0000000 _____ () C:\Users\Garrett\AppData\Local\icka78915464.txt
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================
    Addition 
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-07-30 12:37:08)
    Running from C:\Users\Garrett\Downloads
    Windows 8 Pro (X64) (2014-06-21 18:49:11)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-3463171804-1537994893-3906066650-500 - Administrator - Disabled)
    Garrett (S-1-5-21-3463171804-1537994893-3906066650-1001 - Administrator - Enabled) => C:\Users\Garrett
    Guest (S-1-5-21-3463171804-1537994893-3906066650-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3463171804-1537994893-3906066650-1005 - Limited - Enabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
    cFosSpeed v10.10 (HKLM\...\cFosSpeed) (Version: 10.10 - cFos Software GmbH, Bonn)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
    Discord (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Discord) (Version: 0.0.294 - Hammer & Chisel, Inc.)
    DuelystLauncher (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\launcher) (Version: 0.0.9 - Counterplay Games Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    H&R Block Basic + Efile 2015 (HKLM-x32\...\{7BDAAEFD-7F67-4484-BED2-BEB6FE7FB216}) (Version: 15.02.8101 - HRB Technology, LLC.)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft OneDrive (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
    MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
    Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
    Overwolf (HKLM-x32\...\Overwolf) (Version: 0.96.218.0 - Overwolf Ltd.)
    Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
    Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
    Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {27FBBEEB-D28D-484B-BE67-62A925F382AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-30] (AVAST Software)
    Task: {29B9592C-6824-455A-8358-A02B64BA893B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {39B3DE9E-E2AA-4EDA-9D54-12371A82EC46} - \SmartDefrag3_Update -> No File <==== ATTENTION
    Task: {43F84262-6062-4680-9D61-600DE9AA21C0} - \TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon -> No File <==== ATTENTION
    Task: {4DE6ACF4-C533-455A-A068-90A10A646FDC} - \Driver Booster SkipUAC (Garrett) -> No File <==== ATTENTION
    Task: {5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8} - \{057D0947-7D79-0E79-0A11-7A050E79117D} -> No File <==== ATTENTION
    Task: {5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51} - \Overwolf Updater Task -> No File <==== ATTENTION
    Task: {7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25} - \SmartDefrag3_Startup -> No File <==== ATTENTION
    Task: {7E2C533A-9D61-4F01-97E0-E40CC4F810B3} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://localhost:1487/cfosspeed/console.htm"
    Task: {9F0D8314-DC1A-4093-8C88-12DCA336EF79} - \Adobe Flash Player Updater -> No File <==== ATTENTION
    Task: {B148CD0D-F3FA-4A45-BE84-129E535B625C} - \MSIAfterburner -> No File <==== ATTENTION
    Task: {B3952EC3-562D-4646-BF84-4F84218268A4} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
    Task: {BC116B57-75A7-4005-A574-AADA96470EB8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-07-30] (AVAST Software)
    Task: {C6AA87E4-732B-48C3-B911-0E9487956B24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {DD652D00-A001-430F-B965-1BC4CE018501} - \{991BE8EB-52BA-464F-AB02-D10FD1968B9B} -> No File <==== ATTENTION
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\Garrett\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe (Google Inc.) -> --profile-directory="Profile 1"
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2014-11-21 21:44 - 2016-03-20 14:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2016-06-12 17:12 - 2016-04-29 14:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
    2016-07-08 21:31 - 2016-07-08 19:06 - 02317904 _____ () C:\Program Files (x86)\Steam\video.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2016-07-08 21:31 - 2016-07-08 19:06 - 00829520 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-07-17 08:35 - 2016-07-17 08:35 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.96.218.0\libcef.DLL
    2016-07-29 17:42 - 2016-07-29 14:20 - 01950392 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\ffmpeg.dll
    2016-07-29 18:22 - 2016-07-29 18:22 - 01043640 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_voice\discord_voice.node
    2016-07-29 18:22 - 2016-07-29 18:23 - 03784376 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_voice\libdiscord.dll
    2016-07-29 18:22 - 2016-07-29 18:22 - 00887992 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_utils\discord_utils.node
    2016-07-29 18:22 - 2016-07-29 18:22 - 00775864 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_toaster\discord_toaster.node
    2016-07-11 23:42 - 2016-03-09 00:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll
    2015-10-31 21:05 - 2011-05-04 19:53 - 01058664 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
    2016-06-26 19:09 - 2016-06-14 13:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2016-07-29 17:42 - 2016-07-29 14:20 - 02230456 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\libglesv2.dll
    2016-07-29 17:42 - 2016-07-29 14:20 - 00088760 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\libegl.dll
    2016-06-17 16:24 - 2016-06-15 03:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
    2016-06-17 16:24 - 2016-06-15 03:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16072999\algo.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100sexlinks.com -> 100sexlinks.com
     
    There are 4788 more sites.
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2012-07-25 23:26 - 2016-07-27 21:37 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       down.baidu2016.com
    127.0.0.1       123.sogou.com
    127.0.0.1       www.czzsyzgm.com
    127.0.0.1       www.czzsyzxl.com
    127.0.0.1       union.baidu2019.com
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Garrett\Downloads\downloaded.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AdvancedSystemCareService7 => 2
    MSCONFIG\Services: cFosSpeedS => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: IMFservice => 2
    MSCONFIG\Services: LiveUpdateSvc => 2
    MSCONFIG\Services: PnkBstrA => 2
    MSCONFIG\Services: SkypeUpdate => 2
    HKLM\...\StartupApproved\Run: => "cFosSpeed"
    HKLM\...\StartupApproved\Run: => "niels"
    HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
    HKLM\...\StartupApproved\Run32: => "RaidCall"
    HKLM\...\StartupApproved\Run32: => "Raptr"
    HKLM\...\StartupApproved\Run32: => "StartCCC"
    HKLM\...\StartupApproved\Run32: => "binging"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "FreeDownloadmanager.exe"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "sartain.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "tascmgr.exe.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "EADM"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "MK LOL"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "WTFast Tray"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "jacks"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "mountaineering"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "vim"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "cooperations"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [{E605FEB1-5A37-4BB5-B169-0099E2F19F0E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BB8C5779-CAA3-4B96-AC61-1066A0DDD4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{F2FD3AE6-3323-4326-98E5-0B0C332C7EFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{ABF1E5E1-D34D-4FAD-B3B7-924C3F86004F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
     
    ==================== Restore Points =========================
     
    28-07-2016 16:18:51 Removed Oracle VM VirtualBox 5.0.4
    28-07-2016 16:23:23 Removed Apple Application Support (64-bit)
    28-07-2016 16:25:14 Removed Apple Software Update
    28-07-2016 17:10:55 Removed Cisco EAP-FAST Module
    28-07-2016 17:11:28 Removed Cisco LEAP Module
    28-07-2016 17:11:41 Removed Cisco PEAP Module
    28-07-2016 17:14:20 Removed LogMeIn Hamachi
    29-07-2016 23:52:36 JRT Pre-Junkware Removal
    30-07-2016 12:19:39 Removed Java 8 Update 65
    30-07-2016 12:29:02 Removed Skype Click to Call
     
    ==================== Faulty Device Manager Devices =============
     
    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: Microsoft Teredo Tunneling Adapter
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (07/30/2016 12:31:39 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1".
    Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (07/30/2016 12:29:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
     
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
     
    System Error:
    The system cannot find the file specified.
    .
     
    Error: (07/30/2016 12:09:43 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
     
    Error: (07/30/2016 12:09:43 PM) (Source: Perflib) (EventID: 1023) (User: )
    Description: rdyboost4
     
    Error: (07/30/2016 12:09:42 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
     
    Error: (07/30/2016 12:09:42 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: LsaC:\Windows\System32\Secur32.dll4
     
    Error: (07/30/2016 12:09:42 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: ESENTC:\Windows\system32\esentprf.dll4
     
    Error: (07/30/2016 12:09:42 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: BITSC:\Windows\System32\bitsperf.dll4
     
    Error: (07/30/2016 12:08:46 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
     
    Error: (07/30/2016 12:08:45 PM) (Source: Perflib) (EventID: 1023) (User: )
    Description: rdyboost4
     
     
    System errors:
    =============
    Error: (07/30/2016 12:14:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The LiveUpdate service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/30/2016 12:14:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The ApppaznoR service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/30/2016 12:14:05 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0
     
    Error: (07/30/2016 12:13:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Installer service failed to start due to the following error: 
    %%1069 = The service did not start due to a logon failure.
     
     
    Error: (07/30/2016 12:13:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
    Description: The msiserver service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
    %%50 = The request is not supported.
     
     
    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The RalinkRegistryWriter64 service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The BlueStacks Android Service  service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The RalinkRegistryWriter service terminated unexpectedly.  It has done this 1 time(s).
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3965.61 MB
    Available physical RAM: 2314.77 MB
    Total Virtual: 7483.61 MB
    Available Virtual: 4889.78 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:148.81 GB) (Free:22.63 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 834AE775)
    Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=148.8 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================

     

     

     

    Avast:

    07/30/2016 12:21

    Scan of all local drives
     
    File C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2742614.cab|>_manifest_.cix.xml Error 42127 {CAB archive is corrupted.}
    File C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2756872.cab|>420 Error 42127 {CAB archive is corrupted.}
    File C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2769165.cab|>4896 Error 42127 {CAB archive is corrupted.}
    File C:\Users\Garrett\AppData\Local\Temp\SASC0D0.tmp|>data Error 42125 {ZIP archive is corrupted.}
    File C:\Users\Garrett\AppData\Roaming\Nimcore.exe is infected by Win32:Adware-gen [Adw], Moved to chest
    File C:\Users\Garrett\AppData\Roaming\Fineco.exe is infected by Win32:Adware-gen [Adw], Moved to chest
    File C:\Windows\System32\DriverStore\FileRepository\prncacla.inf_amd64_9b92c72816d21e91\Amd64\CNBJ2530.DPB|>_5_Kolt50vpJyqlets20vm3zt2n4b Error 0xC000009C {STATUS_DEVICE_DATA_ERROR}
    File C:\Windows\System32\DriverStore\FileRepository\prncacla.inf_amd64_b353adcdce8a187f\Amd64\CNBJ2530.DPB|>_5_Kolt50vpJyqlets20vm3zt2n4b Error 0xC000009C {STATUS_DEVICE_DATA_ERROR}
    File C:\Windows\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB|>_5_Kolt50vpJyqlets20vm3zt2n4b Error 0xC000009C {STATUS_DEVICE_DATA_ERROR}
    File C:\Windows\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.20531_none_fe58af2da47e1433\Amd64\CNBJ2530.DPB|>_5_Kolt50vpJyqlets20vm3zt2n4b Error 0xC000009C {STATUS_DEVICE_DATA_ERROR}
    File C:\Windows\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16384_none_fd9c01be8b864efc\Amd64\CNBJ2530.DPB|>_5_Kolt50vpJyqlets20vm3zt2n4b Error 0xC000009C {STATUS_DEVICE_DATA_ERROR}
    File C:\FRST\Quarantine\C\Users\Garrett\AppData\Roaming\Unotech.exe.xBAD is infected by Win32:Adware-gen [Adw], Moved to chest
    File C:\FRST\Quarantine\C\Users\Garrett\AppData\Roaming\Zonqvodom.exe.xBAD is infected by Win32:Adware-gen [Adw], Moved to chest
    Number of searched folders: 82512
    Number of tested files: 1019645
    Number of infected files: 4

    • 0

    #6
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    problem persists


    • 0

    #7
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    Let's try another fixlist.  It looks like the last one didn't work right.

     

     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   10.25KB   95 downloads
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
     

     

     


    • 0

    #8
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    Fixlist:

    Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-07-30 22:14:26) Run:2
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-30] (AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-28]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-28]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-28]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader_IObitDel.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe [2016-07-27] ()
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk [2016-07-28]
    ShortcutTarget: sartain.lnk -> C:\Program Files (x86)\homeopathy\misquotes.exe (No File)
    Startup: C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk [2016-07-28]
    ShortcutTarget: tascmgr.exe.lnk -> C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe ()
    S2 ApppaznoR; C:\ProgramData\\ApppaznoR\\ApppaznoR.exe -f "C:\ProgramData\\ApppaznoR\\ApppaznoR.dat" -l -a
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
    S3 cpuz136; \??\C:\Users\Garrett\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
    2016-07-27 22:23 - 2016-07-28 00:08 - 00000000 ____D C:\Users\Garrett\AppData\Local\bvyvbvhx
    2016-07-27 22:21 - 2016-07-28 00:08 - 00000000 ____D C:\Program Files\Ozagpaaadt
    2016-07-27 22:21 - 2016-07-27 22:21 - 00000000 ____D C:\Program Files\8089a5fd39ddff50783304a3e18afa33
    2016-07-27 21:34 - 2016-07-25 23:25 - 00629760 _____ () C:\Users\Public\Documents\usblock.exe
    2016-07-27 21:33 - 2016-07-27 21:33 - 00000000 _____ C:\Users\Garrett\AppData\Local\icka78915464.txt
    2016-07-27 21:28 - 2016-07-27 21:58 - 00000000 ____D C:\Windows\SysWOW64\databases-incognito
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:28 - 2016-07-27 21:13 - 00676864 _____ C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 00129024 _____ C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Tools
    2016-07-27 21:23 - 2016-07-27 21:23 - 00000000 ____D C:\Users\Public\Documents\Baidu
    2016-07-27 21:03 - 2016-07-27 21:03 - 00127646 _____ C:\Users\Garrett\AppData\Local\72499818.exe
    2016-07-27 21:41 - 2016-07-27 21:41 - 7129600 _____ () C:\Users\Garrett\AppData\Roaming\agent.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Fineco.exe
    2016-07-27 21:23 - 2016-07-27 21:37 - 0129024 _____ () C:\Users\Garrett\AppData\Roaming\Installer.dat
    2016-07-27 21:41 - 2016-07-27 21:41 - 0018432 _____ () C:\Users\Garrett\AppData\Roaming\Main.dat
    2016-07-27 21:28 - 2016-07-27 21:13 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Nimcore.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Unotech.exe
    2016-07-27 21:41 - 2016-07-27 21:36 - 0676864 _____ () C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe
    2016-07-27 21:03 - 2016-07-27 21:03 - 0127646 _____ () C:\Users\Garrett\AppData\Local\72499818.exe
    CMD: dir /a C:\Users\Garrett\AppData\Roaming\Microsoft\Protect
    C:\Users\Garrett\AppData\Roaming\MicrosoftExch
    Task: {39B3DE9E-E2AA-4EDA-9D54-12371A82EC46} - \SmartDefrag3_Update -> No File <==== ATTENTION
    Task: {43F84262-6062-4680-9D61-600DE9AA21C0} - \TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon -> No File <==== ATTENTION
    Task: {4DE6ACF4-C533-455A-A068-90A10A646FDC} - \Driver Booster SkipUAC (Garrett) -> No File <==== ATTENTION
    Task: {5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8} - \{057D0947-7D79-0E79-0A11-7A050E79117D} -> No File <==== ATTENTION
    Task: {5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51} - \Overwolf Updater Task -> No File <==== ATTENTION
    Task: {7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25} - \SmartDefrag3_Startup -> No File <==== ATTENTION
    Task: {9F0D8314-DC1A-4093-8C88-12DCA336EF79} - \Adobe Flash Player Updater -> No File <==== ATTENTION
    Task: {B148CD0D-F3FA-4A45-BE84-129E535B625C} - \MSIAfterburner -> No File <==== ATTENTION
    Task: {B3952EC3-562D-4646-BF84-4F84218268A4} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
    Task: {DD652D00-A001-430F-B965-1BC4CE018501} - \{991BE8EB-52BA-464F-AB02-D10FD1968B9B} -> No File <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    CMD: sc delete ApppaznoR
    *****************
     
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
    "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => key removed successfully
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk => not found.
    C:\Program Files\WinZip\FAHConsole.exe => not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk => not found.
    C:\Program Files\WinZip\WZUpdateNotifier_IObitDel.exe => not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk => not found.
    C:\Program Files\WinZip\WzPreloader_IObitDel.exe => not found.
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeDownloadmanager.exe => not found.
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sartain.lnk => not found.
    C:\Program Files (x86)\homeopathy\misquotes.exe => not found.
    C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tascmgr.exe.lnk => not found.
    C:\Users\Garrett\AppData\Roaming\MicrosoftExch\tascmgr.exe => not found.
    ApppaznoR => service not found.
    LiveUpdateSvc => service not found.
    cpuz136 => service not found.
    "C:\Users\Garrett\AppData\Local\bvyvbvhx" => not found.
    "C:\Program Files\Ozagpaaadt" => not found.
    "C:\Program Files\8089a5fd39ddff50783304a3e18afa33" => not found.
    C:\Users\Public\Documents\usblock.exe => moved successfully
    C:\Users\Garrett\AppData\Local\icka78915464.txt => moved successfully
    C:\Windows\SysWOW64\databases-incognito => moved successfully
    "C:\Users\Garrett\AppData\Roaming\Nimcore.exe" => not found.
    "C:\Users\Garrett\AppData\Roaming\Fineco.exe" => not found.
    C:\Users\Garrett\AppData\Roaming\Installer.dat => moved successfully
    C:\Users\Public\Documents\Tools => moved successfully
    C:\Users\Public\Documents\Baidu => moved successfully
    C:\Users\Garrett\AppData\Local\72499818.exe => moved successfully
    "C:\Users\Garrett\AppData\Roaming\agent.dat" => not found.
    "C:\Users\Garrett\AppData\Roaming\Fineco.exe" => not found.
    "C:\Users\Garrett\AppData\Roaming\Installer.dat" => not found.
    "C:\Users\Garrett\AppData\Roaming\Main.dat" => not found.
    "C:\Users\Garrett\AppData\Roaming\Nimcore.exe" => not found.
    "C:\Users\Garrett\AppData\Roaming\Unotech.exe" => not found.
    "C:\Users\Garrett\AppData\Roaming\Zonqvodom.exe" => not found.
    "C:\Users\Garrett\AppData\Local\72499818.exe" => not found.
     
    ========= dir /a C:\Users\Garrett\AppData\Roaming\Microsoft\Protect =========
     
     Volume in drive C is Windows
     Volume Serial Number is 9471-BFC9
     
     Directory of C:\Users\Garrett\AppData\Roaming\Microsoft\Protect
     
    07/27/2016  10:24 PM    <DIR>          .
    07/27/2016  10:24 PM    <DIR>          ..
    06/21/2014  12:49 PM                24 CREDHIST
    07/27/2016  09:21 PM           245,760 fea623cac58fb3b475f1.rs
    07/30/2016  09:34 PM                18 Once
    05/21/2016  08:16 PM    <DIR>          S-1-5-21-3463171804-1537994893-3906066650-1001
                   3 File(s)        245,802 bytes
                   3 Dir(s)  23,439,147,008 bytes free
     
    ========= End ofCMD: =========
     
    C:\Users\Garrett\AppData\Roaming\MicrosoftExch => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39B3DE9E-E2AA-4EDA-9D54-12371A82EC46} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Update => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F84262-6062-4680-9D61-600DE9AA21C0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\Speedtest Optimizer\Start Speedtest Optimizer оn logon => key could not remove. ErrorCode: 0xC000000D
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE6ACF4-C533-455A-A068-90A10A646FDC} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Garrett) => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DD0EB00-D0CD-4BC2-A2D5-11CC6EEB62F8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{057D0947-7D79-0E79-0A11-7A050E79117D} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF9C10D-6F91-42FE-A8A3-BE1BB18F4B51} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BA05A9E-1FEC-4102-8BA8-EBBF7F8A5B25} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Startup => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F0D8314-DC1A-4093-8C88-12DCA336EF79} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B148CD0D-F3FA-4A45-BE84-129E535B625C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MSIAfterburner => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3952EC3-562D-4646-BF84-4F84218268A4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BACB6B5F-917B-4989-ADBA-2FBD3C61B3DC} => key not found. 
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\EOSNotify => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD652D00-A001-430F-B965-1BC4CE018501} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{991BE8EB-52BA-464F-AB02-D10FD1968B9B} => key not found. 
    C:\Windows\Tasks\Adobe Flash Player Updater.job => not found.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => not found.
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => not found.
     
    ========= sc delete ApppaznoR =========
     
    [SC] OpenService FAILED 1060:
     
    The specified service does not exist as an installed service.
     
     
    ========= End ofCMD: =========
     
     
    ==== End of Fixlog 22:14:29 ====
    FRST:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (30-07-2016 22:16:06)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\LiveComm.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-07-30] (AVAST Software)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-30] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30] (AVAST Software)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-30]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> search.mpc.am
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Avast SafePrice) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Avast Online Security) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-30]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-07-30] (AVAST Software)
    S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-30] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-07-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-30] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-07-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-07-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-07-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-07-30] (AVAST Software)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-30] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-30 22:16 - 2016-07-30 22:16 - 00011022 _____ C:\Users\Garrett\Downloads\fixlist.txt
    2016-07-30 22:14 - 2016-07-30 22:14 - 00012154 _____ C:\Users\Garrett\Downloads\Fixlog.txt
    2016-07-30 15:47 - 2016-07-30 15:47 - 00000000 ____D C:\Users\Garrett\Downloads\ProcessExplorer
    2016-07-30 12:52 - 2016-07-30 12:52 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469904658
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-07-30 12:49 - 2016-07-30 12:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2016-07-30 12:47 - 2016-07-30 12:47 - 00013848 _____ C:\Users\Garrett\Desktop\21234.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00108212 _____ C:\Users\Garrett\Desktop\212.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00027661 _____ C:\Users\Garrett\Desktop\2123.txt
    2016-07-30 12:31 - 2016-07-30 12:31 - 00001935 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-30 12:30 - 2016-07-30 12:30 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-07-30 12:30 - 2016-07-30 12:30 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-07-30 12:30 - 2016-07-30 12:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2016-07-30 12:23 - 2016-07-30 12:49 - 00000000 ____D C:\Program Files\AVAST Software
    2016-07-30 12:21 - 2016-07-30 12:49 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-07-30 12:20 - 2016-07-30 12:20 - 06319040 _____ (AVAST Software) C:\Users\Garrett\Downloads\avast_free_antivirus_setup_online.exe
    2016-07-30 00:06 - 2016-07-30 22:07 - 00026757 _____ C:\Users\Garrett\Downloads\Addition.txt
    2016-07-30 00:05 - 2016-07-30 22:16 - 00016764 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-07-30 22:16 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-30 00:12 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 17:43 - 2016-07-29 17:43 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-07-30 14:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-07-30 12:31 - 00218438 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-30 12:39 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-28 23:50 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-30 21:38 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-30 21:20 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-30 21:20 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-30 14:21 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-07-30 14:20 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-07-30 14:20 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-07-30 14:19 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Local\Skype
    2016-07-30 12:52 - 2014-12-29 20:56 - 00000000 ____D C:\ProgramData\Skype
    2016-07-30 12:10 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Skype
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 18:23 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-29 17:43 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-07-29 17:42 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:46 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-11 00:55 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================
    Addition 
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-07-30 22:16:29)
    Running from C:\Users\Garrett\Downloads
    Windows 8 Pro (X64) (2014-06-21 18:49:11)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-3463171804-1537994893-3906066650-500 - Administrator - Disabled)
    Garrett (S-1-5-21-3463171804-1537994893-3906066650-1001 - Administrator - Enabled) => C:\Users\Garrett
    Guest (S-1-5-21-3463171804-1537994893-3906066650-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3463171804-1537994893-3906066650-1005 - Limited - Enabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
    cFosSpeed v10.10 (HKLM\...\cFosSpeed) (Version: 10.10 - cFos Software GmbH, Bonn)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)
    Discord (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Discord) (Version: 0.0.294 - Hammer & Chisel, Inc.)
    DuelystLauncher (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\launcher) (Version: 0.0.9 - Counterplay Games Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    H&R Block Basic + Efile 2015 (HKLM-x32\...\{7BDAAEFD-7F67-4484-BED2-BEB6FE7FB216}) (Version: 15.02.8101 - HRB Technology, LLC.)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.15.0 - Aequus Gaming Ltd.)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft OneDrive (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
    MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
    Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
    Overwolf (HKLM-x32\...\Overwolf) (Version: 0.96.218.0 - Overwolf Ltd.)
    Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.12.0 - Ralink)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
    SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
    Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
    Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {27FBBEEB-D28D-484B-BE67-62A925F382AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-30] (AVAST Software)
    Task: {29B9592C-6824-455A-8358-A02B64BA893B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {7E2C533A-9D61-4F01-97E0-E40CC4F810B3} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://localhost:1487/cfosspeed/console.htm"
    Task: {91591083-0BA9-4B83-8746-D14093D3CF4D} - System32\Tasks\SafeZone scheduled Autoupdate 1469904658 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software)
    Task: {BC116B57-75A7-4005-A574-AADA96470EB8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-07-30] (AVAST Software)
    Task: {C6AA87E4-732B-48C3-B911-0E9487956B24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\Garrett\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe (Google Inc.) -> --profile-directory="Profile 1"
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2014-11-21 21:44 - 2016-03-20 14:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-07-02 18:49 - 2014-07-02 18:49 - 00175120 _____ () C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2016-07-30 12:49 - 2016-07-30 12:49 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16073000\algo.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2016-06-12 17:12 - 2016-04-29 14:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
    2016-07-08 21:31 - 2016-07-08 19:06 - 02317904 _____ () C:\Program Files (x86)\Steam\video.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2016-06-12 17:12 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2016-06-12 17:12 - 2016-02-08 17:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2016-07-08 21:31 - 2016-07-08 19:06 - 00829520 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-07-17 08:35 - 2016-07-17 08:35 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.96.218.0\libcef.DLL
    2016-07-29 17:42 - 2016-07-29 14:20 - 01950392 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\ffmpeg.dll
    2016-07-29 18:22 - 2016-07-29 18:22 - 01043640 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_voice\discord_voice.node
    2016-07-29 18:22 - 2016-07-29 18:23 - 03784376 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_voice\libdiscord.dll
    2016-07-29 18:22 - 2016-07-29 18:22 - 00887992 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_utils\discord_utils.node
    2016-07-29 18:22 - 2016-07-29 18:22 - 00775864 _____ () \\?\C:\Users\Garrett\AppData\Roaming\discord\0.0.294\modules\discord_toaster\discord_toaster.node
    2016-07-11 23:42 - 2016-03-09 00:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll
    2015-10-31 21:05 - 2011-05-04 19:53 - 01058664 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
    2016-07-30 12:30 - 2016-07-30 12:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2016-06-26 19:09 - 2016-06-14 13:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2016-07-29 17:42 - 2016-07-29 14:20 - 02230456 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\libglesv2.dll
    2016-07-29 17:42 - 2016-07-29 14:20 - 00088760 _____ () C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\libegl.dll
    2016-06-17 16:24 - 2016-06-15 03:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
    2016-06-17 16:24 - 2016-06-15 03:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\100sexlinks.com -> 100sexlinks.com
     
    There are 4788 more sites.
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2012-07-25 23:26 - 2016-07-27 21:37 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       down.baidu2016.com
    127.0.0.1       123.sogou.com
    127.0.0.1       www.czzsyzgm.com
    127.0.0.1       www.czzsyzxl.com
    127.0.0.1       union.baidu2019.com
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Garrett\Downloads\downloaded.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AdvancedSystemCareService7 => 2
    MSCONFIG\Services: cFosSpeedS => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: IMFservice => 2
    MSCONFIG\Services: LiveUpdateSvc => 2
    MSCONFIG\Services: PnkBstrA => 2
    MSCONFIG\Services: SkypeUpdate => 2
    HKLM\...\StartupApproved\Run: => "cFosSpeed"
    HKLM\...\StartupApproved\Run: => "niels"
    HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
    HKLM\...\StartupApproved\Run32: => "RaidCall"
    HKLM\...\StartupApproved\Run32: => "Raptr"
    HKLM\...\StartupApproved\Run32: => "StartCCC"
    HKLM\...\StartupApproved\Run32: => "binging"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "FreeDownloadmanager.exe"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "sartain.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "tascmgr.exe.lnk"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "EADM"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DriverMax"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "MK LOL"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "WTFast Tray"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "uTorrent"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "jacks"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "mountaineering"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "vim"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "cooperations"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [{E605FEB1-5A37-4BB5-B169-0099E2F19F0E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BB8C5779-CAA3-4B96-AC61-1066A0DDD4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{F2FD3AE6-3323-4326-98E5-0B0C332C7EFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{ABF1E5E1-D34D-4FAD-B3B7-924C3F86004F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{58B49DF0-F3DD-4B3C-BB18-6840FCB0B2D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
     
    ==================== Restore Points =========================
     
    28-07-2016 16:18:51 Removed Oracle VM VirtualBox 5.0.4
    28-07-2016 16:23:23 Removed Apple Application Support (64-bit)
    28-07-2016 16:25:14 Removed Apple Software Update
    28-07-2016 17:10:55 Removed Cisco EAP-FAST Module
    28-07-2016 17:11:28 Removed Cisco LEAP Module
    28-07-2016 17:11:41 Removed Cisco PEAP Module
    28-07-2016 17:14:20 Removed LogMeIn Hamachi
    29-07-2016 23:52:36 JRT Pre-Junkware Removal
    30-07-2016 12:48:42 ASU_MSI_TRAN
     
    ==================== Faulty Device Manager Devices =============
     
    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: Microsoft Teredo Tunneling Adapter
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (07/30/2016 09:34:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1023) (User: )
    Description: rdyboost4
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: LsaC:\Windows\System32\Secur32.dll4
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: ESENTC:\Windows\system32\esentprf.dll4
     
    Error: (07/30/2016 02:21:17 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: BITSC:\Windows\System32\bitsperf.dll4
     
    Error: (07/30/2016 02:21:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=NetworkAvailable
     
    Error: (07/30/2016 02:21:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) failed with the following error code:
    hr=0x8007007B
    Command-line arguments:
    RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a98bcd6d-5343-4603-8afe-5908e4611112;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
     
    Error: (07/30/2016 02:21:04 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
     
     
    System errors:
    =============
    Error: (07/30/2016 12:21:18 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0
     
    Error: (07/30/2016 12:14:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The LiveUpdate service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/30/2016 12:14:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The ApppaznoR service failed to start due to the following error: 
    %%2 = The system cannot find the file specified.
     
     
    Error: (07/30/2016 12:14:05 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
    Description: 0xc000014d0
     
    Error: (07/30/2016 12:13:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Installer service failed to start due to the following error: 
    %%1069 = The service did not start due to a logon failure.
     
     
    Error: (07/30/2016 12:13:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
    Description: The msiserver service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
    %%50 = The request is not supported.
     
     
    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The RalinkRegistryWriter64 service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The BlueStacks Android Service  service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (07/30/2016 12:12:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
    Percentage of memory in use: 51%
    Total physical RAM: 3965.61 MB
    Available physical RAM: 1929 MB
    Total Virtual: 7483.61 MB
    Available Virtual: 4940.28 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:148.81 GB) (Free:21.83 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 834AE775)
    Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=148.8 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================
    Problem persists

    • 0

    #9
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP
    That worked better this time.
     
    Copy the next line:
     
    DISM /Online /Cleanup-Image /RestoreHealth
     
    Open an Elevated Command Prompt (See: http://www.eightforu...indows-8-a.html )
     
    Right click and Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.
     
    When it finishes (takes about 15 minutes). 
     
     Reboot.  
     
    Open an Elevated Command Prompt again and type
     
     
    sfc /scannow
    and Hit Enter.  This takes about 10 minutes for the prompt to return.
     
    Copy the next lne:
     
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
     
     
    Hit Enter.  Now Type:
     
     
    notepad \junk.txt

     

     

     
     
    Hit Enter.  Notepad should open.  Copy the text and paste it into a reply.
     
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
     

    • 0

    #10
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    Junk text file was empty 

    VEW: 

    Vino's Event Viewer v01c run on Windows 7 in English
    Report run at 31/07/2016 11:00:29 AM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 30/07/2016 6:12:21 AM
    Type: Critical Category: 64
    Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
    The device Windows Location Provider (location (unknown)) is offline due to a user-mode driver crash.  Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process.  Please contact the device manufacturer for more information about this problem.
     
    Log: 'System' Date/Time: 30/07/2016 6:12:21 AM
    Type: Critical Category: 64
    Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
    A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 31/07/2016 5:43:42 AM
    Type: Error Category: 0
    Event: 6 Source: Microsoft-Windows-Kernel-General
    An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
     
    Log: 'System' Date/Time: 31/07/2016 5:10:26 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:10:26 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:06:07 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:06:07 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:06:07 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:06:07 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:04:52 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 31/07/2016 5:04:51 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Garrettpc\Garrett SID (S-1-5-21-3463171804-1537994893-3906066650-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 30/07/2016 6:21:18 PM
    Type: Error Category: 0
    Event: 6 Source: Microsoft-Windows-Kernel-General
    An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
     
    Log: 'System' Date/Time: 30/07/2016 6:14:30 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The LiveUpdate service failed to start due to the following error:  The system cannot find the file specified.
     
    Log: 'System' Date/Time: 30/07/2016 6:14:22 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The ApppaznoR service failed to start due to the following error:  The system cannot find the file specified.
     
    Log: 'System' Date/Time: 30/07/2016 6:14:05 AM
    Type: Error Category: 0
    Event: 6 Source: Microsoft-Windows-Kernel-General
    An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
     
    Log: 'System' Date/Time: 30/07/2016 6:13:24 AM
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The Windows Installer service failed to start due to the following error:  The service did not start due to a logon failure.
     
    Log: 'System' Date/Time: 30/07/2016 6:13:24 AM
    Type: Error Category: 0
    Event: 7038 Source: Service Control Manager
    The msiserver service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported.  To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
     
    Log: 'System' Date/Time: 30/07/2016 6:12:38 AM
    Type: Error Category: 0
    Event: 7031 Source: Service Control Manager
    The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Log: 'System' Date/Time: 30/07/2016 6:12:38 AM
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The RalinkRegistryWriter64 service terminated unexpectedly.  It has done this 1 time(s).
     
    Log: 'System' Date/Time: 30/07/2016 6:12:38 AM
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The BlueStacks Android Service  service terminated unexpectedly.  It has done this 1 time(s).
     
    Log: 'System' Date/Time: 30/07/2016 6:12:38 AM
    Type: Error Category: 0
    Event: 7031 Source: Service Control Manager
    The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Log: 'System' Date/Time: 30/07/2016 6:12:38 AM
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The RalinkRegistryWriter service terminated unexpectedly.  It has done this 1 time(s).
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 31/07/2016 7:35:38 AM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
     
    Log: 'System' Date/Time: 31/07/2016 7:34:05 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
     
    Log: 'System' Date/Time: 31/07/2016 5:44:08 AM
    Type: Warning Category: 0
    Event: 27 Source: e1kexpress
    Intel® 82567LM-3 Gigabit Network Connection  Network link is disconnected. 
     
    Log: 'System' Date/Time: 31/07/2016 5:21:02 AM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name vl.ff.avast.com timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 30/07/2016 9:50:05 PM
    Type: Warning Category: 0
    Event: 27 Source: e1kexpress
    Intel® 82567LM-3 Gigabit Network Connection  Network link is disconnected. 
     
    Log: 'System' Date/Time: 30/07/2016 8:20:58 PM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
     
    Log: 'System' Date/Time: 30/07/2016 8:19:23 PM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
     
    Log: 'System' Date/Time: 30/07/2016 6:29:35 PM
    Type: Warning Category: 0
    Event: 15300 Source: Microsoft-Windows-HttpEvent
    SSL Certificate Settings deleted for endpoint : [::1]:26143 .
     
    Log: 'System' Date/Time: 30/07/2016 6:29:35 PM
    Type: Warning Category: 0
    Event: 15300 Source: Microsoft-Windows-HttpEvent
    SSL Certificate Settings deleted for endpoint : 127.0.0.1:26143 .
     
    Log: 'System' Date/Time: 30/07/2016 6:07:54 PM
    Type: Warning Category: 0
    Event: 27 Source: e1kexpress
    Intel® 82567LM-3 Gigabit Network Connection  Network link is disconnected. 
     
    Log: 'System' Date/Time: 30/07/2016 7:07:18 AM
    Type: Warning Category: 0
    Event: 1073 Source: User32
    The attempt by user Garrettpc\Garrett to restart/shutdown computer GARRETTPC failed
     
    Log: 'System' Date/Time: 30/07/2016 6:59:14 AM
    Type: Warning Category: 0
    Event: 1073 Source: User32
    The attempt by user Garrettpc\Garrett to restart/shutdown computer GARRETTPC failed
     
    Log: 'System' Date/Time: 30/07/2016 6:45:36 AM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name cm.g.doubleclick.net timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 30/07/2016 6:15:25 AM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
     
    Log: 'System' Date/Time: 30/07/2016 6:14:25 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
     
    Log: 'System' Date/Time: 30/07/2016 5:41:56 AM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name stats.g.doubleclick.net timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 30/07/2016 2:06:36 AM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
     
    Log: 'System' Date/Time: 30/07/2016 2:05:35 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
     
    Log: 'System' Date/Time: 30/07/2016 12:22:16 AM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
     
    Log: 'System' Date/Time: 30/07/2016 12:21:11 AM
    Type: Warning Category: 0
    Event: 11 Source: Microsoft-Windows-Wininit
    Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    I think I want to run one more fixlist to remove these:

     

    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
     
    Everywhere I look I see them being removed so I assume it's malware but I would like to be sure.
     
    Let's submit
    C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs
     
    to Virustotal.com and get 50 some opinions.
     
     
    Easiest way to submit a file is to copy the path:
     
    C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs
     
     
    Then
    Go to virustotal.com with your browser.  Click on Choose File then when the file chooser window opens, move down to the File Name: box and then Ctrl + v and the path should appear.  Hit Open and it should return to the main page with fea623cac58fb3b475f1.rs chosen.  Click on Scan it.  If it knows the file already it will tell you it's already been analyzed and offer you a choice of Reanalyze and View Last Analysis.  In that case click on View Last Analysis.  If it doesn't know the file it will take a minute to query 50 some different anti-virus companies.  In either case, If the Detection ratio: is not 0 / 50+ then copy the Analysis page and paste it into the forum.  You can just hit Ctrl + a then Ctrl + c to copy the page then go to a reply and Ctrl + v.
     
    If it says it can't find the file then tell windows not to hide it:
     
    Then try it again.  
     
    The following fixlist will remove the two lines if virustotal says they are dirty:
     
     
     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   770bytes   47 downloads
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  No need to check Addition.txt this time. hit Scan.  Post the log
     
    Are you still seeing your original problem?
     
     
     
     
     

    • 0

    #12
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts
    Virus total SHA256: c4f3a73c4d8b1398d1149b1323af22f17561966870e8dd6d4cd7ceffbca5c310 File name: Algorithm dpi mca monochrome apache lun multi-core Detection ratio: 7 / 55 Analysis date: 2016-07-25 17:08:41 UTC ( 6 days, 9 hours ago )

    Antivirus Result Update Ad-Aware   20160725 AegisLab Virus.W32.Dh{Gvqj?}!c 20160725 AhnLab-V3   20160725 Alibaba   20160725 ALYac   20160725 Antiy-AVL Trojan/Win32.TSGeneric 20160725 Arcabit   20160725 Avast   20160725 AVG Win32/DH{gVQj?} 20160725 Avira (no cloud)   20160725 AVware   20160725 Baidu   20160725 BitDefender   20160725 Bkav   20160725 CAT-QuickHeal   20160725 ClamAV   20160725 CMC   20160725 Comodo   20160725 Cyren   20160725 DrWeb   20160725 Emsisoft   20160725 eScan   20160725 ESET-NOD32   20160725 F-Prot   20160725 F-Secure   20160725 Fortinet W64/Blocrypt.Q!tr.dldr 20160725 GData   20160725 Ikarus Win32.SuspectCrc 20160725 Jiangmin   20160725 K7AntiVirus   20160725 K7GW   20160725 Kaspersky   20160725 Kingsoft   20160725 Malwarebytes   20160725 McAfee Artemis!47D4824B8202 20160721 McAfee-GW-Edition Artemis 20160725 Microsoft   20160725 NANO-Antivirus   20160725 nProtect   20160725 Panda   20160725 Qihoo-360   20160725 Sophos   20160725 SUPERAntiSpyware   20160725 Symantec   20160725 Tencent   20160725 TheHacker   20160724 TotalDefense   20160725 TrendMicro   20160725 TrendMicro-HouseCall   20160725 VBA32   20160725 VIPRE   20160725 ViRobot   20160725 Yandex   20160724 Zillya   20160724 Zoner

    fixlog:

    Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-07-31 20:47:05) Run:3
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
     
    *****************
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WinResSync => value removed successfully
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WinResSync => value removed successfully
     
    ==== End of Fixlog 20:47:05 ====
    FRST:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (31-07-2016 20:47:47)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper64.exe
    () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.24\deploy\LoLLauncher.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.64\deploy\LoLPatcher.exe
    () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.207\deploy\LolClient.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Service.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-Network.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-BlockDevice.exe
    (BlueStack Systems) C:\Program Files (x86)\Bluestacks\HD-SharedFolder.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-07-30] (AVAST Software)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [425064 2016-02-12] (CyberGhost S.R.L.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-30] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30] (AVAST Software)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-30]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> search.mpc.am
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Avast Online Security (BETA)) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-07-31]
    CHR Extension: (Avast SafePrice) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Avast Online Security) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-30]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-07-30] (AVAST Software)
    R3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-02-12] (CyberGhost S.R.L)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-30] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-07-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-30] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-07-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-07-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-07-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-07-30] (AVAST Software)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    R3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-31] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-31 20:47 - 2016-07-31 20:47 - 00001042 _____ C:\Users\Garrett\Downloads\Fixlog.txt
    2016-07-31 16:41 - 2016-07-31 16:42 - 00000000 _____ C:\junk.txt
    2016-07-31 11:00 - 2016-07-31 11:00 - 00014383 _____ C:\VEW.txt
    2016-07-31 10:53 - 2016-07-31 10:53 - 00061440 _____ ( ) C:\Users\Garrett\Downloads\VEW.exe
    2016-07-30 22:59 - 2016-07-30 23:20 - 00000000 ____D C:\Users\Garrett\AppData\Local\CyberGhost
    2016-07-30 22:58 - 2016-07-30 22:59 - 00000000 ____D C:\Program Files\CyberGhost 5
    2016-07-30 22:58 - 2016-07-30 22:58 - 00001741 _____ C:\Users\Garrett\Desktop\CyberGhost 5.lnk
    2016-07-30 22:58 - 2016-07-30 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
    2016-07-30 22:50 - 2016-07-30 22:51 - 09447560 _____ (CyberGhost S.R.L. ) C:\Users\Garrett\Downloads\CG_5.5.1.342961.exe
    2016-07-30 22:47 - 2016-07-30 22:47 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (4).exe
    2016-07-30 15:47 - 2016-07-30 15:47 - 00000000 ____D C:\Users\Garrett\Downloads\ProcessExplorer
    2016-07-30 12:52 - 2016-07-30 12:52 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469904658
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-07-30 12:49 - 2016-07-30 12:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2016-07-30 12:47 - 2016-07-30 12:47 - 00013848 _____ C:\Users\Garrett\Desktop\21234.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00108212 _____ C:\Users\Garrett\Desktop\212.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00027661 _____ C:\Users\Garrett\Desktop\2123.txt
    2016-07-30 12:31 - 2016-07-30 12:31 - 00001935 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-30 12:30 - 2016-07-31 09:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2016-07-30 12:30 - 2016-07-30 12:30 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-07-30 12:30 - 2016-07-30 12:30 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-07-30 12:30 - 2016-07-30 12:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-07-30 12:23 - 2016-07-30 12:49 - 00000000 ____D C:\Program Files\AVAST Software
    2016-07-30 12:21 - 2016-07-30 12:49 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-07-30 12:20 - 2016-07-30 12:20 - 06319040 _____ (AVAST Software) C:\Users\Garrett\Downloads\avast_free_antivirus_setup_online.exe
    2016-07-30 00:06 - 2016-07-30 22:16 - 00026944 _____ C:\Users\Garrett\Downloads\Addition.txt
    2016-07-30 00:05 - 2016-07-31 20:47 - 00018170 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-07-31 20:47 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-30 00:12 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 17:43 - 2016-07-29 17:43 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-07-31 19:39 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-07-31 19:37 - 00237284 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-30 12:39 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-30 22:35 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-07-31 19:37 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-31 16:29 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-07-31 16:29 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-07-31 16:28 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-07-31 16:28 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-31 16:26 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-31 12:47 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-31 11:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-31 11:45 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-30 23:19 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett\AppData\Local\VirtualStore
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Local\Skype
    2016-07-30 12:52 - 2014-12-29 20:56 - 00000000 ____D C:\ProgramData\Skype
    2016-07-30 12:10 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Skype
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 18:23 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-29 17:43 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-07-29 17:42 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================
    Problem persists

    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    The fix didn't work.  It came right back.  Let's try one more time.  This time we will remove the folder the thing is in.

     

     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   1.39KB   45 downloads
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  No need to check Addition.txt this time. hit Scan.  Post the log
     

    • 0

    #14
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (01-08-2016 16:19:30)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper64.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-07-30] (AVAST Software)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [425064 2016-02-12] (CyberGhost S.R.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-30] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30] (AVAST Software)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-30]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> search.mpc.am
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Avast Online Security (BETA)) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-07-31]
    CHR Extension: (Avast SafePrice) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Avast Online Security) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-30]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-07-30] (AVAST Software)
    S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-02-12] (CyberGhost S.R.L)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-30] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-07-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-30] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-07-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-07-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-07-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-07-30] (AVAST Software)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-01] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-08-01 15:39 - 2016-08-01 15:39 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-08-01 15:30 - 2016-08-01 15:32 - 00002027 _____ C:\Users\Garrett\Downloads\Fixlog.txt
    2016-07-31 16:41 - 2016-07-31 16:42 - 00000000 _____ C:\junk.txt
    2016-07-31 11:00 - 2016-07-31 11:00 - 00014383 _____ C:\VEW.txt
    2016-07-31 10:53 - 2016-07-31 10:53 - 00061440 _____ ( ) C:\Users\Garrett\Downloads\VEW.exe
    2016-07-30 22:59 - 2016-07-30 23:20 - 00000000 ____D C:\Users\Garrett\AppData\Local\CyberGhost
    2016-07-30 22:58 - 2016-07-30 22:59 - 00000000 ____D C:\Program Files\CyberGhost 5
    2016-07-30 22:58 - 2016-07-30 22:58 - 00001741 _____ C:\Users\Garrett\Desktop\CyberGhost 5.lnk
    2016-07-30 22:58 - 2016-07-30 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
    2016-07-30 22:50 - 2016-07-30 22:51 - 09447560 _____ (CyberGhost S.R.L. ) C:\Users\Garrett\Downloads\CG_5.5.1.342961.exe
    2016-07-30 22:47 - 2016-07-30 22:47 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (4).exe
    2016-07-30 15:47 - 2016-07-30 15:47 - 00000000 ____D C:\Users\Garrett\Downloads\ProcessExplorer
    2016-07-30 12:52 - 2016-07-30 12:52 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469904658
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-07-30 12:49 - 2016-07-30 12:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2016-07-30 12:47 - 2016-07-30 12:47 - 00013848 _____ C:\Users\Garrett\Desktop\21234.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00108212 _____ C:\Users\Garrett\Desktop\212.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00027661 _____ C:\Users\Garrett\Desktop\2123.txt
    2016-07-30 12:31 - 2016-07-30 12:31 - 00001935 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-30 12:30 - 2016-08-01 14:33 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2016-07-30 12:30 - 2016-07-30 12:30 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-07-30 12:30 - 2016-07-30 12:30 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-07-30 12:30 - 2016-07-30 12:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-07-30 12:23 - 2016-07-30 12:49 - 00000000 ____D C:\Program Files\AVAST Software
    2016-07-30 12:21 - 2016-07-30 12:49 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-07-30 12:20 - 2016-07-30 12:20 - 06319040 _____ (AVAST Software) C:\Users\Garrett\Downloads\avast_free_antivirus_setup_online.exe
    2016-07-30 00:06 - 2016-07-30 22:16 - 00026944 _____ C:\Users\Garrett\Downloads\Addition.txt
    2016-07-30 00:05 - 2016-08-01 16:19 - 00016331 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-08-01 16:19 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-30 00:12 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-08-01 15:48 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-08-01 15:39 - 00274950 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-30 12:39 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-31 23:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-08-01 15:42 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-08-01 15:39 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-08-01 15:39 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-08-01 15:38 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-08-01 15:36 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-08-01 15:36 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-08-01 15:32 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-08-01 15:32 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-31 16:26 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-31 12:47 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-31 11:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-31 11:45 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-30 23:19 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett\AppData\Local\VirtualStore
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Local\Skype
    2016-07-30 12:52 - 2014-12-29 20:56 - 00000000 ____D C:\ProgramData\Skype
    2016-07-30 12:10 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Skype
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
    Ran by Garrett (administrator) on GARRETTPC (01-08-2016 16:19:30)
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Platform: Windows 8 Pro (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
    (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
    (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
    (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    (CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
    (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper.exe
    (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.96.218.0\OverwolfHelper64.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Garrett\AppData\Local\Discord\app-0.0.295\Discord.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-07-30] (AVAST Software)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-07-17] ()
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-30] (Electronic Arts)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Discord] => C:\Users\Garrett\AppData\Local\Discord\app-0.0.294\Discord.exe [62385336 2016-07-29] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [425064 2016-02-12] (CyberGhost S.R.L.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-07-28]
    ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
    Tcpip\..\Interfaces\{EFB49E5B-3BF5-413D-AEBB-69CABA095F5A}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-30] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30] (AVAST Software)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Garrett\AppData\Roaming\Mozilla\Firefox\Profiles\n2ypuzqp.default
    FF DefaultSearchEngine: Bing 
    FF SelectedSearchEngine: Bing 
    FF SearchEngineOrder.3: Bing 
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Garrett\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [not found]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-30]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-30]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> search.mpc.am
    CHR StartupUrls: Profile 1 -> "search.mpc.am"
    CHR Profile: C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
    CHR Extension: (Google Docs) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
    CHR Extension: (Google Drive) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Google Search) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
    CHR Extension: (Avast Online Security (BETA)) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-07-31]
    CHR Extension: (Avast SafePrice) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
    CHR Extension: (Google Sheets) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
    CHR Extension: (Avast Online Security) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-30]
    CHR Extension: (Google Play Music) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
    CHR Extension: (Norton Identity Safe) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-21]
    CHR Extension: (Google Play) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-06-09]
    CHR Extension: (Momentum) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-07-06]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Garrett\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-07-30] (AVAST Software)
    S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
    R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
    S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
    R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH)
    R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-02-12] (CyberGhost S.R.L)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [232208 2016-06-14] (EasyAntiCheat Ltd)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-30] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-03-20] ()
    S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-30] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-07-30] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-30] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-07-30] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-07-30] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-07-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-07-30] (AVAST Software)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2014-06-21] (Advanced Micro Devices)
    S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
    S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 e1kexpress; C:\Windows\system32\DRIVERS\e1k63x64.sys [469264 2014-06-21] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-16] (REALiX™)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-01] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
    S3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2217616 2014-10-18] (MediaTek Inc.)
    S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-08-01 15:39 - 2016-08-01 15:39 - 00002183 _____ C:\Users\Garrett\Desktop\Discord.lnk
    2016-08-01 15:30 - 2016-08-01 15:32 - 00002027 _____ C:\Users\Garrett\Downloads\Fixlog.txt
    2016-07-31 16:41 - 2016-07-31 16:42 - 00000000 _____ C:\junk.txt
    2016-07-31 11:00 - 2016-07-31 11:00 - 00014383 _____ C:\VEW.txt
    2016-07-31 10:53 - 2016-07-31 10:53 - 00061440 _____ ( ) C:\Users\Garrett\Downloads\VEW.exe
    2016-07-30 22:59 - 2016-07-30 23:20 - 00000000 ____D C:\Users\Garrett\AppData\Local\CyberGhost
    2016-07-30 22:58 - 2016-07-30 22:59 - 00000000 ____D C:\Program Files\CyberGhost 5
    2016-07-30 22:58 - 2016-07-30 22:58 - 00001741 _____ C:\Users\Garrett\Desktop\CyberGhost 5.lnk
    2016-07-30 22:58 - 2016-07-30 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
    2016-07-30 22:50 - 2016-07-30 22:51 - 09447560 _____ (CyberGhost S.R.L. ) C:\Users\Garrett\Downloads\CG_5.5.1.342961.exe
    2016-07-30 22:47 - 2016-07-30 22:47 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (4).exe
    2016-07-30 15:47 - 2016-07-30 15:47 - 00000000 ____D C:\Users\Garrett\Downloads\ProcessExplorer
    2016-07-30 12:52 - 2016-07-30 12:52 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469904658
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
    2016-07-30 12:52 - 2016-07-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-07-30 12:49 - 2016-07-30 12:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
    2016-07-30 12:47 - 2016-07-30 12:47 - 00013848 _____ C:\Users\Garrett\Desktop\21234.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00108212 _____ C:\Users\Garrett\Desktop\212.txt
    2016-07-30 12:46 - 2016-07-30 12:46 - 00027661 _____ C:\Users\Garrett\Desktop\2123.txt
    2016-07-30 12:31 - 2016-07-30 12:31 - 00001935 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2016-07-30 12:31 - 2016-07-30 12:31 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-30 12:30 - 2016-08-01 14:33 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2016-07-30 12:30 - 2016-07-30 12:30 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2016-07-30 12:30 - 2016-07-30 12:30 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2016-07-30 12:30 - 2016-07-30 12:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
    2016-07-30 12:30 - 2016-07-30 12:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2016-07-30 12:23 - 2016-07-30 12:49 - 00000000 ____D C:\Program Files\AVAST Software
    2016-07-30 12:21 - 2016-07-30 12:49 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-07-30 12:20 - 2016-07-30 12:20 - 06319040 _____ (AVAST Software) C:\Users\Garrett\Downloads\avast_free_antivirus_setup_online.exe
    2016-07-30 00:06 - 2016-07-30 22:16 - 00026944 _____ C:\Users\Garrett\Downloads\Addition.txt
    2016-07-30 00:05 - 2016-08-01 16:19 - 00016331 _____ C:\Users\Garrett\Downloads\FRST.txt
    2016-07-30 00:04 - 2016-08-01 16:19 - 00000000 ____D C:\FRST
    2016-07-30 00:03 - 2016-07-30 00:03 - 02394112 _____ (Farbar) C:\Users\Garrett\Downloads\FRST64.exe
    2016-07-29 23:56 - 2016-07-29 23:56 - 00003225 _____ C:\Users\Garrett\Desktop\JRT.txt
    2016-07-29 23:45 - 2016-07-30 00:12 - 00000000 ____D C:\AdwCleaner
    2016-07-29 23:44 - 2016-07-29 23:45 - 01744384 _____ (Farbar) C:\Users\Garrett\Downloads\FRST.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 03712064 _____ C:\Users\Garrett\Downloads\AdwCleaner.exe
    2016-07-29 23:44 - 2016-07-29 23:44 - 01610560 _____ (Malwarebytes) C:\Users\Garrett\Downloads\JRT.exe
    2016-07-29 22:55 - 2016-07-29 22:55 - 00028040 _____ C:\Users\Garrett\Documents\gn post day 2.veg
    2016-07-29 22:54 - 2016-07-29 22:54 - 95251337 _____ C:\Users\Garrett\Documents\gn post day 2.mp4
    2016-07-29 22:43 - 2016-07-29 22:43 - 00028768 _____ C:\Users\Garrett\Documents\gn post day 2.veg.bak
    2016-07-29 22:34 - 2016-07-29 22:36 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official.mp3.sfk
    2016-07-29 21:00 - 2016-07-29 21:01 - 00254696 _____ C:\Users\Garrett\Downloads\Crystal Castles TRANSGENDER Official (1).mp3.sfk
    2016-07-29 18:21 - 2016-07-29 18:21 - 00280600 _____ C:\Windows\Minidump\072916-17799-01.dmp
    2016-07-29 15:59 - 2016-07-29 15:59 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-f4ae9b3c336647dc8d4cfde86f468c48.mp4
    2016-07-29 12:37 - 2016-07-29 12:38 - 00280600 _____ C:\Windows\Minidump\072916-17440-01.dmp
    2016-07-29 12:25 - 2016-07-29 12:25 - 59589267 _____ C:\Users\Garrett\Documents\YouTube-af3e4c3484fc4339b2d4dcdb16f09bad.mp4
    2016-07-29 12:16 - 2016-07-29 12:16 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg
    2016-07-29 12:15 - 2016-07-29 12:15 - 00956965 _____ C:\Users\Garrett\Documents\YouTube-1e75dfbe878b4fd091d7df044400016b.mp4
    2016-07-29 12:11 - 2016-07-29 12:11 - 00014040 _____ C:\Users\Garrett\Documents\gnafsa.veg.bak
    2016-07-29 12:09 - 2016-07-29 12:09 - 00048650 _____ C:\Users\Garrett\Documents\YouTube-45fc204cee30495b8cddf006a0026ad7.mp4
    2016-07-29 12:04 - 2016-07-29 12:07 - 00785048 _____ C:\Users\Garrett\Downloads\Iron and Wine - The Trapeze Swinger (not the video).mp3.sfk
    2016-07-29 01:17 - 2016-07-29 01:17 - 00280600 _____ C:\Windows\Minidump\072916-25771-01.dmp
    2016-07-29 00:54 - 2016-07-29 00:54 - 12001589 _____ C:\Users\Garrett\Documents\YouTube-a163cd6cc7c441e5834d02d7bdb3495e.mp4
    2016-07-29 00:47 - 2016-07-29 00:47 - 00020592 _____ C:\Users\Garrett\Documents\gnpost.veg
    2016-07-29 00:45 - 2016-07-29 00:45 - 00020752 _____ C:\Users\Garrett\Documents\gnpost.veg.bak
    2016-07-29 00:37 - 2016-07-29 00:37 - 00016888 _____ C:\Users\Garrett\Documents\Untitled.veg
    2016-07-29 00:25 - 2016-07-29 00:25 - 02324633 _____ C:\Users\Garrett\Documents\YouTube-6c738b0d3c4846f6b38d2750d677fb2e.mp4
    2016-07-29 00:04 - 2016-07-29 00:22 - 00268928 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4.sfk
    2016-07-28 23:55 - 2016-07-29 00:00 - 69126903 _____ C:\Users\Garrett\Downloads\Relaxing Trippy [bleep].mp4
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-28 23:53 - 2016-07-28 23:53 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 17:55 - 2016-07-28 17:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\ElevatedDiagnostics
    2016-07-28 17:35 - 2016-07-28 17:35 - 00280600 _____ C:\Windows\Minidump\072816-26130-01.dmp
    2016-07-28 16:19 - 2016-07-28 16:26 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-07-28 16:05 - 2016-07-28 16:05 - 00000000 ____D C:\Windows\CD95F661A5C444F5A6AAECDD91C24105.TMP
    2016-07-28 15:55 - 2016-07-28 15:55 - 00000000 ____D C:\Users\Garrett\Documents\ProcessExplorer
    2016-07-28 15:53 - 2016-07-28 15:53 - 01270466 _____ C:\Users\Garrett\Downloads\ProcessExplorer.zip
    2016-07-28 11:07 - 2016-07-28 11:07 - 00000000 ____D C:\Users\Garrett\Documents\cports
    2016-07-28 11:05 - 2016-07-28 11:05 - 00087612 _____ C:\Users\Garrett\Downloads\cports.zip
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\SUPERAntiSpyware.com
    2016-07-28 11:00 - 2016-07-28 11:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-07-28 10:58 - 2016-07-28 10:59 - 26733936 _____ (SUPERAntiSpyware) C:\Users\Garrett\Downloads\SUPERAntiSpyware.exe
    2016-07-27 23:45 - 2016-07-28 00:22 - 00001123 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-07-27 23:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-07-27 23:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-07-27 22:34 - 2016-08-01 15:48 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
    2016-07-27 22:20 - 2016-07-27 22:20 - 00000000 _____ C:\Users\Garrett\Documents\virtualmemoryPC.txt
    2016-07-27 22:18 - 2016-07-28 00:22 - 00000080 _____ C:\Users\Garrett\Desktop\Exµs T.lnk
    2016-07-27 22:15 - 2016-07-27 22:15 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
    2016-07-27 22:15 - 2016-07-27 22:15 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000217 _____ C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000163 _____ C:\ProgramData\VersionControl.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 00000054 _____ C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 00000047 _____ C:\ProgramData\country.txt
    2016-07-27 21:20 - 2016-07-27 21:20 - 00000000 __SHD C:\Windows\system32\%APPDATA%
    2016-07-27 21:06 - 2016-07-27 21:06 - 00449664 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-27 19:31 - 2016-07-27 19:31 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\c
    2016-07-27 19:28 - 2016-08-01 15:39 - 00274950 _____ C:\Windows\ntbtlog.txt
    2016-07-27 19:16 - 2016-07-27 19:16 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (3).exe
    2016-07-27 19:15 - 2016-07-27 19:15 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (2).exe
    2016-07-27 19:14 - 2016-07-27 19:15 - 02369536 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent (1).exe
    2016-07-27 19:14 - 2016-07-27 19:14 - 02530304 _____ (BitTorrent Inc.) C:\Users\Garrett\Downloads\uTorrent.exe
    2016-07-26 17:49 - 2016-07-26 17:49 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg
    2016-07-26 17:37 - 2016-07-26 17:37 - 01207010 _____ C:\Users\Garrett\Documents\YouTube-07fd51604aac44919f4cac121b7cb7de.mp4
    2016-07-26 17:33 - 2016-07-26 17:33 - 00029000 _____ C:\Users\Garrett\Documents\fasdf.veg.bak
    2016-07-26 17:33 - 2016-07-26 17:33 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-f4348f5847254d9a9e38bc66fb6599df.mp4
    2016-07-26 17:22 - 2016-07-26 17:22 - 00018679 _____ C:\Users\Garrett\Documents\YouTube-eecdfec5541a40ceb9a8353a9269f7f8.mp4
    2016-07-26 17:14 - 2016-07-26 17:14 - 00018679 _____ C:\Users\Garrett\Documents\Untitled.mp4
    2016-07-26 17:04 - 2016-07-26 17:04 - 00202812 _____ C:\Users\Garrett\Documents\Untitled.mxf
    2016-07-26 17:04 - 2016-07-26 17:04 - 00026400 _____ C:\Users\Garrett\Documents\Untitled.veg.bak
    2016-07-26 17:04 - 2016-07-26 17:04 - 00000082 _____ C:\Users\Garrett\Documents\Untitled.mxf.sfl
    2016-07-26 16:57 - 2016-07-26 16:59 - 00008344 _____ C:\Users\Garrett\Downloads\4-19 vs 4-20.mp3.sfk
    2016-07-26 16:27 - 2016-07-26 16:27 - 00000000 ____D C:\ProgramData\Sony
    2016-07-26 16:17 - 2016-07-26 17:04 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Sony
    2016-07-26 16:17 - 2016-07-26 16:38 - 00000000 ____D C:\Users\Garrett\AppData\Local\Sony
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001048 _____ C:\Users\Garrett\Desktop\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-28 00:22 - 00001036 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Vegas Pro 13.0 (64-bit).lnk
    2016-07-26 16:15 - 2016-07-26 16:26 - 00002039 _____ C:\Users\Garrett\Desktop\Exµs ™.lnk
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
    2016-07-26 16:15 - 2016-07-26 16:15 - 00000000 ____D C:\Program Files (x86)\Sony
    2016-07-26 16:14 - 2016-07-26 16:26 - 00000000 ____D C:\Program Files\Sony
    2016-07-26 16:10 - 2016-07-26 16:22 - 00000000 ____D C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked
    2016-07-26 16:07 - 2016-07-30 12:39 - 00000000 ____D C:\Program Files\WinZip
    2016-07-26 16:07 - 2016-07-28 16:13 - 00000000 ____D C:\ProgramData\WinZip
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2016-07-26 16:07 - 2016-07-28 00:22 - 00002282 _____ C:\Users\Public\Desktop\WinZip.lnk
    2016-07-26 16:07 - 2016-07-26 16:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\WinZip
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:07 - 2016-07-26 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
    2016-07-26 16:03 - 2016-07-26 16:03 - 00000000 ____D C:\ProgramData\UniqueId
    2016-07-26 16:02 - 2016-07-26 16:02 - 00706032 _____ (WinZip Computing, S.L.) C:\Users\Garrett\Downloads\winzip20-home.exe
    2016-07-26 15:30 - 2016-07-26 15:43 - 286932445 _____ C:\Users\Garrett\Desktop\S.V.P 13.0.310 (64-bit) PreCracked.zip
    2016-07-26 14:42 - 2016-07-26 14:42 - 04483454 _____ C:\Users\Garrett\Downloads\WARNING GRAPHIC Man Shoots Himself In Interrogation Room.mp4
    2016-07-26 14:37 - 2016-07-26 14:40 - 56480983 _____ C:\Users\Garrett\Downloads\All Cis People are Transphobic (And you're probably racist, too!).mp4
    2016-07-26 11:28 - 2016-07-26 11:28 - 01292420 _____ C:\Users\Garrett\Baby Secret Whispers Just To You.wav
    2016-07-26 11:25 - 2016-07-26 11:25 - 00272848 _____ C:\Users\Garrett\Downloads\Baby Secret Whispers Just to You.mp4
    2016-07-26 11:20 - 2016-07-26 11:20 - 00001691 _____ C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video.aup
    2016-07-26 11:20 - 2016-07-26 11:20 - 00000000 ____D C:\Users\Garrett\Downloads\keemstar alex is a stupid [bleep] video_data
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\Documents\FlashIntegro
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\VideoEditor
    2016-07-26 00:30 - 2016-07-26 00:30 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\FlashIntegro
    2016-07-26 00:30 - 2016-07-08 17:31 - 00071480 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter3.ax
    2016-07-26 00:30 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll
    2016-07-26 00:30 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
    2016-07-26 00:30 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2016-07-26 00:30 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
    2016-07-26 00:30 - 2004-07-03 20:08 - 00139264 _____ C:\Windows\SysWOW64\xvidvfw.dll
    2016-07-26 00:30 - 2004-07-03 19:59 - 00524288 _____ C:\Windows\SysWOW64\xvidcore.dll
    2016-07-26 00:30 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
    2016-07-26 00:30 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
    2016-07-26 00:30 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
    2016-07-26 00:30 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
    2016-07-26 00:30 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
    2016-07-26 00:30 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
    2016-07-26 00:30 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
    2016-07-26 00:30 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
    2016-07-26 00:30 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
    2016-07-26 00:30 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
    2016-07-26 00:27 - 2016-07-26 00:28 - 35576744 _____ (Flash-Integro LLC ) C:\Users\Garrett\Downloads\video_editor.exe
    2016-07-26 00:18 - 2016-07-26 00:18 - 50798872 _____ C:\Users\Garrett\Tyler 1 Singing Lost Boy.wav
    2016-07-25 23:36 - 2016-07-25 23:36 - 00016575 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.aup
    2016-07-25 23:36 - 2016-07-25 23:36 - 00000000 ____D C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy_data
    2016-07-25 23:30 - 2016-07-25 23:33 - 41332970 _____ C:\Users\Garrett\Downloads\Tyler 1 Singing Lost Boy.mp4
    2016-07-25 22:10 - 2016-07-01 22:32 - 00827864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-25 22:10 - 2016-07-01 22:32 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
    2016-07-25 22:00 - 2016-07-25 22:00 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-25 02:46 - 2015-03-27 02:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-07-25 02:46 - 2015-03-11 23:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2016-07-25 02:46 - 2015-03-11 21:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 22:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-07-25 02:02 - 2014-10-08 22:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2016-07-25 02:02 - 2014-10-08 21:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2016-07-25 01:49 - 2015-01-09 00:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2016-07-25 01:49 - 2015-01-08 23:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2016-07-25 01:45 - 2014-07-15 16:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2016-07-25 01:34 - 2015-10-01 07:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
    2016-07-25 01:34 - 2015-10-01 07:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-07-25 01:16 - 2014-04-16 12:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-07-24 23:11 - 2015-07-01 07:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 06:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-07-24 23:11 - 2015-07-01 05:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-07-24 23:11 - 2015-07-01 05:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-07-24 23:10 - 2015-11-16 10:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-07-24 23:10 - 2015-11-16 08:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2016-07-24 23:09 - 2015-07-13 15:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-07-24 23:09 - 2015-06-27 07:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-07-24 23:09 - 2015-06-27 07:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-07-24 23:08 - 2015-07-06 10:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2016-07-24 23:08 - 2015-07-06 08:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
    2016-07-24 23:08 - 2015-04-30 07:44 - 00478296 _____ C:\Windows\system32\locale.nls
    2016-07-24 23:08 - 2015-03-11 23:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-07-24 23:08 - 2015-03-04 00:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2016-07-24 23:08 - 2015-03-04 00:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2016-07-24 23:08 - 2015-03-04 00:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2016-07-24 23:08 - 2015-03-03 22:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2016-07-24 23:08 - 2015-03-03 22:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2016-07-24 23:08 - 2015-01-24 00:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2016-07-24 23:08 - 2015-01-23 23:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2016-07-24 23:08 - 2014-09-02 20:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2016-07-24 23:08 - 2014-09-02 20:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2016-07-24 23:06 - 2014-11-15 00:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-07-24 23:06 - 2014-11-14 23:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-07-24 23:06 - 2014-11-14 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 23:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2016-07-24 23:06 - 2014-11-14 21:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-07-24 23:06 - 2014-11-14 21:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-07-24 23:06 - 2014-11-14 21:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-07-24 23:05 - 2014-11-05 00:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-24 23:04 - 2014-11-05 00:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-24 23:04 - 2014-10-29 08:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-07-24 23:04 - 2014-08-28 00:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
    2016-07-24 23:03 - 2015-08-01 10:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 09:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-07-24 23:03 - 2015-08-01 07:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-07-24 23:03 - 2015-08-01 07:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-07-24 23:03 - 2015-07-30 07:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-30 07:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-07-24 23:03 - 2015-07-09 15:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 15:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2016-07-24 23:03 - 2015-07-09 14:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2016-07-24 23:03 - 2015-07-09 14:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2016-07-24 23:03 - 2015-04-12 23:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2016-07-24 23:03 - 2014-12-11 00:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2016-07-24 22:59 - 2014-06-17 17:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2016-07-24 22:59 - 2014-06-17 17:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2016-07-24 22:58 - 2015-09-02 07:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-07-24 22:58 - 2015-09-02 07:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2016-07-24 22:58 - 2015-08-05 07:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2016-07-24 22:58 - 2015-06-17 08:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2016-07-24 22:58 - 2015-06-17 07:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-07-24 22:58 - 2014-09-13 00:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-07-24 22:58 - 2014-09-02 20:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-07-24 22:58 - 2014-09-02 20:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-07-24 22:58 - 2014-08-28 22:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-28 00:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2016-07-24 22:58 - 2014-08-27 23:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
    2016-07-24 22:58 - 2014-07-24 07:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-07-24 22:57 - 2015-08-04 08:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 08:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-08-04 07:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-07-24 22:57 - 2015-08-04 07:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
    2016-07-24 22:57 - 2015-04-21 07:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-07-24 22:57 - 2015-02-24 01:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2016-07-24 22:57 - 2015-01-29 02:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2016-07-24 22:57 - 2015-01-29 00:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2016-07-24 22:57 - 2014-10-08 21:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2016-07-24 22:57 - 2014-10-08 21:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2016-07-24 22:57 - 2014-09-21 23:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-21 21:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
    2016-07-24 22:57 - 2014-09-17 17:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
    2016-07-24 22:57 - 2014-09-17 16:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
    2016-07-24 22:56 - 2015-12-08 09:16 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-07-24 22:56 - 2015-12-05 12:48 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-07-24 22:56 - 2014-07-11 22:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2016-07-24 22:56 - 2014-07-11 22:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2016-07-24 22:56 - 2014-07-11 22:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2016-07-24 22:56 - 2014-07-08 16:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2016-07-24 22:56 - 2014-07-08 16:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-07-24 22:56 - 2014-07-08 16:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2016-07-24 22:56 - 2014-07-08 16:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2016-07-24 22:56 - 2014-07-06 23:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2016-07-24 22:56 - 2014-07-04 04:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-07-24 22:56 - 2014-06-28 01:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2016-07-24 22:56 - 2014-06-28 00:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2016-07-24 22:56 - 2014-06-17 17:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2016-07-24 22:56 - 2014-06-17 17:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:01 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 15422976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 13723648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 03805696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02658304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-24 22:55 - 2015-12-14 18:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-24 22:55 - 2015-12-14 17:59 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-24 22:55 - 2015-11-07 06:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2016-07-24 22:55 - 2015-11-07 06:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2016-07-24 22:55 - 2015-11-07 03:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2016-07-24 22:55 - 2015-11-06 23:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2016-07-24 22:55 - 2015-09-18 07:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-24 22:55 - 2015-08-13 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-24 22:55 - 2015-08-13 04:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-24 22:55 - 2015-06-09 07:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-07-24 22:55 - 2015-05-27 20:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-07-24 22:55 - 2015-05-27 20:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 20:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-24 22:55 - 2015-05-27 18:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-24 22:55 - 2015-05-27 18:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-07-24 22:55 - 2015-05-27 18:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-07-24 22:55 - 2015-05-27 18:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-24 22:55 - 2015-05-27 17:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-24 22:55 - 2015-01-23 22:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-07-24 22:54 - 2014-12-08 00:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2016-07-24 22:54 - 2014-12-07 23:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2016-07-24 22:53 - 2016-06-25 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2016-07-24 22:53 - 2015-10-31 02:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-07-24 22:53 - 2015-10-31 01:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-07-24 22:53 - 2015-08-04 08:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-07-24 22:53 - 2015-08-04 07:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-07-24 22:53 - 2015-03-14 02:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-07-24 22:53 - 2015-03-14 00:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-07-24 22:53 - 2015-03-04 01:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2016-07-24 22:53 - 2015-03-04 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2016-07-24 22:53 - 2015-03-03 22:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-07-24 22:50 - 2015-06-15 09:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-07-24 22:50 - 2015-06-15 09:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-07-24 22:50 - 2015-05-08 17:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-07-24 22:50 - 2015-05-08 14:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-07-24 22:50 - 2014-10-11 01:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-07-24 22:50 - 2014-10-10 23:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-07-24 22:50 - 2014-06-12 17:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2016-07-24 22:50 - 2014-06-12 17:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2016-07-24 22:50 - 2014-06-05 11:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-07-24 22:49 - 2015-09-02 07:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-07-24 22:49 - 2015-09-02 07:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-07-24 22:49 - 2015-08-28 15:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-07-24 22:49 - 2015-08-27 12:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2016-07-24 22:49 - 2014-12-06 01:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2016-07-24 22:49 - 2014-12-06 00:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2016-07-24 22:48 - 2015-12-05 16:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 16:19 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-07-24 22:48 - 2015-12-05 08:49 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2016-07-24 22:48 - 2015-10-11 00:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-07-24 22:48 - 2015-10-11 00:45 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-07-24 22:48 - 2014-12-18 02:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2016-07-24 22:48 - 2014-12-18 00:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-07-24 22:48 - 2014-12-18 00:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2016-07-24 22:48 - 2014-12-06 01:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 01:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2016-07-24 22:48 - 2014-12-06 00:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2016-07-24 22:48 - 2014-12-06 00:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2016-07-24 22:48 - 2014-11-26 00:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-07-24 22:48 - 2014-11-25 22:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-07-24 22:45 - 2015-11-05 03:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2016-07-24 22:43 - 2015-09-23 07:10 - 00377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-07-24 22:43 - 2015-09-23 07:10 - 00332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-07-24 22:42 - 2016-06-25 12:28 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-24 22:42 - 2016-06-25 09:55 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-24 22:42 - 2016-06-25 09:55 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-24 22:42 - 2016-06-17 07:09 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-24 22:42 - 2016-06-04 03:42 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-07-24 22:42 - 2015-12-04 10:29 - 01636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 10:12 - 00253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-07-24 22:42 - 2015-12-04 08:55 - 00612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-07-24 22:42 - 2015-12-04 08:55 - 00324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 02615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 01150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2016-07-24 22:42 - 2015-12-04 08:52 - 01073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:52 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 01174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:51 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 02312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 01374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-07-24 22:42 - 2015-12-04 08:46 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2016-07-24 22:42 - 2015-12-04 08:46 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2016-07-24 22:42 - 2015-12-04 08:45 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
    2016-07-24 22:42 - 2015-12-04 08:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
    2016-07-24 22:42 - 2015-12-04 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
    2016-07-24 22:42 - 2015-12-03 13:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2016-07-24 22:42 - 2015-11-07 06:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 06:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-07-24 22:42 - 2015-11-07 03:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-07-24 22:42 - 2015-11-07 01:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-24 22:42 - 2015-11-06 23:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2016-07-24 22:42 - 2015-11-06 23:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2016-07-24 22:42 - 2015-11-06 23:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2016-07-24 22:42 - 2015-10-13 07:16 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2016-07-24 22:42 - 2015-10-13 07:16 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2016-07-24 22:42 - 2015-09-12 07:09 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
    2016-07-24 22:42 - 2014-12-06 01:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-07-24 22:42 - 2014-07-24 07:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-07-24 22:42 - 2014-07-16 17:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2016-07-24 22:42 - 2014-07-16 16:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2016-07-24 22:42 - 2014-07-12 00:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2016-07-24 22:42 - 2014-07-11 22:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-07-24 22:42 - 2014-07-11 22:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-07-24 22:42 - 2012-10-24 21:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-07-24 22:42 - 2012-10-24 21:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-07-24 22:42 - 2012-10-24 21:04 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-07-24 22:41 - 2015-07-15 10:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-07-24 22:41 - 2015-07-15 07:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2016-07-24 22:41 - 2014-12-18 22:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-07-24 22:40 - 2016-07-24 22:40 - 00002857 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00003003 _____ C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong..aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00001710 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].aup
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\oh whoops, oooh. i dropped my monster condom that i use for my magnum dong_data
    2016-07-24 22:39 - 2016-07-24 22:39 - 00000000 ____D C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic]_data
    2016-07-24 22:37 - 2015-08-01 08:50 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-07-24 22:37 - 2015-08-01 07:56 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-07-24 22:37 - 2015-03-04 01:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
    2016-07-24 22:37 - 2015-03-04 01:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
    2016-07-24 22:37 - 2015-03-04 00:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-07-24 22:37 - 2015-03-04 00:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-07-24 22:37 - 2015-03-03 22:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-24 22:37 - 2015-01-24 00:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2016-07-24 22:37 - 2015-01-23 23:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2016-07-24 22:37 - 2014-10-21 19:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2016-07-24 22:37 - 2014-10-21 19:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-07-24 22:36 - 2014-11-08 05:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2016-07-24 22:36 - 2014-11-08 00:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2016-07-24 22:35 - 2015-07-09 15:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2016-07-24 22:35 - 2015-07-09 14:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2016-07-24 22:35 - 2014-10-23 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2016-07-24 22:35 - 2014-10-23 05:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2016-07-24 22:32 - 2014-12-19 00:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-07-24 22:31 - 2015-12-30 17:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-07-24 22:31 - 2015-12-08 09:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-07-24 22:31 - 2015-12-08 09:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-07-24 22:31 - 2015-11-16 08:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-07-24 22:31 - 2015-11-16 08:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-07-24 22:31 - 2015-09-12 07:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
    2016-07-24 22:31 - 2015-09-12 07:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
    2016-07-24 22:31 - 2015-01-06 22:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-07-24 22:30 - 2015-11-16 08:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-07-24 22:30 - 2015-11-16 08:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-07-24 22:30 - 2015-11-16 08:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-07-24 22:30 - 2015-11-16 08:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-07-24 22:30 - 2015-11-16 08:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-07-24 22:30 - 2015-09-23 07:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-07-24 22:30 - 2015-09-22 11:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-07-24 22:30 - 2015-09-22 11:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2016-07-24 22:30 - 2015-06-25 12:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-07-24 22:30 - 2015-06-25 12:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-07-24 22:30 - 2015-05-02 00:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-07-24 22:30 - 2015-01-15 03:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-07-24 22:30 - 2015-01-15 03:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-07-24 22:30 - 2014-10-10 23:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-07-24 22:30 - 2014-10-10 23:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-07-24 22:29 - 2015-12-03 18:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2016-07-24 22:29 - 2015-12-03 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-07-22 16:09 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-07-24 22:29 - 2015-04-05 23:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2015-04-05 22:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-07-24 22:29 - 2014-06-02 16:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2016-07-24 22:28 - 2015-04-24 21:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2016-07-24 22:28 - 2015-04-24 17:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2016-07-24 22:28 - 2014-10-30 01:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-07-24 22:28 - 2014-10-29 23:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-07-24 22:27 - 2016-07-24 22:27 - 00003340 _____ C:\Users\Garrett\Documents\fn.wlmp
    2016-07-24 22:26 - 2016-07-24 22:26 - 00650216 _____ C:\Users\Garrett\Downloads\Dank meme (Trap Nation) #2 [by Autistic].mp4
    2016-07-24 22:19 - 2016-07-24 22:19 - 00958744 _____ C:\Users\Garrett\Dank meme (Trap Nation) #2 [by Autistic].wav
    2016-07-24 22:05 - 2016-07-26 00:53 - 00006253 _____ C:\Users\Garrett\Documents\My Movie.wlmp
    2016-07-24 21:51 - 2016-07-24 21:51 - 04325746 _____ C:\Users\Garrett\Dr. Mantis Toboggan
    2016-07-24 21:30 - 2016-07-24 21:30 - 00001218 _____ C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia.aup
    2016-07-24 21:30 - 2016-07-24 21:30 - 00000000 ____D C:\Users\Garrett\Downloads\Suicide is badass - Its always sunny in Philadelphia_data
    2016-07-24 21:22 - 2016-07-24 21:22 - 00000000 ____D C:\Users\Garrett\Downloads\Dr. Mantis Toboggan_data
    2016-07-24 21:16 - 2016-07-24 21:17 - 40439330 _____ C:\Users\Garrett\Downloads\Dr. Mantis Toboggan.mp4
    2016-07-24 19:57 - 2016-07-24 20:04 - 00003996 _____ C:\Users\Garrett\Documents\Im the trashman.wav.wlmp
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-07-24 19:44 - 2016-07-28 00:22 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2016-07-24 19:44 - 2016-07-24 19:44 - 00000000 ____D C:\Windows\en
    2016-07-24 19:43 - 2016-07-28 00:22 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2016-07-24 19:43 - 2016-07-28 00:22 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2016-07-24 19:43 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Windows\PCHEALTH
    2016-07-24 19:40 - 2016-07-24 19:40 - 00000000 ____D C:\Program Files\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:43 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00002226 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:39 - 2016-07-24 19:39 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2016-07-24 19:38 - 2016-07-28 00:22 - 00002292 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ___RD C:\Users\Garrett\OneDrive
    2016-07-24 19:38 - 2016-07-24 19:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-07-24 19:37 - 2016-07-27 21:11 - 00000000 ____D C:\Users\Garrett\AppData\Local\Windows Live
    2016-07-24 19:33 - 2016-07-24 19:33 - 01239752 _____ (Microsoft Corporation) C:\Users\Garrett\Downloads\wlsetup-web.exe
    2016-07-24 19:32 - 2016-07-28 00:22 - 00000827 _____ C:\Users\Garrett\Desktop\filmora_setup_full846.exe.lnk
    2016-07-24 19:27 - 2016-07-24 19:28 - 00000000 ____D C:\Users\Public\Documents\Wondershare
    2016-07-24 19:27 - 2016-07-24 19:27 - 01225872 _____ C:\Users\Garrett\Downloads\filmora_setup_full846.exe
    2016-07-24 19:08 - 2016-07-24 19:08 - 01283204 _____ C:\Users\Garrett\It's Always Sunny in Philadelphia - The Trashman.wav
    2016-07-24 19:07 - 2016-07-24 19:07 - 00002051 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman.aup
    2016-07-24 19:07 - 2016-07-24 19:07 - 00000000 ____D C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman_data
    2016-07-24 18:58 - 2016-07-24 19:00 - 63257620 _____ C:\Users\Garrett\Downloads\ScreenFlow-6.0.dmg
    2016-07-24 18:53 - 2016-07-24 18:53 - 01678241 _____ C:\Users\Garrett\Downloads\It's Always Sunny in Philadelphia - The Trashman 12.mp4
    2016-07-24 18:45 - 2016-07-24 18:45 - 00194152 _____ C:\Users\Garrett\Downloads\Suicide is badass  Its always sunny in Philadelphia.mp4
    2016-07-20 12:04 - 2016-07-20 12:04 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
    2016-07-20 11:59 - 2016-07-24 12:08 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
    2016-07-20 00:25 - 2016-07-20 00:25 - 00000000 ____D C:\Users\Garrett\AppData\LocalLow\Blizzard Entertainment
    2016-07-19 23:55 - 2016-07-20 00:02 - 119408891 _____ C:\Users\Garrett\Downloads\Dank Memes Vine Compilation V20.mp4
    2016-07-13 21:24 - 2016-07-13 21:24 - 00000000 _____ C:\Users\Garrett\Downloads\RHS Summer Band Calendar 2016.pdf
    2016-07-13 13:12 - 2016-07-13 13:12 - 00210676 _____ C:\Users\Garrett\Downloads\watch (1).htm
    2016-07-12 22:53 - 2016-07-12 22:54 - 01867610 _____ C:\Users\Garrett\Downloads\SpongePulp FictionPants 1 Storage.mp4
    2016-07-11 23:47 - 2016-07-11 23:48 - 00000000 ____D C:\Users\Garrett\.android
    2016-07-11 23:44 - 2016-07-11 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2016-07-11 23:43 - 2016-07-31 23:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
    2016-07-11 23:43 - 2016-07-28 00:22 - 00001809 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\ProgramData\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:43 - 00000000 ____D C:\Program Files (x86)\Bluestacks
    2016-07-11 23:42 - 2016-07-11 23:42 - 00000000 ____D C:\Users\Garrett\AppData\Local\Bluestacks
    2016-07-11 23:19 - 2016-07-11 23:40 - 277574656 _____ (BlueStack Systems Inc.) C:\Users\Garrett\Downloads\BlueStacks2_native_f291b1f4d87cb11673f50110fc6a180a.exe
    2016-07-06 09:53 - 2016-07-28 00:22 - 00001012 _____ C:\Users\Public\Desktop\LoL Summoner Info.lnk
    2016-07-06 09:53 - 2016-07-26 18:59 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-06 09:53 - 2016-07-06 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
    2016-07-06 08:51 - 2016-07-06 08:53 - 28037582 _____ (Aequus Gaming Ltd. ) C:\Users\Garrett\Downloads\LSI - LoL Summoner Information (v4.15.0) Setup.exe
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-08-01 15:42 - 2016-04-02 02:35 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-08-01 15:39 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2016-08-01 15:39 - 2016-05-22 09:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\discord
    2016-08-01 15:38 - 2016-05-22 09:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Discord
    2016-08-01 15:36 - 2015-10-24 09:23 - 00000000 ____D C:\Users\Garrett\AppData\Local\Overwolf
    2016-08-01 15:36 - 2015-04-04 15:33 - 00000000 ____D C:\Users\Garrett\Tracing
    2016-08-01 15:32 - 2014-07-02 09:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-08-01 15:32 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-31 16:26 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-07-31 12:47 - 2012-07-26 01:59 - 00000000 ____D C:\Windows\CbsTemp
    2016-07-31 11:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2016-07-31 11:45 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-30 23:19 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett\AppData\Local\VirtualStore
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-07-30 12:52 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Local\Skype
    2016-07-30 12:52 - 2014-12-29 20:56 - 00000000 ____D C:\ProgramData\Skype
    2016-07-30 12:10 - 2014-12-31 23:12 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Skype
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\ProgramData\IObit
    2016-07-29 23:54 - 2014-06-21 13:03 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-29 22:30 - 2014-06-30 18:43 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Audacity
    2016-07-29 18:21 - 2015-12-08 18:04 - 00000000 ____D C:\Windows\Minidump
    2016-07-28 17:34 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\Innkeeper
    2016-07-28 17:12 - 2015-07-14 11:36 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Octoshape
    2016-07-28 16:23 - 2016-01-04 13:51 - 00000000 ____D C:\ProgramData\Apple
    2016-07-28 16:22 - 2014-07-11 10:09 - 00000000 ____D C:\Users\Garrett\AppData\Local\CrashDumps
    2016-07-28 16:19 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2016-07-28 00:58 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2016-07-28 00:22 - 2016-06-09 18:14 - 00001062 _____ C:\Users\Garrett\Desktop\MuseScore 2.lnk
    2016-07-28 00:22 - 2016-04-18 20:46 - 00002155 _____ C:\Users\Public\Desktop\H&R Block 2015.lnk
    2016-07-28 00:22 - 2016-04-02 02:35 - 00000968 _____ C:\Users\Public\Desktop\Steam.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001367 _____ C:\Users\Garrett\Desktop\cFosSpeed Features.lnk
    2016-07-28 00:22 - 2016-04-01 22:35 - 00001241 _____ C:\Users\Garrett\Desktop\cFosSpeed Calibration.lnk
    2016-07-28 00:22 - 2016-03-19 15:01 - 00000984 _____ C:\Users\Public\Desktop\Origin.lnk
    2016-07-28 00:22 - 2015-05-30 21:55 - 00000299 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2016-07-28 00:22 - 2014-12-27 22:56 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1 (2).lnk
    2016-07-28 00:22 - 2014-12-27 22:55 - 00000454 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (D) PERSON_OF_INTEREST_S1_D1.lnk
    2016-07-28 00:22 - 2014-06-21 19:49 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2016-07-28 00:22 - 2014-06-21 13:16 - 00002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 00:22 - 2014-06-21 12:49 - 00001417 _____ C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-07-28 00:08 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\Branding
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-07-27 23:45 - 2014-07-02 09:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-07-27 22:24 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\ModemLogs
    2016-07-27 19:36 - 2015-07-06 22:55 - 00000000 ____D C:\Users\Garrett\AppData\Local\Battle.net
    2016-07-27 01:18 - 2015-07-06 22:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
    2016-07-27 00:35 - 2015-07-06 22:55 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-07-27 00:27 - 2015-07-06 22:49 - 00000000 ____D C:\ProgramData\Battle.net
    2016-07-26 22:48 - 2014-12-24 14:18 - 00413696 ___SH C:\Users\Garrett\Downloads\Thumbs.db
    2016-07-26 16:09 - 2014-05-04 17:09 - 277707073 _____ (Exµs ™ ) C:\Users\Garrett\Desktop\Sony Vegas Pro 13.0 Build 310 (64-bit) PreCracked.exe
    2016-07-26 11:28 - 2014-06-21 12:49 - 00000000 ____D C:\Users\Garrett
    2016-07-26 00:46 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AppCompat
    2016-07-25 22:47 - 2014-12-18 12:50 - 00000000 ____D C:\Program Files\OBS
    2016-07-25 22:47 - 2014-11-23 23:35 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    2016-07-25 22:37 - 2014-11-08 19:00 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2016-07-25 22:33 - 2016-01-24 11:28 - 00000000 ____D C:\Program Files (x86)\SmartMusic
    2016-07-25 22:31 - 2016-02-27 16:05 - 00000000 ____D C:\Users\Garrett\Desktop\New folder
    2016-07-25 22:31 - 2015-07-06 22:55 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2016-07-25 22:14 - 2012-07-26 01:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-25 22:11 - 2015-10-24 09:27 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
    2016-07-25 22:11 - 2015-10-24 09:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-07-25 22:02 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
    2016-07-25 22:01 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2016-07-25 22:00 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
    2016-07-25 22:00 - 2012-07-26 01:52 - 00000000 ____D C:\Program Files\Windows Journal
    2016-07-25 02:19 - 2014-06-22 18:29 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-25 02:15 - 2014-06-22 18:29 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-24 19:40 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-07-24 17:48 - 2015-05-30 13:02 - 00000000 ____D C:\Program Files\VideoLAN
    2016-07-24 17:48 - 2014-06-21 13:09 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\Apple Computer
    2016-07-20 12:01 - 2015-11-07 23:16 - 00000000 ____D C:\Users\Garrett\AppData\Local\SquirrelTemp
    2016-07-18 12:37 - 2016-02-28 15:38 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\MuseScore
    2016-07-11 23:43 - 2012-07-26 02:12 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-04 22:09 - 2015-11-07 23:17 - 00000000 ____D C:\Users\Garrett\AppData\Roaming\InnkeeperUI
    2016-07-02 00:48 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\system32\NDF
     
    ==================== Files in the root of some directories =======
     
    2014-06-22 18:01 - 2014-07-10 21:20 - 0005120 _____ () C:\Users\Garrett\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-07-05 18:23 - 2014-07-05 18:23 - 0007605 _____ () C:\Users\Garrett\AppData\Local\Resmon.ResmonCfg
    2015-12-08 03:58 - 2015-12-08 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{5787D94F-EB40-47F3-A4C7-B6BB17FD70A2}
    2015-12-07 03:58 - 2015-12-07 03:58 - 0000000 _____ () C:\Users\Garrett\AppData\Local\{EA742E66-D4C3-461F-93A2-4A3A92217857}
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000217 _____ () C:\ProgramData\all_data.txt
    2016-07-27 21:36 - 2016-07-27 21:36 - 0000047 _____ () C:\ProgramData\country.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000054 _____ () C:\ProgramData\exe_data.txt
    2016-07-27 21:36 - 2016-07-27 22:31 - 0000163 _____ () C:\ProgramData\VersionControl.txt
     
    Some files in TEMP:
    ====================
    C:\Users\Garrett\AppData\Local\Temp\libeay32.dll
    C:\Users\Garrett\AppData\Local\Temp\msvcr120.dll
    C:\Users\Garrett\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-07-26 03:00
     
    ==================== End of FRST.txt ============================
    Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
    Ran by Garrett (2016-08-01 15:30:53) Run:4
    Running from C:\Users\Garrett\Downloads
    Loaded Profiles: Garrett (Available Profiles: Garrett)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    Unlock: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Unlock: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    Unlock: C:\Users\Garrett\AppData\Roaming\Microsoft\Protect
    C:\Users\Garrett\AppData\Roaming\Microsoft\Protect
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\RunOnce: [WinResSync] => C:\Windows\system32\regsvr32.exe /s "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect\fea623cac58fb3b475f1.rs"
     
    *****************
     
    "HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" => key was unlocked
    "HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" => key was unlocked
    "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect" => was unlocked
     
    "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect" folder move:
     
    Could not move "C:\Users\Garrett\AppData\Roaming\Microsoft\Protect" => Scheduled to move on reboot.
     
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WinResSync => value removed successfully
    HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WinResSync => value removed successfully
     
    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-01 15:32:54)
     
    C:\Users\Garrett\AppData\Roaming\Microsoft\Protect => Is moved successfully
     
    ==== End of Fixlog 15:32:54 ====

    • 0

    #15
    40154

    40154

      Member

    • Topic Starter
    • Member
    • PipPip
    • 11 posts

    That seemed to fix it, is there anything else I need to do?


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP