Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RegSvr32 alert won't piss off :(

RegSvr32 the module

  • Please log in to reply

#1
JaayJams

JaayJams

    New Member

  • Member
  • Pip
  • 5 posts

I had a viruis. removed it with Mal and then this shows up every start up..

 

The module

Local\YkhvPack\xtsrivjr.dll failed to load 

 

how can i remove this alert  :L

Attached Thumbnails

  • Screenshot_1.png

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,009 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
     
    •  
  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Check the Addition.txt box
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 1

    #3
    JaayJams

    JaayJams

      New Member

    • Topic Starter
    • Member
    • Pip
    • 5 posts
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2017
    Ran by Jamie (10-03-2017 12:40:42)
    Running from C:\Users\Jamie\Downloads\Programs
    Windows 8.1 Pro (Update) (X64) (2017-03-08 01:07:00)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-586894515-286337750-1407449125-500 - Administrator - Disabled)
    Guest (S-1-5-21-586894515-286337750-1407449125-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-586894515-286337750-1407449125-1003 - Limited - Enabled)
    Jamie (S-1-5-21-586894515-286337750-1407449125-1001 - Administrator - Enabled) => C:\Users\Jamie
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
    Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.10 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
    Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
    Discord (HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
    Google Chrome (HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
    iFunbox (v4.0.4027.1352) (HKLM-x32\...\iFunbox_is1) (Version: v4.0.4027.1352 - iFunbox DevTeam)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
    iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
    Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    MediaHuman YouTube to MP3 Converter version 3.9.8.10 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.8.10 - )
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
    NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
    NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
    NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
    NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8051 - Realtek Semiconductor Corp.)
    SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
    Windows Driver Package - ASUS (ATP) Mouse  (10/30/2014 1.0.0.230) (HKLM\...\52EDDD14D2DC9D32A2EA2720C02CBB9E354F8DE2) (Version: 10/30/2014 1.0.0.230 - ASUS)
    WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-586894515-286337750-1407449125-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
    CustomCLSID: HKU\S-1-5-21-586894515-286337750-1407449125-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-586894515-286337750-1407449125-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {00C9B016-1827-40D4-802E-516027721927} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-24] (NVIDIA Corporation)
    Task: {1640D740-521C-446B-BF8F-6EAE1658420C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-24] (NVIDIA Corporation)
    Task: {254B78CC-B357-4746-A9A2-D7D274F74F1A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-24] (NVIDIA Corporation)
    Task: {340A33FF-3811-414A-9090-A186F4D10411} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
    Task: {48A8D4C5-7F79-4A53-89CC-ECE6B8EFC177} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586894515-286337750-1407449125-1001UA => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2017-03-08] (Google Inc.)
    Task: {51C4FDF3-AB93-4835-A9EC-D76CFE53287B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586894515-286337750-1407449125-1001Core => C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2017-03-08] (Google Inc.)
    Task: {836432D6-42C7-4478-8743-F5F0E098FEB0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-24] (NVIDIA Corporation)
    Task: {84F24DD7-D745-480F-B9FB-824F815789E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-24] (NVIDIA Corporation)
    Task: {981CDE2C-CF2F-4DA2-AC6D-4F98F7D010DD} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
    Task: {BDA705CF-21F6-4D80-9EA3-4D592DA9FD2C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
    Task: {DA7723CC-C847-4654-ABC5-E33FA8EB843C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-24] (NVIDIA Corporation)
    Task: {E5B122FD-2CBB-4906-9287-7F9A0AF54344} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-11-21] (AsusTek)
    Task: {EBBF8373-1C3C-474E-B5EF-F0CF7E9803A2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-24] (NVIDIA Corporation)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-03-09 22:07 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-03-09 22:07 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2017-03-08 14:45 - 2017-02-24 07:32 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
    2017-03-08 14:45 - 2017-02-24 07:32 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2017-03-08 14:18 - 2017-02-01 22:47 - 02459992 _____ () C:\Users\Jamie\AppData\Local\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
    2017-03-08 14:18 - 2017-02-01 22:47 - 00099672 _____ () C:\Users\Jamie\AppData\Local\Google\Chrome\Application\56.0.2924.87\libegl.dll
    2015-08-10 01:52 - 2015-08-10 01:52 - 17973744 _____ () C:\Windows\SYSTEM32\igd11dxva64.dll
    2017-03-08 14:45 - 2017-02-24 07:32 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2017-03-08 14:45 - 2017-02-24 07:32 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
    2017-03-08 14:45 - 2017-02-24 07:32 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-23 02:25 - 2017-03-09 21:30 - 00000899 ____A C:\Windows\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\StartupApproved\Run: => "YkhvPack"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{795802E0-4A48-4D1B-8380-CEE0CDD4544D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{70034AE4-AF2F-4D8B-9DDC-19B525679999}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{F91CDD8C-0801-4582-95BD-23405BB9D51B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{D5CF15BC-C0DD-4924-B1D1-638B11293559}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{0E1E1CA0-4D7B-4636-A49C-C02CA6AAD8B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
    FirewallRules: [{3468EC14-0B0C-47B3-B81C-7B3793A47AEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
    FirewallRules: [{367F479D-C08A-47EC-9672-BEAD8565CD03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{F81FC6F1-BE4B-4C18-85CA-CB99F5EA1E31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A6A9C35C-DC5A-423B-BAF8-AE7AFE61AA95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A7987031-D4A0-44B4-A51F-BBC132B71F69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8F1EC61D-E567-4D07-A660-8A08A9C7F8DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{E9C92ECF-67BC-4D2B-AF8A-655B7743010C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{3D1DF02C-AEB6-4488-8EBE-90B85BFFDD15}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{CA23AA92-1D3F-418F-BD5F-855B2BFA4557}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{B16D7987-63A7-4019-A17C-71C085DCE1C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{E10452CC-55BB-469E-92CE-B8060E7E05E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{0DC3AEC6-3916-4DC1-88BB-04A15E32C1E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{E153852A-F4A6-48DC-9216-D629B7DA3DB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{9602AFBA-7A33-4641-8AE6-08A4D0F28E56}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA14E873-5312-4866-88AA-90CC20F322FF}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{32EA61F2-7C97-4821-9FD2-17DD66F00A39}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{1F2757BC-8B11-4060-9D5D-A9B33BC0B69A}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{2CB7CC8C-0471-4FD2-83DB-D242C9C4A375}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{72AF31FB-0E11-43FB-822F-759DCF151AFA}] => (Allow) C:\Users\Jamie\AppData\Roaming\uTorrent\uTorrent.exe
     
    ==================== Restore Points =========================
     
    08-03-2017 14:20:34 Installed Classic Shell
    10-03-2017 11:52:02 JRT Pre-Junkware Removal
    10-03-2017 12:34:12 JRT Pre-Junkware Removal
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Sauce-2.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353   13 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Sauce.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 9.4.B.6.1.4.2.E.D.9.F.7.3.3.0.A.0.0.1.4.6.C.4.B.7.D.8.0.8.B.D.F.ip6.arpa. PTR Sauce-2.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353   13 9.4.B.6.1.4.2.E.D.9.F.7.3.3.0.A.0.0.1.4.6.C.4.B.7.D.8.0.8.B.D.F.ip6.arpa. PTR Sauce.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 9.4.B.6.1.4.2.E.D.9.F.7.3.3.0.A.5.8.5.5.7.1.A.8.0.0.0.7.7.0.4.2.ip6.arpa. PTR Sauce-2.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353   13 9.4.B.6.1.4.2.E.D.9.F.7.3.3.0.A.5.8.5.5.7.1.A.8.0.0.0.7.7.0.4.2.ip6.arpa. PTR Sauce.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.0.0.1.4.6.C.4.B.7.D.8.0.8.B.D.F.ip6.arpa. PTR Sauce-2.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353   13 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.0.0.1.4.6.C.4.B.7.D.8.0.8.B.D.F.ip6.arpa. PTR Sauce.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.5.8.5.5.7.1.A.8.0.0.0.7.7.0.4.2.ip6.arpa. PTR Sauce-2.local.
     
    Error: (03/10/2017 12:33:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353   13 C.7.5.1.D.E.4.6.5.F.9.6.9.5.D.8.5.8.5.5.7.1.A.8.0.0.0.7.7.0.4.2.ip6.arpa. PTR Sauce.local.
     
     
    System errors:
    =============
    Error: (03/10/2017 12:34:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (03/10/2017 12:31:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (03/10/2017 12:31:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA Telemetry Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
     
    Error: (03/10/2017 12:31:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Error: (03/10/2017 12:31:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Apple Mobile Device Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
    Percentage of memory in use: 27%
    Total physical RAM: 8074.98 MB
    Available physical RAM: 5856.07 MB
    Total Virtual: 9994.98 MB
    Available Virtual: 7529.57 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:930.73 GB) (Free:845.35 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 87F69E1B)
    Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
     
    ==================== End of Addition.txt ============================
     
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
    Ran by Jamie (administrator) on SAUCE (10-03-2017 12:39:31)
    Running from C:\Users\Jamie\Downloads\Programs
    Loaded Profiles: Jamie (Available Profiles: Jamie)
    Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Jamie\AppData\Local\Google\Chrome\Application\chrome.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-31] (IvoSoft)
    HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
    HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [Google Update] => C:\Users\Jamie\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-03-08] (Google Inc.)
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [Discord] => C:\Users\Jamie\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4015216 2016-12-16] (Tonec Inc.)
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [YkhvPack] => C:\Users\Jamie\AppData\Local\YkhvPack\7f5fa15c2802891dc341d97a85b5cf7c.exe
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [Ezltion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Jamie\AppData\Local\YkhvPack\xtsrivjr.dll <===== ATTENTION
    ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-15] (Tonec Inc.)
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-31] (IvoSoft)
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-31] (IvoSoft)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
    Tcpip\..\Interfaces\{B64155A3-1914-4E71-8008-3592F0C974E2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-nz/?ocid=iehp
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-31] (IvoSoft)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-31] (IvoSoft)
    BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-31] (IvoSoft)
    BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-31] (IvoSoft)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-31] (IvoSoft)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-31] (IvoSoft)
     
    FireFox:
    ========
    FF HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Jamie\AppData\Roaming\IDM\idmmzcc5
    FF Extension: (IDM CC) - C:\Users\Jamie\AppData\Roaming\IDM\idmmzcc5 [2017-03-10] [not signed]
    FF HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-17]
    FF Plugin HKU\S-1-5-21-586894515-286337750-1407449125-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-08] (Google Inc.)
    FF Plugin HKU\S-1-5-21-586894515-286337750-1407449125-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jamie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-08] (Google Inc.)
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://search.certified-toolbar.com?si=42826&st=home&tid=3374
    CHR StartupUrls: Default -> "hxxps://www.google.co.nz/","hxxp://www.oursurfing.com/?type=hp&ts=1444837758&z=fa3331e258b5ae5e7c02c47g0z9zfzfbdcbm4m1wcb&from=amt&uid=hgstxhts541010a9e680_ja100a1f31b31m31b31mx"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
    CHR Extension: (ProxFlow) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-03-08]
    CHR Extension: (Google Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-08]
    CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-08]
    CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-08]
    CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-08]
    CHR Extension: (Adblock Plus) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-08]
    CHR Extension: (Tampermonkey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-03-08]
    CHR Extension: (Google Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-08]
    CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-08]
    CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2017-03-08]
    CHR Extension: (IDM Integration Module) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-03-08]
    CHR Extension: (Black Black Chrome Theme Dark Blue Highlight) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\njpbabhpbnilgchdjbajcbgnnclkaida [2017-03-08]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
    CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-08]
    CHR Extension: (Chrome Media Router) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-08]
    CHR Extension: (GeoProxy) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2017-03-08]
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-16]
    CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-16]
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-10] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-24] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-24] (NVIDIA Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
    R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-24] (NVIDIA Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-23] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-23] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-11-21] (ASUS Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-10] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-10] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-10] (Malwarebytes)
    R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-10] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-10] (Malwarebytes)
    R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-26] (Intel Corporation)
    S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-19] (Intel Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-24] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-24] (NVIDIA Corporation)
    R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-02-24] (NVIDIA Corporation)
    R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-23] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-23] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-23] (Microsoft Corporation)
    S1 akixqorj; \??\C:\Windows\system32\drivers\akixqorj.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-03-10 12:39 - 2017-03-10 12:39 - 00000000 ____D C:\FRST
    2017-03-09 23:17 - 2017-03-09 23:17 - 00000299 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2017-03-09 22:59 - 2017-03-10 12:32 - 00048128 ___SH C:\Users\Jamie\Desktop\Thumbs.db
    2017-03-09 22:59 - 2017-03-09 22:59 - 00000000 ____D C:\Users\Jamie\Documents\Lightshot
    2017-03-09 22:08 - 2017-03-10 12:33 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-03-09 22:07 - 2017-03-10 12:33 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-03-09 22:07 - 2017-03-10 12:33 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2017-03-09 22:07 - 2017-03-10 12:32 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-03-09 22:07 - 2017-03-10 12:32 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-03-09 22:07 - 2017-03-09 22:07 - 00001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-03-09 22:07 - 2017-03-09 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-03-09 22:07 - 2017-03-09 22:07 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-03-09 22:07 - 2017-03-09 22:07 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-03-09 22:07 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-03-09 11:44 - 2017-03-09 11:44 - 00000000 ____D C:\Users\Jamie\.android
    2017-03-09 11:43 - 2017-03-09 11:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
    2017-03-09 10:59 - 2017-03-09 10:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2017-03-09 10:58 - 2017-03-08 14:07 - 00000000 ____D C:\Windows\Panther
    2017-03-09 03:24 - 2017-03-09 03:24 - 00000000 ____D C:\Users\Jamie\AppData\Local\SLAM
    2017-03-09 02:28 - 2017-03-09 02:28 - 00000000 __RHD C:\Users\Public\AccountPictures
    2017-03-09 02:25 - 2017-03-09 20:11 - 00000000 ____D C:\Program Files\KMSpico
    2017-03-09 02:25 - 2017-03-09 02:25 - 00004608 _____ C:\Windows\SECOH-QAD.exe
    2017-03-09 02:25 - 2017-03-09 02:25 - 00003584 _____ C:\Windows\SECOH-QAD.dll
    2017-03-09 02:25 - 2017-03-09 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
    2017-03-09 02:25 - 2010-12-06 15:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
    2017-03-09 02:18 - 2017-03-09 02:18 - 00000000 __SHD C:\Users\Jamie\AppData\LocalLow\EmieUserList
    2017-03-09 02:18 - 2017-03-09 02:18 - 00000000 __SHD C:\Users\Jamie\AppData\LocalLow\EmieSiteList
    2017-03-09 02:14 - 2017-03-09 02:31 - 00000000 ____D C:\Users\Jamie\AppData\LocalLow\uTorrent
    2017-03-09 01:51 - 2017-03-09 02:31 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\uTorrent
    2017-03-09 01:51 - 2017-03-09 01:51 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Macromedia
    2017-03-09 01:48 - 2017-03-09 01:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-03-09 01:48 - 2017-03-09 01:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2017-03-09 01:47 - 2017-03-09 01:47 - 00000000 ____D C:\Program Files\Reference Assemblies
    2017-03-09 01:47 - 2017-03-09 01:47 - 00000000 ____D C:\Program Files\MSBuild
    2017-03-09 01:46 - 2013-08-03 17:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
    2017-03-09 01:46 - 2013-08-03 17:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-03-09 01:46 - 2013-08-03 17:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
    2017-03-09 01:46 - 2013-08-03 17:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-03-09 01:41 - 2017-03-09 01:41 - 00000000 __SHD C:\Users\Jamie\AppData\Local\EmieUserList
    2017-03-09 01:41 - 2017-03-09 01:41 - 00000000 __SHD C:\Users\Jamie\AppData\Local\EmieSiteList
    2017-03-09 01:41 - 2017-03-09 01:41 - 00000000 ____D C:\Users\Jamie\AppData\Local\Ucjmedia
    2017-03-09 01:40 - 2017-03-09 20:13 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
    2017-03-09 01:22 - 2014-06-10 11:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2017-03-09 01:22 - 2014-06-10 11:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2017-03-09 00:59 - 2017-03-09 01:01 - 00000000 ____D C:\Windows\system32\MRT
    2017-03-09 00:59 - 2017-03-09 00:59 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-03-09 00:58 - 2014-02-23 05:59 - 01519520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2017-03-09 00:58 - 2014-02-23 05:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2017-03-09 00:58 - 2014-02-23 05:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2017-03-09 00:58 - 2014-02-23 05:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2017-03-09 00:58 - 2014-02-23 05:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2017-03-09 00:58 - 2014-02-23 05:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
    2017-03-09 00:58 - 2014-02-23 05:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
    2017-03-09 00:58 - 2014-02-23 05:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2017-03-09 00:58 - 2014-02-23 05:00 - 00590168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2017-03-09 00:58 - 2014-02-23 05:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2017-03-09 00:58 - 2014-02-23 04:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2017-03-09 00:58 - 2014-02-23 04:55 - 00388408 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2017-03-09 00:58 - 2014-02-23 04:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
    2017-03-09 00:58 - 2014-02-23 04:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
    2017-03-09 00:58 - 2014-02-23 04:50 - 02588168 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
    2017-03-09 00:58 - 2014-02-23 04:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
    2017-03-09 00:58 - 2014-02-23 04:50 - 00645104 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2017-03-09 00:58 - 2014-02-23 04:50 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
    2017-03-09 00:58 - 2014-02-23 04:49 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2017-03-09 00:58 - 2014-02-23 04:49 - 00280920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2017-03-09 00:58 - 2014-02-23 04:49 - 00148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2017-03-09 00:58 - 2014-02-23 04:48 - 02574240 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2017-03-09 00:58 - 2014-02-23 04:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
    2017-03-09 00:58 - 2014-02-23 04:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
    2017-03-09 00:58 - 2014-02-23 04:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2017-03-09 00:58 - 2014-02-23 04:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
    2017-03-09 00:58 - 2014-02-23 04:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2017-03-09 00:58 - 2014-02-23 04:44 - 00539992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
    2017-03-09 00:58 - 2014-02-23 04:44 - 00424280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2017-03-09 00:58 - 2014-02-23 04:44 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2017-03-09 00:58 - 2014-02-23 04:43 - 01727760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2017-03-09 00:58 - 2014-02-23 04:43 - 01659056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2017-03-09 00:58 - 2014-02-23 04:43 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2017-03-09 00:58 - 2014-02-23 04:43 - 01487520 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2017-03-09 00:58 - 2014-02-23 04:43 - 01356360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2017-03-09 00:58 - 2014-02-23 04:41 - 02142976 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 00609456 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
    2017-03-09 00:58 - 2014-02-23 04:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
    2017-03-09 00:58 - 2014-02-23 04:40 - 01118552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2017-03-09 00:58 - 2014-02-23 03:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
    2017-03-09 00:58 - 2014-02-23 03:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
    2017-03-09 00:58 - 2014-02-23 03:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2017-03-09 00:58 - 2014-02-23 03:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2017-03-09 00:58 - 2014-02-23 03:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2017-03-09 00:58 - 2014-02-23 03:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
    2017-03-09 00:58 - 2014-02-23 03:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
    2017-03-09 00:58 - 2014-02-23 03:25 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2017-03-09 00:58 - 2014-02-23 03:18 - 00477744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2017-03-09 00:58 - 2014-02-23 03:18 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
    2017-03-09 00:58 - 2014-02-23 03:08 - 01474104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 01206000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 00518552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
    2017-03-09 00:58 - 2014-02-23 03:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
    2017-03-09 00:58 - 2014-02-23 01:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-03-09 00:58 - 2014-02-23 01:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
    2017-03-09 00:58 - 2014-02-23 01:15 - 04192768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2017-03-09 00:58 - 2014-02-23 01:14 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2017-03-09 00:58 - 2014-02-23 01:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
    2017-03-09 00:58 - 2014-02-23 01:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2017-03-09 00:58 - 2014-02-23 01:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
    2017-03-09 00:58 - 2014-02-23 00:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2017-03-09 00:58 - 2014-02-23 00:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-03-09 00:58 - 2014-02-23 00:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
    2017-03-09 00:58 - 2014-02-23 00:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2017-03-09 00:58 - 2014-02-23 00:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
    2017-03-09 00:58 - 2014-02-23 00:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2017-03-09 00:58 - 2014-02-23 00:00 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2017-03-09 00:58 - 2014-02-22 23:54 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2017-03-09 00:58 - 2014-02-22 23:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
    2017-03-09 00:58 - 2014-02-22 23:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2017-03-09 00:58 - 2014-02-22 23:41 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2017-03-09 00:58 - 2014-02-22 23:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2017-03-09 00:58 - 2014-02-22 23:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
    2017-03-09 00:58 - 2014-02-22 23:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2017-03-09 00:58 - 2014-02-22 23:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2017-03-09 00:58 - 2014-02-22 23:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
    2017-03-09 00:58 - 2014-02-22 23:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2017-03-09 00:58 - 2014-02-22 23:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
    2017-03-09 00:58 - 2014-02-22 23:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2017-03-09 00:58 - 2014-02-22 23:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2017-03-09 00:58 - 2014-02-22 23:08 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
    2017-03-09 00:58 - 2014-02-22 23:06 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2017-03-09 00:58 - 2014-02-22 23:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
    2017-03-09 00:58 - 2014-02-22 23:01 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
    2017-03-09 00:58 - 2014-02-22 23:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2017-03-09 00:58 - 2014-02-22 23:01 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
    2017-03-09 00:58 - 2014-02-22 23:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2017-03-09 00:58 - 2014-02-22 23:00 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2017-03-09 00:58 - 2014-02-22 22:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2017-03-09 00:58 - 2014-02-22 22:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2017-03-09 00:58 - 2014-02-22 22:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
    2017-03-09 00:58 - 2014-02-22 22:48 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2017-03-09 00:58 - 2014-02-22 22:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2017-03-09 00:58 - 2014-02-22 22:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2017-03-09 00:58 - 2014-02-22 22:39 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2017-03-09 00:58 - 2014-02-22 22:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2017-03-09 00:58 - 2014-02-22 22:37 - 02220032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2017-03-09 00:58 - 2014-02-22 22:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2017-03-09 00:58 - 2014-02-22 22:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
    2017-03-09 00:58 - 2014-02-22 22:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
    2017-03-09 00:58 - 2014-02-22 22:33 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2017-03-09 00:58 - 2014-02-22 22:33 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2017-03-09 00:58 - 2014-02-22 22:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
    2017-03-09 00:58 - 2014-02-22 22:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2017-03-09 00:58 - 2014-02-22 22:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-03-09 00:58 - 2014-02-22 22:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
    2017-03-09 00:58 - 2014-02-22 22:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2017-03-09 00:58 - 2014-02-22 22:25 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2017-03-09 00:58 - 2014-02-22 22:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2017-03-09 00:58 - 2014-02-22 22:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
    2017-03-09 00:58 - 2014-02-22 22:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-03-09 00:58 - 2014-02-22 22:23 - 02843136 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2017-03-09 00:58 - 2014-02-22 22:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
    2017-03-09 00:58 - 2014-02-22 22:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
    2017-03-09 00:58 - 2014-02-22 22:23 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2017-03-09 00:58 - 2014-02-22 22:21 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2017-03-09 00:58 - 2014-02-22 22:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2017-03-09 00:58 - 2014-02-22 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2017-03-09 00:58 - 2014-02-22 22:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2017-03-09 00:58 - 2014-02-22 22:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
    2017-03-09 00:58 - 2014-02-22 22:11 - 02395136 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2017-03-09 00:58 - 2014-02-22 22:11 - 02262016 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2017-03-09 00:58 - 2014-02-22 22:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
    2017-03-09 00:58 - 2014-02-22 22:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
    2017-03-09 00:58 - 2014-02-22 22:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
    2017-03-09 00:58 - 2014-02-22 22:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
    2017-03-09 00:58 - 2014-02-22 22:06 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2017-03-09 00:58 - 2014-02-22 22:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2017-03-09 00:58 - 2014-02-22 22:04 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2017-03-09 00:58 - 2014-02-22 22:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2017-03-09 00:58 - 2014-02-22 22:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
    2017-03-09 00:58 - 2014-02-22 22:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2017-03-09 00:58 - 2014-02-22 21:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
    2017-03-09 00:58 - 2014-02-22 21:59 - 01403392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2017-03-09 00:58 - 2014-02-22 21:59 - 00791552 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
    2017-03-09 00:58 - 2014-02-22 21:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2017-03-09 00:58 - 2014-02-22 21:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
    2017-03-09 00:58 - 2014-02-22 21:53 - 12027904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2017-03-09 00:58 - 2014-02-22 21:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
    2017-03-09 00:58 - 2014-02-22 21:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2017-03-09 00:58 - 2014-02-22 21:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
    2017-03-09 00:58 - 2014-02-22 21:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2017-03-09 00:58 - 2014-02-22 21:49 - 08874496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2017-03-09 00:58 - 2014-02-22 21:49 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2017-03-09 00:58 - 2014-02-22 21:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
    2017-03-09 00:58 - 2014-02-22 21:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
    2017-03-09 00:58 - 2014-02-22 21:46 - 00824832 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-03-09 00:58 - 2014-02-22 21:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2017-03-09 00:58 - 2014-02-22 21:44 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
    2017-03-09 00:58 - 2014-02-22 21:42 - 03408384 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-03-09 00:58 - 2014-02-22 21:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
    2017-03-09 00:58 - 2014-02-22 21:41 - 00662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-03-09 00:58 - 2014-02-22 21:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2017-03-09 00:58 - 2014-02-22 21:40 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2017-03-09 00:58 - 2014-02-22 21:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
    2017-03-09 00:58 - 2014-02-22 21:38 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2017-03-09 00:58 - 2014-02-22 21:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2017-03-09 00:58 - 2014-02-22 21:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2017-03-09 00:58 - 2014-02-22 21:34 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
    2017-03-09 00:58 - 2014-02-22 21:32 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2017-03-09 00:58 - 2014-02-22 21:27 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2017-03-09 00:58 - 2014-02-22 21:24 - 02760704 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
    2017-03-09 00:58 - 2014-02-22 21:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
    2017-03-09 00:58 - 2014-02-22 21:21 - 00854528 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2017-03-09 00:58 - 2014-02-22 21:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
    2017-03-09 00:58 - 2014-02-22 21:19 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2017-03-09 00:58 - 2014-02-22 21:18 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2017-03-09 00:58 - 2014-02-22 21:17 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2017-03-09 00:58 - 2014-02-22 21:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2017-03-09 00:58 - 2014-02-22 21:04 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
    2017-03-09 00:58 - 2014-02-22 21:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2017-03-09 00:58 - 2014-02-22 21:01 - 00978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
    2017-03-09 00:58 - 2014-02-22 21:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
    2017-03-09 00:58 - 2014-02-22 21:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    2017-03-09 00:58 - 2014-02-22 17:33 - 00262335 _____ C:\Windows\system32\dfpinc.dat
    2017-03-09 00:58 - 2014-02-08 14:08 - 00139600 _____ C:\Windows\system32\systemsf.ebd
    2017-03-09 00:58 - 2014-02-03 03:48 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2017-03-09 00:58 - 2014-02-03 02:33 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2017-03-09 00:58 - 2014-01-31 21:18 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2017-03-09 00:58 - 2014-01-29 21:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2017-03-09 00:58 - 2014-01-29 20:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2017-03-09 00:58 - 2014-01-28 04:38 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2017-03-09 00:58 - 2013-12-10 20:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
    2017-03-09 00:57 - 2014-02-23 05:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
    2017-03-09 00:57 - 2014-02-23 05:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
    2017-03-09 00:57 - 2014-02-23 05:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2017-03-09 00:57 - 2014-02-23 05:59 - 00123448 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2017-03-09 00:57 - 2014-02-23 05:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2017-03-09 00:57 - 2014-02-23 05:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
    2017-03-09 00:57 - 2014-02-23 05:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
    2017-03-09 00:57 - 2014-02-23 05:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
    2017-03-09 00:57 - 2014-02-23 05:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2017-03-09 00:57 - 2014-02-23 05:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
    2017-03-09 00:57 - 2014-02-23 05:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
    2017-03-09 00:57 - 2014-02-23 05:00 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2017-03-09 00:57 - 2014-02-23 05:00 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2017-03-09 00:57 - 2014-02-23 05:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
    2017-03-09 00:57 - 2014-02-23 04:59 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
    2017-03-09 00:57 - 2014-02-23 04:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
    2017-03-09 00:57 - 2014-02-23 04:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
    2017-03-09 00:57 - 2014-02-23 04:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2017-03-09 00:57 - 2014-02-23 04:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
    2017-03-09 00:57 - 2014-02-23 04:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
    2017-03-09 00:57 - 2014-02-23 04:53 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-03-09 00:57 - 2014-02-23 04:50 - 00258784 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
    2017-03-09 00:57 - 2014-02-23 04:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
    2017-03-09 00:57 - 2014-02-23 04:50 - 00054816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
    2017-03-09 00:57 - 2014-02-23 04:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
    2017-03-09 00:57 - 2014-02-23 04:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
    2017-03-09 00:57 - 2014-02-23 04:49 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2017-03-09 00:57 - 2014-02-23 04:49 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2017-03-09 00:57 - 2014-02-23 04:49 - 00189784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
    2017-03-09 00:57 - 2014-02-23 04:49 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
    2017-03-09 00:57 - 2014-02-23 04:49 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
    2017-03-09 00:57 - 2014-02-23 04:48 - 00210736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2017-03-09 00:57 - 2014-02-23 04:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
    2017-03-09 00:57 - 2014-02-23 04:44 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2017-03-09 00:57 - 2014-02-23 04:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2017-03-09 00:57 - 2014-02-23 04:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
    2017-03-09 00:57 - 2014-02-23 04:41 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
    2017-03-09 00:57 - 2014-02-23 04:41 - 00028416 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2017-03-09 00:57 - 2014-02-23 03:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
    2017-03-09 00:57 - 2014-02-23 03:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2017-03-09 00:57 - 2014-02-23 03:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2017-03-09 00:57 - 2014-02-23 03:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
    2017-03-09 00:57 - 2014-02-23 03:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2017-03-09 00:57 - 2014-02-23 03:42 - 00098072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2017-03-09 00:57 - 2014-02-23 03:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2017-03-09 00:57 - 2014-02-23 03:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
    2017-03-09 00:57 - 2014-02-23 03:38 - 00336232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2017-03-09 00:57 - 2014-02-23 03:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2017-03-09 00:57 - 2014-02-23 03:25 - 00180240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
    2017-03-09 00:57 - 2014-02-23 03:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
    2017-03-09 00:57 - 2014-02-23 03:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
    2017-03-09 00:57 - 2014-02-23 03:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
    2017-03-09 00:57 - 2014-02-23 03:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2017-03-09 00:57 - 2014-02-23 03:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
    2017-03-09 00:57 - 2014-02-23 03:04 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
    2017-03-09 00:57 - 2014-02-23 01:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
    2017-03-09 00:57 - 2014-02-23 01:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
    2017-03-09 00:57 - 2014-02-23 01:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
    2017-03-09 00:57 - 2014-02-23 01:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
    2017-03-09 00:57 - 2014-02-23 01:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
    2017-03-09 00:57 - 2014-02-23 01:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
    2017-03-09 00:57 - 2014-02-23 01:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
    2017-03-09 00:57 - 2014-02-23 01:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
    2017-03-09 00:57 - 2014-02-23 01:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
    2017-03-09 00:57 - 2014-02-23 01:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
    2017-03-09 00:57 - 2014-02-23 01:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
    2017-03-09 00:57 - 2014-02-23 01:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
    2017-03-09 00:57 - 2014-02-23 01:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
    2017-03-09 00:57 - 2014-02-23 01:11 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2017-03-09 00:57 - 2014-02-23 01:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2017-03-09 00:57 - 2014-02-23 01:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
    2017-03-09 00:57 - 2014-02-23 01:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
    2017-03-09 00:57 - 2014-02-23 01:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2017-03-09 00:57 - 2014-02-23 01:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2017-03-09 00:57 - 2014-02-23 01:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2017-03-09 00:57 - 2014-02-23 01:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2017-03-09 00:57 - 2014-02-23 01:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
    2017-03-09 00:57 - 2014-02-23 01:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2017-03-09 00:57 - 2014-02-23 01:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
    2017-03-09 00:57 - 2014-02-23 01:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
    2017-03-09 00:57 - 2014-02-23 01:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
    2017-03-09 00:57 - 2014-02-23 01:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2017-03-09 00:57 - 2014-02-23 01:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
    2017-03-09 00:57 - 2014-02-23 01:00 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-03-09 00:57 - 2014-02-23 01:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
    2017-03-09 00:57 - 2014-02-23 01:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
    2017-03-09 00:57 - 2014-02-23 00:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
    2017-03-09 00:57 - 2014-02-23 00:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
    2017-03-09 00:57 - 2014-02-23 00:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2017-03-09 00:57 - 2014-02-23 00:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
    2017-03-09 00:57 - 2014-02-23 00:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2017-03-09 00:57 - 2014-02-23 00:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
    2017-03-09 00:57 - 2014-02-23 00:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
    2017-03-09 00:57 - 2014-02-23 00:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
    2017-03-09 00:57 - 2014-02-23 00:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
    2017-03-09 00:57 - 2014-02-23 00:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2017-03-09 00:57 - 2014-02-23 00:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2017-03-09 00:57 - 2014-02-23 00:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
    2017-03-09 00:57 - 2014-02-23 00:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
    2017-03-09 00:57 - 2014-02-23 00:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
    2017-03-09 00:57 - 2014-02-23 00:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
    2017-03-09 00:57 - 2014-02-23 00:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
    2017-03-09 00:57 - 2014-02-23 00:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
    2017-03-09 00:57 - 2014-02-23 00:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
    2017-03-09 00:57 - 2014-02-23 00:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
    2017-03-09 00:57 - 2014-02-23 00:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2017-03-09 00:57 - 2014-02-23 00:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
    2017-03-09 00:57 - 2014-02-23 00:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
    2017-03-09 00:57 - 2014-02-23 00:25 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
    2017-03-09 00:57 - 2014-02-23 00:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
    2017-03-09 00:57 - 2014-02-23 00:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
    2017-03-09 00:57 - 2014-02-23 00:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll
    2017-03-09 00:57 - 2014-02-23 00:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
    2017-03-09 00:57 - 2014-02-23 00:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
    2017-03-09 00:57 - 2014-02-23 00:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
    2017-03-09 00:57 - 2014-02-23 00:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
    2017-03-09 00:57 - 2014-02-23 00:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
    2017-03-09 00:57 - 2014-02-23 00:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
    2017-03-09 00:57 - 2014-02-23 00:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
    2017-03-09 00:57 - 2014-02-23 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
    2017-03-09 00:57 - 2014-02-23 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
    2017-03-09 00:57 - 2014-02-23 00:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
    2017-03-09 00:57 - 2014-02-23 00:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2017-03-09 00:57 - 2014-02-23 00:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
    2017-03-09 00:57 - 2014-02-23 00:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
    2017-03-09 00:57 - 2014-02-23 00:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2017-03-09 00:57 - 2014-02-23 00:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
    2017-03-09 00:57 - 2014-02-23 00:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2017-03-09 00:57 - 2014-02-23 00:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2017-03-09 00:57 - 2014-02-23 00:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
    2017-03-09 00:57 - 2014-02-23 00:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
    2017-03-09 00:57 - 2014-02-23 00:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
    2017-03-09 00:57 - 2014-02-23 00:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2017-03-09 00:57 - 2014-02-23 00:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
    2017-03-09 00:57 - 2014-02-23 00:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2017-03-09 00:57 - 2014-02-23 00:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
    2017-03-09 00:57 - 2014-02-23 00:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
    2017-03-09 00:57 - 2014-02-23 00:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
    2017-03-09 00:57 - 2014-02-23 00:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2017-03-09 00:57 - 2014-02-23 00:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
    2017-03-09 00:57 - 2014-02-23 00:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2017-03-09 00:57 - 2014-02-23 00:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
    2017-03-09 00:57 - 2014-02-23 00:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
    2017-03-09 00:57 - 2014-02-23 00:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
    2017-03-09 00:57 - 2014-02-23 00:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
    2017-03-09 00:57 - 2014-02-23 00:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
    2017-03-09 00:57 - 2014-02-23 00:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
    2017-03-09 00:57 - 2014-02-23 00:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2017-03-09 00:57 - 2014-02-23 00:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
    2017-03-09 00:57 - 2014-02-23 00:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
    2017-03-09 00:57 - 2014-02-23 00:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2017-03-09 00:57 - 2014-02-23 00:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
    2017-03-09 00:57 - 2014-02-23 00:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2017-03-09 00:57 - 2014-02-22 23:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
    2017-03-09 00:57 - 2014-02-22 23:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
    2017-03-09 00:57 - 2014-02-22 23:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
    2017-03-09 00:57 - 2014-02-22 23:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2017-03-09 00:57 - 2014-02-22 23:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
    2017-03-09 00:57 - 2014-02-22 23:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2017-03-09 00:57 - 2014-02-22 23:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
    2017-03-09 00:57 - 2014-02-22 23:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
    2017-03-09 00:57 - 2014-02-22 23:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2017-03-09 00:57 - 2014-02-22 23:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
    2017-03-09 00:57 - 2014-02-22 23:56 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2017-03-09 00:57 - 2014-02-22 23:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
    2017-03-09 00:57 - 2014-02-22 23:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
    2017-03-09 00:57 - 2014-02-22 23:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
    2017-03-09 00:57 - 2014-02-22 23:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
    2017-03-09 00:57 - 2014-02-22 23:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
    2017-03-09 00:57 - 2014-02-22 23:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
    2017-03-09 00:57 - 2014-02-22 23:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
    2017-03-09 00:57 - 2014-02-22 23:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
    2017-03-09 00:57 - 2014-02-22 23:50 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
    2017-03-09 00:57 - 2014-02-22 23:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
    2017-03-09 00:57 - 2014-02-22 23:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
    2017-03-09 00:57 - 2014-02-22 23:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
    2017-03-09 00:57 - 2014-02-22 23:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
    2017-03-09 00:57 - 2014-02-22 23:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2017-03-09 00:57 - 2014-02-22 23:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
    2017-03-09 00:57 - 2014-02-22 23:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
    2017-03-09 00:57 - 2014-02-22 23:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
    2017-03-09 00:57 - 2014-02-22 23:40 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
    2017-03-09 00:57 - 2014-02-22 23:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
    2017-03-09 00:57 - 2014-02-22 23:39 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2017-03-09 00:57 - 2014-02-22 23:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
    2017-03-09 00:57 - 2014-02-22 23:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
    2017-03-09 00:57 - 2014-02-22 23:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2017-03-09 00:57 - 2014-02-22 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2017-03-09 00:57 - 2014-02-22 23:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
    2017-03-09 00:57 - 2014-02-22 23:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
    2017-03-09 00:57 - 2014-02-22 23:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
    2017-03-09 00:57 - 2014-02-22 23:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
    2017-03-09 00:57 - 2014-02-22 23:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2017-03-09 00:57 - 2014-02-22 23:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2017-03-09 00:57 - 2014-02-22 23:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
    2017-03-09 00:57 - 2014-02-22 23:29 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2017-03-09 00:57 - 2014-02-22 23:28 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2017-03-09 00:57 - 2014-02-22 23:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
    2017-03-09 00:57 - 2014-02-22 23:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2017-03-09 00:57 - 2014-02-22 23:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
    2017-03-09 00:57 - 2014-02-22 23:22 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2017-03-09 00:57 - 2014-02-22 23:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
    2017-03-09 00:57 - 2014-02-22 23:21 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2017-03-09 00:57 - 2014-02-22 23:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
    2017-03-09 00:57 - 2014-02-22 23:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
    2017-03-09 00:57 - 2014-02-22 23:18 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2017-03-09 00:57 - 2014-02-22 23:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
    2017-03-09 00:57 - 2014-02-22 23:17 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2017-03-09 00:57 - 2014-02-22 23:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
    2017-03-09 00:57 - 2014-02-22 23:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
    2017-03-09 00:57 - 2014-02-22 23:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
    2017-03-09 00:57 - 2014-02-22 23:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
    2017-03-09 00:57 - 2014-02-22 23:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
    2017-03-09 00:57 - 2014-02-22 23:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
    2017-03-09 00:57 - 2014-02-22 23:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
    2017-03-09 00:57 - 2014-02-22 23:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2017-03-09 00:57 - 2014-02-22 23:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
    2017-03-09 00:57 - 2014-02-22 23:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
    2017-03-09 00:57 - 2014-02-22 23:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
    2017-03-09 00:57 - 2014-02-22 23:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
    2017-03-09 00:57 - 2014-02-22 23:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
    2017-03-09 00:57 - 2014-02-22 23:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
    2017-03-09 00:57 - 2014-02-22 23:09 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2017-03-09 00:57 - 2014-02-22 23:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
    2017-03-09 00:57 - 2014-02-22 23:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2017-03-09 00:57 - 2014-02-22 23:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
    2017-03-09 00:57 - 2014-02-22 23:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
    2017-03-09 00:57 - 2014-02-22 23:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
    2017-03-09 00:57 - 2014-02-22 23:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
    2017-03-09 00:57 - 2014-02-22 23:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
    2017-03-09 00:57 - 2014-02-22 23:03 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2017-03-09 00:57 - 2014-02-22 23:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2017-03-09 00:57 - 2014-02-22 23:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2017-03-09 00:57 - 2014-02-22 22:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
    2017-03-09 00:57 - 2014-02-22 22:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
    2017-03-09 00:57 - 2014-02-22 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2017-03-09 00:57 - 2014-02-22 22:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
    2017-03-09 00:57 - 2014-02-22 22:55 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2017-03-09 00:57 - 2014-02-22 22:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
    2017-03-09 00:57 - 2014-02-22 22:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
    2017-03-09 00:57 - 2014-02-22 22:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2017-03-09 00:57 - 2014-02-22 22:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
    2017-03-09 00:57 - 2014-02-22 22:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2017-03-09 00:57 - 2014-02-22 22:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2017-03-09 00:57 - 2014-02-22 22:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
    2017-03-09 00:57 - 2014-02-22 22:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
    2017-03-09 00:57 - 2014-02-22 22:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
    2017-03-09 00:57 - 2014-02-22 22:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
    2017-03-09 00:57 - 2014-02-22 22:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
    2017-03-09 00:57 - 2014-02-22 22:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
    2017-03-09 00:57 - 2014-02-22 22:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
    2017-03-09 00:57 - 2014-02-22 22:46 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
    2017-03-09 00:57 - 2014-02-22 22:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
    2017-03-09 00:57 - 2014-02-22 22:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
    2017-03-09 00:57 - 2014-02-22 22:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
    2017-03-09 00:57 - 2014-02-22 22:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-03-09 00:57 - 2014-02-22 22:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2017-03-09 00:57 - 2014-02-22 22:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2017-03-09 00:57 - 2014-02-22 22:44 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2017-03-09 00:57 - 2014-02-22 22:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
    2017-03-09 00:57 - 2014-02-22 22:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
    2017-03-09 00:57 - 2014-02-22 22:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
    2017-03-09 00:57 - 2014-02-22 22:41 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
    2017-03-09 00:57 - 2014-02-22 22:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
    2017-03-09 00:57 - 2014-02-22 22:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2017-03-09 00:57 - 2014-02-22 22:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
    2017-03-09 00:57 - 2014-02-22 22:37 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
    2017-03-09 00:57 - 2014-02-22 22:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
    2017-03-09 00:57 - 2014-02-22 22:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
    2017-03-09 00:57 - 2014-02-22 22:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
    2017-03-09 00:57 - 2014-02-22 22:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
    2017-03-09 00:57 - 2014-02-22 22:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
    2017-03-09 00:57 - 2014-02-22 22:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
    2017-03-09 00:57 - 2014-02-22 22:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2017-03-09 00:57 - 2014-02-22 22:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
    2017-03-09 00:57 - 2014-02-22 22:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
    2017-03-09 00:57 - 2014-02-22 22:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
    2017-03-09 00:57 - 2014-02-22 22:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
    2017-03-09 00:57 - 2014-02-22 22:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2017-03-09 00:57 - 2014-02-22 22:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
    2017-03-09 00:57 - 2014-02-22 22:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
    2017-03-09 00:57 - 2014-02-22 22:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
    2017-03-09 00:57 - 2014-02-22 22:25 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
    2017-03-09 00:57 - 2014-02-22 22:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
    2017-03-09 00:57 - 2014-02-22 22:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
    2017-03-09 00:57 - 2014-02-22 22:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
    2017-03-09 00:57 - 2014-02-22 22:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
    2017-03-09 00:57 - 2014-02-22 22:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
    2017-03-09 00:57 - 2014-02-22 22:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
    2017-03-09 00:57 - 2014-02-22 22:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
    2017-03-09 00:57 - 2014-02-22 22:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
    2017-03-09 00:57 - 2014-02-22 22:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll
    2017-03-09 00:57 - 2014-02-22 22:19 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2017-03-09 00:57 - 2014-02-22 22:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
    2017-03-09 00:57 - 2014-02-22 22:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
    2017-03-09 00:57 - 2014-02-22 22:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll
    2017-03-09 00:57 - 2014-02-22 22:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
    2017-03-09 00:57 - 2014-02-22 22:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
    2017-03-09 00:57 - 2014-02-22 22:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
    2017-03-09 00:57 - 2014-02-22 22:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
    2017-03-09 00:57 - 2014-02-22 22:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
    2017-03-09 00:57 - 2014-02-22 22:07 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
    2017-03-09 00:57 - 2014-02-22 22:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
    2017-03-09 00:57 - 2014-02-22 22:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
    2017-03-09 00:57 - 2014-02-22 22:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll
    2017-03-09 00:57 - 2014-02-22 22:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
    2017-03-09 00:57 - 2014-02-22 22:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
    2017-03-09 00:57 - 2014-02-22 22:02 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
    2017-03-09 00:57 - 2014-02-22 21:59 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2017-03-09 00:57 - 2014-02-22 21:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
    2017-03-09 00:57 - 2014-02-22 21:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
    2017-03-09 00:57 - 2014-02-22 21:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2017-03-09 00:57 - 2014-02-22 21:55 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll
    2017-03-09 00:57 - 2014-02-22 21:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
    2017-03-09 00:57 - 2014-02-22 21:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
    2017-03-09 00:57 - 2014-02-22 21:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
    2017-03-09 00:57 - 2014-02-22 21:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2017-03-09 00:57 - 2014-02-22 21:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
    2017-03-09 00:57 - 2014-02-22 21:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll
    2017-03-09 00:57 - 2014-02-22 21:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2017-03-09 00:57 - 2014-02-22 21:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
    2017-03-09 00:57 - 2014-02-22 21:52 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
    2017-03-09 00:57 - 2014-02-22 21:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
    2017-03-09 00:57 - 2014-02-22 21:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
    2017-03-09 00:57 - 2014-02-22 21:49 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-03-09 00:57 - 2014-02-22 21:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2017-03-09 00:57 - 2014-02-22 21:48 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
    2017-03-09 00:57 - 2014-02-22 21:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2017-03-09 00:57 - 2014-02-22 21:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
    2017-03-09 00:57 - 2014-02-22 21:47 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2017-03-09 00:57 - 2014-02-22 21:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
    2017-03-09 00:57 - 2014-02-22 21:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll
    2017-03-09 00:57 - 2014-02-22 21:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
    2017-03-09 00:57 - 2014-02-22 21:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
    2017-03-09 00:57 - 2014-02-22 21:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
    2017-03-09 00:57 - 2014-02-22 21:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2017-03-09 00:57 - 2014-02-22 21:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
    2017-03-09 00:57 - 2014-02-22 21:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
    2017-03-09 00:57 - 2014-02-22 21:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2017-03-09 00:57 - 2014-02-22 21:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2017-03-09 00:57 - 2014-02-22 21:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-03-09 00:57 - 2014-02-22 21:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll
    2017-03-09 00:57 - 2014-02-22 21:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
    2017-03-09 00:57 - 2014-02-22 21:42 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2017-03-09 00:57 - 2014-02-22 21:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
    2017-03-09 00:57 - 2014-02-22 21:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
    2017-03-09 00:57 - 2014-02-22 21:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2017-03-09 00:57 - 2014-02-22 21:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
    2017-03-09 00:57 - 2014-02-22 21:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
    2017-03-09 00:57 - 2014-02-22 21:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
    2017-03-09 00:57 - 2014-02-22 21:38 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
    2017-03-09 00:57 - 2014-02-22 21:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
    2017-03-09 00:57 - 2014-02-22 21:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2017-03-09 00:57 - 2014-02-22 21:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
    2017-03-09 00:57 - 2014-02-22 21:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2017-03-09 00:57 - 2014-02-22 21:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
    2017-03-09 00:57 - 2014-02-22 21:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
    2017-03-09 00:57 - 2014-02-22 21:31 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2017-03-09 00:57 - 2014-02-22 21:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
    2017-03-09 00:57 - 2014-02-22 21:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
    2017-03-09 00:57 - 2014-02-22 21:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
    2017-03-09 00:57 - 2014-02-22 21:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
    2017-03-09 00:57 - 2014-02-22 21:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
    2017-03-09 00:57 - 2014-02-22 21:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2017-03-09 00:57 - 2014-02-22 21:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
    2017-03-09 00:57 - 2014-02-22 21:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
    2017-03-09 00:57 - 2014-02-22 21:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
    2017-03-09 00:57 - 2014-02-22 21:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
    2017-03-09 00:57 - 2014-02-22 21:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
    2017-03-09 00:57 - 2014-02-22 21:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
    2017-03-09 00:57 - 2014-02-22 21:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
    2017-03-09 00:57 - 2014-02-22 20:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
    2017-03-09 00:57 - 2014-02-22 17:43 - 00002440 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
    2017-03-09 00:57 - 2014-02-22 17:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2017-03-09 00:57 - 2014-02-22 17:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2017-03-09 00:57 - 2014-02-22 17:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2017-03-09 00:57 - 2014-02-22 17:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2017-03-09 00:57 - 2014-02-08 14:08 - 00100197 _____ C:\Windows\SysWOW64\RacRules.xml
    2017-03-09 00:57 - 2014-02-08 14:08 - 00100197 _____ C:\Windows\system32\RacRules.xml
    2017-03-09 00:57 - 2014-02-01 19:00 - 00011109 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00011109 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00007762 _____ C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00007762 _____ C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00007130 _____ C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00007130 _____ C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms
    2017-03-09 00:57 - 2014-02-01 19:00 - 00002255 _____ C:\Windows\SysWOW64\WimBootCompress.ini
    2017-03-09 00:57 - 2014-02-01 19:00 - 00002255 _____ C:\Windows\system32\WimBootCompress.ini
    2017-03-09 00:57 - 2014-02-01 01:09 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
    2017-03-09 00:57 - 2014-02-01 01:08 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2017-03-09 00:57 - 2014-02-01 00:59 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2017-03-09 00:57 - 2014-02-01 00:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2017-03-09 00:57 - 2014-01-31 22:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2017-03-09 00:57 - 2014-01-31 22:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2017-03-09 00:57 - 2014-01-31 22:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
    2017-03-09 00:57 - 2014-01-31 22:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
    2017-03-09 00:57 - 2014-01-31 22:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
    2017-03-09 00:57 - 2014-01-31 22:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
    2017-03-09 00:57 - 2014-01-31 22:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
    2017-03-09 00:57 - 2014-01-31 21:24 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
    2017-03-09 00:57 - 2014-01-29 21:52 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2017-03-09 00:57 - 2014-01-29 21:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2017-03-09 00:57 - 2014-01-29 13:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2017-03-09 00:57 - 2014-01-29 13:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
    2017-03-09 00:57 - 2014-01-29 13:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
    2017-03-09 00:57 - 2014-01-28 08:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-03-09 00:57 - 2014-01-28 08:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
    2017-03-09 00:57 - 2014-01-28 06:54 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2017-03-09 00:57 - 2014-01-28 06:04 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2017-03-09 00:57 - 2014-01-28 00:45 - 00050053 _____ C:\Windows\system32\srms.dat
    2017-03-09 00:57 - 2014-01-22 19:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
    2017-03-09 00:57 - 2014-01-22 18:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
    2017-03-09 00:57 - 2014-01-18 06:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
    2017-03-09 00:57 - 2014-01-18 06:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
    2017-03-09 00:57 - 2014-01-08 14:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2017-03-09 00:57 - 2014-01-08 13:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2017-03-09 00:57 - 2013-12-05 07:41 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
    2017-03-09 00:57 - 2013-12-05 04:54 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
    2017-03-09 00:57 - 2013-12-05 04:16 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
    2017-03-09 00:57 - 2013-12-05 03:19 - 00439808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
    2017-03-09 00:57 - 2013-12-05 02:53 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
    2017-03-09 00:57 - 2013-11-27 22:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
    2017-03-09 00:57 - 2013-11-27 22:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe
    2017-03-09 00:57 - 2013-11-27 22:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
    2017-03-09 00:57 - 2013-11-27 21:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
    2017-03-09 00:57 - 2013-11-11 15:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
    2017-03-09 00:57 - 2013-11-11 12:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
    2017-03-09 00:57 - 2013-11-08 18:23 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
    2017-03-09 00:57 - 2013-11-08 17:42 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
    2017-03-09 00:57 - 2013-11-08 17:04 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2017-03-09 00:57 - 2013-11-08 16:47 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2017-03-09 00:57 - 2013-11-02 00:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
    2017-03-09 00:57 - 2013-10-26 14:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
    2017-03-09 00:52 - 2014-03-20 17:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2017-03-09 00:52 - 2014-03-20 16:48 - 21232792 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2017-03-09 00:52 - 2014-03-20 16:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2017-03-09 00:52 - 2014-03-20 16:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2017-03-09 00:52 - 2014-03-20 16:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-03-09 00:52 - 2014-03-20 14:29 - 04268544 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
    2017-03-09 00:52 - 2014-03-20 14:20 - 18679216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2017-03-09 00:52 - 2014-03-20 13:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
    2017-03-09 00:52 - 2014-03-20 13:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
    2017-03-09 00:52 - 2014-03-20 12:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2017-03-09 00:52 - 2014-03-20 12:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
    2017-03-09 00:52 - 2014-03-20 12:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
    2017-03-09 00:52 - 2014-03-19 20:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-03-09 00:52 - 2014-03-19 18:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
    2017-03-09 00:52 - 2014-03-19 18:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
    2017-03-09 00:52 - 2014-03-19 18:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2017-03-09 00:52 - 2014-03-19 18:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
    2017-03-09 00:52 - 2014-03-19 18:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2017-03-09 00:52 - 2014-03-19 17:41 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
    2017-03-09 00:52 - 2014-03-19 17:17 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
    2017-03-09 00:52 - 2014-03-15 17:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2017-03-09 00:52 - 2014-03-15 17:44 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2017-03-09 00:52 - 2014-03-14 01:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
    2017-03-09 00:52 - 2014-03-13 02:45 - 00387210 _____ C:\Windows\system32\ApnDatabase.xml
    2017-03-09 00:52 - 2014-03-12 05:04 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
    2017-03-09 00:52 - 2014-03-12 04:45 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
    2017-03-09 00:52 - 2014-03-12 04:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
    2017-03-09 00:52 - 2014-03-12 04:02 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
    2017-03-09 00:52 - 2014-03-12 03:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
    2017-03-09 00:52 - 2014-03-12 03:25 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
    2017-03-09 00:52 - 2014-03-12 03:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
    2017-03-09 00:52 - 2014-03-12 03:03 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
    2017-03-09 00:52 - 2014-03-12 03:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2017-03-09 00:52 - 2014-03-12 02:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
    2017-03-09 00:52 - 2014-03-12 02:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
    2017-03-09 00:52 - 2014-03-12 01:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2017-03-09 00:52 - 2014-03-12 01:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2017-03-09 00:52 - 2014-03-09 09:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2017-03-09 00:52 - 2014-03-09 09:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2017-03-09 00:52 - 2014-03-09 09:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2017-03-09 00:52 - 2014-03-09 09:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2017-03-09 00:52 - 2014-03-09 09:35 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2017-03-09 00:52 - 2014-03-09 09:35 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2017-03-09 00:52 - 2014-03-09 04:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2017-03-09 00:52 - 2014-03-09 04:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
    2017-03-09 00:52 - 2014-03-09 00:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2017-03-09 00:52 - 2014-03-08 22:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2017-03-09 00:52 - 2014-03-08 22:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
    2017-03-09 00:52 - 2014-03-08 21:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2017-03-09 00:52 - 2014-03-08 21:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
    2017-03-09 00:52 - 2014-03-08 21:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
    2017-03-09 00:52 - 2014-03-08 21:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
    2017-03-09 00:52 - 2014-03-08 20:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2017-03-09 00:52 - 2014-03-08 20:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
    2017-03-09 00:52 - 2014-03-08 20:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
    2017-03-09 00:52 - 2014-03-08 20:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2017-03-09 00:52 - 2014-03-08 20:09 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2017-03-09 00:52 - 2014-03-08 20:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
    2017-03-09 00:52 - 2014-03-08 20:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2017-03-09 00:52 - 2014-03-08 20:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2017-03-09 00:52 - 2014-03-08 19:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2017-03-09 00:52 - 2014-03-08 19:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2017-03-09 00:52 - 2014-03-08 19:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2017-03-09 00:52 - 2014-03-08 19:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2017-03-09 00:52 - 2014-03-08 19:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
    2017-03-09 00:52 - 2014-03-08 19:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2017-03-09 00:52 - 2014-03-08 19:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
    2017-03-09 00:52 - 2014-03-08 19:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2017-03-09 00:52 - 2014-03-08 19:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2017-03-09 00:52 - 2014-03-08 19:09 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
    2017-03-09 00:52 - 2014-03-08 19:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2017-03-09 00:52 - 2014-03-08 19:02 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2017-03-09 00:52 - 2014-03-08 18:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2017-03-09 00:52 - 2014-03-08 18:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2017-03-09 00:52 - 2014-03-08 18:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
    2017-03-09 00:52 - 2014-03-07 03:35 - 01466864 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2017-03-09 00:52 - 2014-03-07 03:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2017-03-09 00:52 - 2014-03-07 03:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
    2017-03-09 00:52 - 2014-03-07 01:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
    2017-03-09 00:52 - 2014-03-07 01:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2017-03-09 00:52 - 2014-03-07 01:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2017-03-09 00:52 - 2014-03-07 01:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2017-03-09 00:52 - 2014-03-07 01:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2017-03-09 00:52 - 2014-03-07 01:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2017-03-09 00:52 - 2014-03-07 01:40 - 00492256 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
    2017-03-09 00:52 - 2014-03-07 01:40 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2017-03-09 00:52 - 2014-03-07 01:40 - 00463264 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2017-03-09 00:52 - 2014-03-07 01:40 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2017-03-09 00:52 - 2014-03-07 01:40 - 00244888 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2017-03-09 00:52 - 2014-03-07 01:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2017-03-09 00:52 - 2014-03-07 00:20 - 01200296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2017-03-09 00:52 - 2014-03-07 00:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2017-03-09 00:52 - 2014-03-07 00:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
    2017-03-09 00:52 - 2014-03-07 00:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2017-03-09 00:52 - 2014-03-07 00:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2017-03-09 00:52 - 2014-03-06 23:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2017-03-09 00:52 - 2014-03-06 23:35 - 00406512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2017-03-09 00:52 - 2014-03-06 23:35 - 00388408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2017-03-09 00:52 - 2014-03-06 23:35 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2017-03-09 00:52 - 2014-03-06 23:35 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2017-03-09 00:52 - 2014-03-06 22:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
    2017-03-09 00:52 - 2014-03-06 22:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2017-03-09 00:52 - 2014-03-06 22:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2017-03-09 00:52 - 2014-03-06 22:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
    2017-03-09 00:52 - 2014-03-06 22:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2017-03-09 00:52 - 2014-03-06 22:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2017-03-09 00:52 - 2014-03-06 22:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2017-03-09 00:52 - 2014-03-06 22:20 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
    2017-03-09 00:52 - 2014-03-06 22:20 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2017-03-09 00:52 - 2014-03-06 22:20 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2017-03-09 00:52 - 2014-03-06 22:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2017-03-09 00:52 - 2014-03-06 22:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
    2017-03-09 00:52 - 2014-03-06 22:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
    2017-03-09 00:52 - 2014-03-06 22:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2017-03-09 00:52 - 2014-03-06 22:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
    2017-03-09 00:52 - 2014-03-06 22:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
    2017-03-09 00:52 - 2014-03-06 22:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
    2017-03-09 00:52 - 2014-03-06 21:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
    2017-03-09 00:52 - 2014-03-06 21:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2017-03-09 00:52 - 2014-03-06 21:37 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2017-03-09 00:52 - 2014-03-06 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
    2017-03-09 00:52 - 2014-03-06 21:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2017-03-09 00:52 - 2014-03-06 21:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
    2017-03-09 00:52 - 2014-03-06 21:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2017-03-09 00:52 - 2014-03-06 21:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
    2017-03-09 00:52 - 2014-03-06 20:47 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2017-03-09 00:52 - 2014-03-06 20:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2017-03-09 00:52 - 2014-03-06 20:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2017-03-09 00:52 - 2014-03-06 20:22 - 16875520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2017-03-09 00:52 - 2014-03-06 20:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
    2017-03-09 00:52 - 2014-03-06 20:15 - 00667136 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
    2017-03-09 00:52 - 2014-03-06 20:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2017-03-09 00:52 - 2014-03-06 20:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2017-03-09 00:52 - 2014-03-06 19:59 - 12732416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2017-03-09 00:52 - 2014-03-06 19:57 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
    2017-03-09 00:52 - 2014-03-06 19:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2017-03-09 00:52 - 2014-03-06 19:42 - 00589824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
    2017-03-09 00:52 - 2014-03-06 19:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2017-03-09 00:52 - 2014-03-06 19:34 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2017-03-09 00:52 - 2014-03-06 19:33 - 13286400 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2017-03-09 00:52 - 2014-03-06 19:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
    2017-03-09 00:52 - 2014-03-06 19:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2017-03-09 00:52 - 2014-03-06 19:29 - 11791360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2017-03-09 00:52 - 2014-03-06 19:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
    2017-03-09 00:52 - 2014-03-06 19:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2017-03-09 00:52 - 2014-03-06 19:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
    2017-03-09 00:52 - 2014-03-06 19:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2017-03-09 00:52 - 2014-03-06 19:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
    2017-03-09 00:52 - 2014-03-06 19:21 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2017-03-09 00:52 - 2014-03-06 19:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
    2017-03-09 00:52 - 2014-03-06 19:16 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2017-03-09 00:52 - 2014-03-06 19:16 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2017-03-09 00:52 - 2014-03-06 19:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
    2017-03-09 00:52 - 2014-03-06 19:13 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2017-03-09 00:52 - 2014-03-06 19:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2017-03-09 00:52 - 2014-03-06 19:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2017-03-09 00:52 - 2014-03-06 19:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
    2017-03-09 00:52 - 2014-03-06 19:05 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2017-03-09 00:52 - 2014-03-06 19:04 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2017-03-09 00:52 - 2014-03-06 19:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
    2017-03-09 00:52 - 2014-03-06 19:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
    2017-03-09 00:52 - 2014-03-06 18:54 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2017-03-09 00:52 - 2014-03-06 18:54 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2017-03-09 00:52 - 2014-03-06 18:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
    2017-03-09 00:52 - 2014-03-06 18:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2017-03-09 00:52 - 2014-03-06 18:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2017-03-09 00:52 - 2014-03-06 18:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
    2017-03-09 00:52 - 2014-03-06 18:35 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
    2017-03-09 00:52 - 2014-03-06 18:33 - 00839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
    2017-03-09 00:52 - 2014-03-06 18:32 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
    2017-03-09 00:52 - 2014-03-06 18:28 - 08653824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
    2017-03-09 00:52 - 2014-03-06 18:27 - 05833728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
    2017-03-09 00:52 - 2014-03-06 18:21 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2017-03-09 00:52 - 2014-03-06 18:20 - 06641152 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2017-03-09 00:52 - 2014-03-05 01:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2017-03-09 00:52 - 2014-03-05 01:15 - 02519384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2017-03-09 00:52 - 2014-03-05 01:15 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2017-03-09 00:52 - 2014-03-05 01:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2017-03-09 00:52 - 2014-03-05 00:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2017-03-09 00:52 - 2014-03-05 00:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2017-03-09 00:52 - 2014-03-04 21:11 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
    2017-03-09 00:52 - 2014-03-04 20:26 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
    2017-03-09 00:52 - 2014-03-04 20:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2017-03-09 00:52 - 2014-03-04 20:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2017-03-09 00:52 - 2014-03-04 20:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
    2017-03-09 00:52 - 2014-03-04 20:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
    2017-03-09 00:52 - 2014-03-04 19:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
    2017-03-09 00:52 - 2014-03-04 19:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2017-03-09 00:52 - 2014-03-04 19:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2017-03-09 00:52 - 2014-03-04 19:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
    2017-03-09 00:52 - 2014-03-04 19:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
    2017-03-09 00:52 - 2014-03-04 19:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
    2017-03-09 00:52 - 2014-03-04 19:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
    2017-03-09 00:52 - 2014-03-04 19:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
    2017-03-09 00:52 - 2014-03-04 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
    2017-03-09 00:52 - 2014-03-04 18:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
    2017-03-09 00:52 - 2014-03-04 18:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
    2017-03-09 00:52 - 2014-02-07 11:59 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2017-03-09 00:52 - 2014-02-07 10:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
    2017-03-09 00:52 - 2013-12-24 12:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
    2017-03-09 00:52 - 2013-12-24 12:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
    2017-03-09 00:51 - 2014-03-02 23:20 - 23549952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2017-03-09 00:51 - 2014-03-02 22:33 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2017-03-09 00:51 - 2014-02-26 19:29 - 02678784 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2017-03-09 00:31 - 2017-03-09 00:31 - 00000000 ____D C:\Users\Jamie\AppData\Local\YouTubeToMp3
    2017-03-09 00:31 - 2017-03-09 00:31 - 00000000 ____D C:\Users\Jamie\AppData\Local\MediaHuman
    2017-03-09 00:31 - 2017-03-09 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
    2017-03-09 00:31 - 2017-03-09 00:31 - 00000000 ____D C:\Program Files (x86)\MediaHuman
    2017-03-08 17:17 - 2017-03-08 17:17 - 00317061 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
    2017-03-08 17:17 - 2017-03-08 17:17 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2017-03-08 17:17 - 2017-03-08 17:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
    2017-03-08 17:17 - 2017-03-08 17:17 - 00000000 ____D C:\Program Files\Realtek
    2017-03-08 17:15 - 2013-12-09 13:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2017-03-08 17:15 - 2013-12-09 12:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
    2017-03-08 17:15 - 2013-11-28 04:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2017-03-08 17:15 - 2013-11-28 04:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2017-03-08 17:15 - 2013-11-28 03:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2017-03-08 17:15 - 2013-11-28 02:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2017-03-08 17:15 - 2013-11-28 01:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
    2017-03-08 17:15 - 2013-11-27 23:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2017-03-08 17:15 - 2013-11-27 22:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2017-03-08 17:15 - 2013-11-27 22:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
    2017-03-08 17:15 - 2013-11-27 21:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
    2017-03-08 17:15 - 2013-11-25 12:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2017-03-08 17:15 - 2013-11-25 12:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2017-03-08 17:15 - 2013-11-23 20:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
    2017-03-08 17:15 - 2013-11-23 20:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
    2017-03-08 17:15 - 2013-11-23 17:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2017-03-08 17:15 - 2013-11-21 19:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
    2017-03-08 17:15 - 2013-11-16 03:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
    2017-03-08 17:15 - 2013-11-16 03:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
    2017-03-08 17:15 - 2013-11-16 03:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2017-03-08 17:15 - 2013-10-19 21:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2017-03-08 17:15 - 2013-10-19 20:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2017-03-08 17:15 - 2013-09-14 22:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
    2017-03-08 17:14 - 2017-03-08 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
    2017-03-08 17:14 - 2017-03-08 17:14 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
    2017-03-08 17:14 - 2014-10-31 11:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2017-03-08 17:14 - 2014-10-31 11:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2017-03-08 17:14 - 2013-12-09 13:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2017-03-08 17:14 - 2013-12-09 12:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2017-03-08 17:13 - 2014-01-29 19:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
    2017-03-08 17:13 - 2014-01-29 13:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
    2017-03-08 17:13 - 2014-01-28 08:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2017-03-08 17:13 - 2014-01-28 07:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2017-03-08 17:13 - 2014-01-28 06:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2017-03-08 17:13 - 2014-01-28 06:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2017-03-08 17:13 - 2014-01-18 12:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2017-03-08 17:13 - 2014-01-18 10:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2017-03-08 17:13 - 2014-01-07 18:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2017-03-08 17:13 - 2014-01-07 17:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2017-03-08 17:13 - 2014-01-05 04:54 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
    2017-03-08 17:13 - 2014-01-05 04:08 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
    2017-03-08 17:13 - 2014-01-03 12:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2017-03-08 17:13 - 2014-01-03 12:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2017-03-08 17:13 - 2014-01-01 12:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2017-03-08 17:13 - 2013-12-31 12:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
    2017-03-08 17:13 - 2013-12-31 12:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
    2017-03-08 17:13 - 2013-12-27 21:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
    2017-03-08 17:13 - 2013-12-27 20:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
    2017-03-08 17:13 - 2013-12-22 03:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2017-03-08 17:13 - 2013-12-21 21:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
    2017-03-08 17:13 - 2013-12-21 20:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
    2017-03-08 17:13 - 2013-12-17 20:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2017-03-08 17:13 - 2013-12-13 20:24 - 00121088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
    2017-03-08 17:13 - 2013-11-28 00:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
    2017-03-08 17:13 - 2013-11-23 17:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2017-03-08 17:13 - 2013-11-23 17:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2017-03-08 17:13 - 2013-11-21 19:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2017-03-08 17:13 - 2013-11-21 18:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2017-03-08 17:13 - 2013-10-24 00:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
    2017-03-08 17:13 - 2013-10-24 00:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2017-03-08 17:13 - 2013-10-24 00:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
    2017-03-08 17:13 - 2013-10-22 21:18 - 00096088 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
    2017-03-08 17:13 - 2013-10-22 16:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
    2017-03-08 17:13 - 2013-10-19 18:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2017-03-08 17:13 - 2013-10-08 18:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
    2017-03-08 17:13 - 2013-10-08 18:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
    2017-03-08 17:13 - 2013-10-08 17:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2017-03-08 17:13 - 2013-10-08 17:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
    2017-03-08 17:13 - 2013-10-06 04:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
    2017-03-08 17:13 - 2013-10-06 03:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2017-03-08 17:13 - 2013-10-06 01:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2017-03-08 17:13 - 2013-10-06 00:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2017-03-08 17:13 - 2013-10-05 22:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2017-03-08 17:13 - 2013-10-05 22:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2017-03-08 17:13 - 2013-10-05 21:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
    2017-03-08 17:13 - 2013-10-05 21:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
    2017-03-08 17:13 - 2013-10-05 21:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2017-03-08 17:13 - 2013-10-05 21:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
    2017-03-08 17:13 - 2013-10-05 21:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
    2017-03-08 17:13 - 2013-10-05 21:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
    2017-03-08 17:13 - 2013-10-05 20:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
    2017-03-08 17:13 - 2013-10-05 20:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2017-03-08 17:13 - 2013-09-17 22:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
    2017-03-08 17:13 - 2013-09-17 19:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
    2017-03-08 17:13 - 2013-09-15 03:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
    2017-03-08 17:13 - 2013-09-15 03:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2017-03-08 17:13 - 2013-09-15 01:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
    2017-03-08 17:13 - 2013-09-15 01:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
    2017-03-08 17:13 - 2013-09-14 23:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2017-03-08 17:13 - 2013-09-13 21:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
    2017-03-08 17:13 - 2013-09-13 20:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
    2017-03-08 17:13 - 2013-09-12 21:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
    2017-03-08 17:13 - 2013-09-12 21:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
    2017-03-08 17:13 - 2013-09-12 21:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
    2017-03-08 17:13 - 2013-09-12 20:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
    2017-03-08 17:13 - 2013-09-12 20:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
    2017-03-08 17:13 - 2013-09-12 20:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
    2017-03-08 17:13 - 2013-09-12 20:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
    2017-03-08 17:13 - 2013-09-12 20:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
    2017-03-08 17:13 - 2013-09-10 17:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
    2017-03-08 17:12 - 2014-01-07 20:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
    2017-03-08 17:12 - 2014-01-07 18:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
    2017-03-08 17:12 - 2013-10-17 04:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2017-03-08 17:12 - 2013-10-17 02:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2017-03-08 16:40 - 2017-03-10 12:33 - 00001537 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
    2017-03-08 16:40 - 2017-03-08 18:34 - 00000000 ____D C:\ProgramData\USBChargerPlus
    2017-03-08 16:39 - 2017-03-08 16:39 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2017-03-08 16:33 - 2017-03-08 16:33 - 00000000 ____D C:\Users\Jamie\AppData\LocalLow\Temp
    2017-03-08 16:25 - 2017-03-09 01:48 - 00000000 ____D C:\Users\Jamie\Downloads\Compressed
    2017-03-08 16:25 - 2017-03-08 16:34 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\IDM
    2017-03-08 16:25 - 2017-03-08 16:25 - 00001546 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad.lnk
    2017-03-08 16:25 - 2017-03-08 16:25 - 00000000 ____D C:\Users\Jamie\Downloads\Video
    2017-03-08 16:25 - 2017-03-08 16:25 - 00000000 ____D C:\ProgramData\IDM
    2017-03-08 16:24 - 2017-03-10 01:47 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\DMCache
    2017-03-08 16:24 - 2017-03-08 16:25 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
    2017-03-08 16:24 - 2017-03-08 16:24 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
    2017-03-08 16:24 - 2017-03-08 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
    2017-03-08 16:22 - 2016-10-28 14:22 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2017-03-08 16:17 - 2017-03-08 16:17 - 00000000 ____D C:\Users\Jamie\Documents\Tashas [bleep]ing [bleep]
    2017-03-08 16:16 - 2017-03-10 12:26 - 00000000 ____D C:\Users\Jamie\Documents\Stuff
    2017-03-08 16:16 - 2017-03-08 16:16 - 00000000 ____D C:\Users\Jamie\Documents\Notes
    2017-03-08 16:15 - 2017-03-08 16:15 - 00000000 ____D C:\Users\Jamie\Documents\Docs
    2017-03-08 16:04 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2017-03-08 16:04 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2017-03-08 16:04 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2017-03-08 16:04 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2017-03-08 16:04 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2017-03-08 16:04 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2017-03-08 16:04 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2017-03-08 16:04 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2017-03-08 16:04 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2017-03-08 16:04 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2017-03-08 16:04 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2017-03-08 16:04 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2017-03-08 16:04 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2017-03-08 16:04 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
    2017-03-08 16:04 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2017-03-08 16:04 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2017-03-08 16:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
    2017-03-08 16:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
    2017-03-08 16:03 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2017-03-08 16:03 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2017-03-08 16:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
    2017-03-08 16:03 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2017-03-08 16:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
    2017-03-08 16:03 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
    2017-03-08 16:03 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2017-03-08 16:03 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
    2017-03-08 16:03 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2017-03-08 16:03 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
    2017-03-08 16:03 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2017-03-08 16:03 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2017-03-08 16:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
    2017-03-08 16:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
    2017-03-08 16:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2017-03-08 16:03 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2017-03-08 16:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
    2017-03-08 16:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
    2017-03-08 16:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2017-03-08 16:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
    2017-03-08 16:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2017-03-08 16:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
    2017-03-08 16:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
    2017-03-08 16:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2017-03-08 16:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2017-03-08 16:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
    2017-03-08 16:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2017-03-08 16:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
    2017-03-08 16:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2017-03-08 16:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
    2017-03-08 16:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2017-03-08 16:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
    2017-03-08 16:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2017-03-08 16:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
    2017-03-08 16:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2017-03-08 16:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
    2017-03-08 16:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2017-03-08 16:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
    2017-03-08 16:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2017-03-08 16:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
    2017-03-08 16:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2017-03-08 16:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
    2017-03-08 16:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2017-03-08 16:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2017-03-08 16:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
    2017-03-08 16:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2017-03-08 16:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2017-03-08 16:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
    2017-03-08 16:03 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2017-03-08 16:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2017-03-08 16:03 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2017-03-08 16:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2017-03-08 16:03 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2017-03-08 16:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
    2017-03-08 16:03 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2017-03-08 16:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2017-03-08 16:03 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2017-03-08 16:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
    2017-03-08 16:03 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2017-03-08 16:03 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2017-03-08 16:03 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2017-03-08 16:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2017-03-08 16:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2017-03-08 16:03 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2017-03-08 16:03 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2017-03-08 16:03 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2017-03-08 16:03 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2017-03-08 16:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
    2017-03-08 16:03 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2017-03-08 16:03 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2017-03-08 16:03 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2017-03-08 16:03 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2017-03-08 16:03 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2017-03-08 16:03 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2017-03-08 16:03 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2017-03-08 16:03 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2017-03-08 16:03 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2017-03-08 16:03 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2017-03-08 16:03 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2017-03-08 16:03 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2017-03-08 16:03 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2017-03-08 16:03 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2017-03-08 16:03 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2017-03-08 16:03 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2017-03-08 16:03 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2017-03-08 16:03 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2017-03-08 16:03 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2017-03-08 16:03 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2017-03-08 16:03 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2017-03-08 16:03 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2017-03-08 16:03 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2017-03-08 16:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2017-03-08 16:03 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2017-03-08 16:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2017-03-08 16:03 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2017-03-08 16:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2017-03-08 16:03 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2017-03-08 16:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2017-03-08 16:03 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2017-03-08 16:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2017-03-08 16:00 - 2017-03-08 16:00 - 00000424 _____ C:\Users\Jamie\AppData\Local\UserProducts.xml
    2017-03-08 16:00 - 2017-03-08 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
    2017-03-08 16:00 - 2017-03-08 16:00 - 00000000 ____D C:\Program Files (x86)\Skillbrains
    2017-03-08 15:58 - 2017-03-08 15:58 - 00000000 ____D C:\Users\Jamie\Documents\Games
    2017-03-08 15:58 - 2017-03-08 15:58 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2017-03-08 15:52 - 2017-03-08 15:52 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
    2017-03-08 15:51 - 2017-03-08 15:52 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\discord
    2017-03-08 15:51 - 2017-03-08 15:51 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
    2017-03-08 15:51 - 2017-03-08 15:51 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
    2017-03-08 15:51 - 2017-03-08 15:51 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Audacity
    2017-03-08 15:51 - 2017-03-08 15:51 - 00000000 ____D C:\Users\Jamie\AppData\Local\Audacity
    2017-03-08 15:51 - 2017-03-08 15:51 - 00000000 ____D C:\Program Files (x86)\Audacity
    2017-03-08 15:50 - 2017-03-08 15:51 - 00000000 ____D C:\Users\Jamie\AppData\Local\Discord
    2017-03-08 15:49 - 2017-03-08 15:51 - 00000000 ____D C:\Users\Jamie\AppData\Local\SquirrelTemp
    2017-03-08 15:36 - 2017-03-08 15:36 - 00003538 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
    2017-03-08 15:36 - 2017-03-08 15:36 - 00000000 ____D C:\Program Files\DIFX
    2017-03-08 15:34 - 2017-03-09 11:44 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Apple Computer
    2017-03-08 15:34 - 2017-03-08 15:34 - 00003026 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
    2017-03-08 15:34 - 2017-03-08 15:34 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
    2017-03-08 15:34 - 2017-03-08 15:34 - 00000000 ____D C:\Users\Jamie\AppData\Local\Apple Computer
    2017-03-08 15:34 - 2017-03-08 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2017-03-08 15:33 - 2017-03-08 15:34 - 00000000 ____D C:\Program Files\iTunes
    2017-03-08 15:33 - 2017-03-08 15:33 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Users\Jamie\AppData\Local\Apple
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\ProgramData\Apple Computer
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Program Files\iPod
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Program Files\Common Files\Apple
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Program Files\Bonjour
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2017-03-08 15:33 - 2017-03-08 15:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2017-03-08 15:32 - 2017-03-08 15:36 - 00000000 ____D C:\Program Files (x86)\ASUS
    2017-03-08 15:32 - 2017-03-08 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
    2017-03-08 15:32 - 2017-03-08 15:33 - 00000000 ____D C:\ProgramData\Apple
    2017-03-08 15:32 - 2017-03-08 15:32 - 00003562 _____ C:\Windows\System32\Tasks\ATK Package 36D18D69AFC3
    2017-03-08 15:32 - 2017-03-08 15:32 - 00002790 _____ C:\Windows\System32\Tasks\ATK Package A22126881260
    2017-03-08 15:31 - 2017-03-08 15:31 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\NVIDIA
    2017-03-08 15:30 - 2017-03-08 15:30 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\WinRAR
    2017-03-08 14:58 - 2017-03-08 14:58 - 00000000 ____D C:\Program Files (x86)\VulkanRT
    2017-03-08 14:58 - 2017-01-26 13:13 - 00103936 _____ C:\Windows\SysWOW64\vulkaninfo.exe
    2017-03-08 14:58 - 2017-01-26 13:12 - 00326656 _____ C:\Windows\SysWOW64\vulkan-1.dll
    2017-03-08 14:58 - 2017-01-26 13:09 - 00322560 _____ C:\Windows\system32\vulkan-1.dll
    2017-03-08 14:58 - 2017-01-26 13:09 - 00118272 _____ C:\Windows\system32\vulkaninfo.exe
    2017-03-08 14:56 - 2017-02-10 13:52 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 34937280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 28212280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 19110088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 19006832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 16510160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 16398896 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 14373824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2017-03-08 14:56 - 2017-02-10 13:52 - 13377072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 11122912 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 11019704 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 09305984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 08990072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 03627064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 03583560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 03187256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 01051584 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00989120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00961080 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00912440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00611384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00500792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2017-03-08 14:56 - 2017-02-10 13:52 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
    2017-03-08 14:56 - 2017-02-10 13:52 - 00000669 _____ C:\Windows\system32\nv-vk64.json
    2017-03-08 14:49 - 2017-03-08 14:49 - 00000000 ____D C:\NVIDIA
    2017-03-08 14:47 - 2017-03-08 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
    2017-03-08 14:46 - 2017-03-08 16:41 - 00000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA Corporation
    2017-03-08 14:46 - 2017-03-08 14:47 - 00000000 ____D C:\Program Files\MPC-HC
    2017-03-08 14:46 - 2017-03-08 14:46 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:46 - 2017-03-08 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-03-08 14:46 - 2017-02-24 07:32 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2017-03-08 14:46 - 2017-02-24 07:32 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2017-03-08 14:46 - 2017-02-24 07:32 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2017-03-08 14:46 - 2017-02-24 07:32 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2017-03-08 14:46 - 2017-02-24 07:32 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2017-03-08 14:46 - 2010-05-27 08:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2017-03-08 14:45 - 2017-03-08 14:45 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:45 - 2017-03-08 14:45 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:45 - 2017-03-08 14:45 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:45 - 2017-02-24 03:30 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
    2017-03-08 14:45 - 2017-02-10 12:13 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
    2017-03-08 14:44 - 2017-03-08 14:44 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:44 - 2017-03-08 14:44 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:44 - 2017-03-08 14:44 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-03-08 14:44 - 2017-03-08 14:44 - 00000000 ____D C:\ProgramData\Package Cache
    2017-03-08 14:44 - 2017-02-24 07:32 - 00156608 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2017-03-08 14:44 - 2017-02-24 07:32 - 00124352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2017-03-08 14:44 - 2017-02-24 07:32 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
    2017-03-08 14:44 - 2017-02-24 07:32 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2017-03-08 14:39 - 2017-03-08 14:39 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2017-03-08 14:35 - 2017-03-10 12:35 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-03-08 14:35 - 2017-03-10 12:32 - 00000000 __SHD C:\Users\Jamie\IntelGraphicsProfiles
    2017-03-08 14:35 - 2017-03-08 15:30 - 00000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA
    2017-03-08 14:34 - 2014-04-16 12:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2017-03-08 14:34 - 2014-04-16 12:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2017-03-08 14:31 - 2017-03-08 14:39 - 00000000 ____D C:\Intel
    2017-03-08 14:31 - 2017-03-08 14:31 - 00000000 ____D C:\Program Files\Intel
    2017-03-08 14:31 - 2017-03-08 14:31 - 00000000 ____D C:\Program Files (x86)\Intel
    2017-03-08 14:28 - 2017-03-08 14:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-03-08 14:28 - 2017-02-10 11:57 - 07791217 _____ C:\Windows\system32\nvcoproc.bin
    2017-03-08 14:28 - 2017-02-10 11:57 - 06403640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 02477504 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2017-03-08 14:28 - 2017-02-10 11:57 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2017-03-08 14:27 - 2017-03-08 15:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-03-08 14:27 - 2017-03-08 14:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-03-08 14:27 - 2017-02-10 13:52 - 00514616 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2017-03-08 14:27 - 2017-02-10 13:52 - 00418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2017-03-08 14:26 - 2017-03-08 14:26 - 00000000 ____D C:\Users\Jamie\AppData\Local\Steam
    2017-03-08 14:26 - 2017-03-08 14:26 - 00000000 ____D C:\Users\Jamie\AppData\Local\CEF
    2017-03-08 14:23 - 2017-03-10 12:33 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-03-08 14:23 - 2017-03-08 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-03-08 14:22 - 2017-03-08 14:22 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2017-03-08 14:22 - 2017-03-08 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2017-03-08 14:22 - 2017-03-08 14:22 - 00000000 ____D C:\Program Files\WinRAR
    2017-03-08 14:21 - 2017-03-10 12:37 - 00000000 ____D C:\Users\Jamie\AppData\Local\ClassicShell
    2017-03-08 14:21 - 2017-03-08 14:21 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\ClassicShell
    2017-03-08 14:21 - 2017-03-08 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
    2017-03-08 14:20 - 2017-03-08 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2017-03-08 14:20 - 2017-03-08 14:20 - 00000000 ____D C:\Program Files\Classic Shell
    2017-03-08 14:18 - 2017-03-08 14:18 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586894515-286337750-1407449125-1001UA
    2017-03-08 14:18 - 2017-03-08 14:18 - 00003232 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-586894515-286337750-1407449125-1001Core
    2017-03-08 14:18 - 2017-03-08 14:18 - 00002439 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-03-08 14:18 - 2017-03-08 14:18 - 00002431 _____ C:\Users\Jamie\Desktop\Google Chrome.lnk
    2017-03-08 14:17 - 2017-03-10 08:34 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9FD46D13-7E8E-48E1-A1A5-33DE28EE11CD}
    2017-03-08 14:17 - 2017-03-08 15:33 - 00000000 ____D C:\Users\Jamie\AppData\Local\Google
    2017-03-08 14:12 - 2017-03-10 12:38 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-586894515-286337750-1407449125-1001
    2017-03-08 14:08 - 2017-03-08 14:08 - 00000000 ___RD C:\Users\Jamie\SkyDrive
    2017-03-08 14:07 - 2017-03-09 00:36 - 00000000 ____D C:\Users\Jamie\AppData\Local\Packages
    2017-03-08 14:07 - 2017-03-08 14:07 - 00001442 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-03-08 14:07 - 2017-03-08 14:07 - 00000000 ____D C:\Users\Jamie\AppData\Roaming\Adobe
    2017-03-08 14:07 - 2017-03-08 14:07 - 00000000 ____D C:\Users\Jamie\AppData\Local\VirtualStore
    2017-03-08 14:06 - 2017-03-09 11:44 - 00000000 ____D C:\Users\Jamie
    2017-03-08 14:06 - 2017-03-08 14:06 - 00000020 ___SH C:\Users\Jamie\ntuser.ini
    2017-03-08 14:06 - 2017-03-08 14:06 - 00000000 _SHDL C:\Users\Jamie\My Documents
    2017-03-08 14:06 - 2017-03-08 14:06 - 00000000 _SHDL C:\Users\Jamie\Documents\My Videos
    2017-03-08 14:06 - 2017-03-08 14:06 - 00000000 _SHDL C:\Users\Jamie\Documents\My Pictures
    2017-03-08 14:06 - 2017-03-08 14:06 - 00000000 _SHDL C:\Users\Jamie\Documents\My Music
    2017-03-08 14:04 - 2017-03-08 14:04 - 00000000 ____D C:\Windows\CSC
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2017-03-10 12:32 - 2013-08-23 03:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-03-10 11:57 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\Inf
    2017-03-09 21:38 - 2013-09-30 17:14 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-03-09 20:11 - 2013-08-23 02:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2017-03-09 14:49 - 2013-08-23 04:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-03-09 11:02 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\rescache
    2017-03-09 10:58 - 2013-08-23 04:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
    2017-03-09 01:49 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\Cursors
    2017-03-09 01:48 - 2013-08-23 04:20 - 00000000 ____D C:\Windows\CbsTemp
    2017-03-09 01:44 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\AppReadiness
    2017-03-09 01:29 - 2013-08-23 03:44 - 00335784 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-03-09 01:26 - 2013-08-23 04:36 - 00000000 ___RD C:\Windows\ToastData
    2017-03-09 01:26 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\setup
    2017-03-09 01:26 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\PolicyDefinitions
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\WinStore
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\migwiz
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\lv-LV
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\lt-LT
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\et-EE
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\en-GB
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\MediaViewer
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\FileManager
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\Camera
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2017-03-09 01:25 - 2013-08-23 04:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\system32\Sysprep
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\system32\oobe
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\system32\Dism
    2017-03-09 01:25 - 2013-08-23 02:36 - 00000000 ____D C:\Windows\servicing
    2017-03-09 00:40 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\NDF
    2017-03-08 17:16 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
    2017-03-08 17:16 - 2013-08-23 04:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-03-08 16:23 - 2013-08-23 02:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
    2017-03-08 14:28 - 2013-08-23 04:36 - 00000000 ____D C:\Windows\Help
    2017-02-10 13:52 - 2016-04-22 15:57 - 04064088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2017-02-10 13:52 - 2016-04-22 14:53 - 00042606 _____ C:\Windows\system32\nvinfo.pb
     
    ==================== Files in the root of some directories =======
     
    2017-03-08 16:00 - 2017-03-08 16:00 - 0000003 _____ () C:\Users\Jamie\AppData\Local\updater.log
    2017-03-08 16:00 - 2017-03-08 16:00 - 0000424 _____ () C:\Users\Jamie\AppData\Local\UserProducts.xml
    2017-03-08 17:17 - 2017-03-08 17:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
    LastRegBack: 2017-03-09 10:58
     
    ==================== End of FRST.txt ============================
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.1 (02.11.2017)
    Operating System: Windows 8.1 Pro x64 
    Ran by Jamie (Administrator) on Fri 10/03/2017 at 12:34:09.78
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    File System: 0 
     
     
     
     
    Registry: 0 
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 10/03/2017 at 12:36:14.64
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,009 posts
    • MVP
    I would uninstall Bonjour.  Your version is not happy.  You will get a new copy when you update most Apple products like iTunes and Safari.
     
    Download the attached fixlist.txt to the same location as FRST
     
    Attached File  fixlist.txt   1.7KB   23 downloads
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
     
    Are you still getting the alert?
     
     
     

    • 1

    #5
    JaayJams

    JaayJams

      New Member

    • Topic Starter
    • Member
    • Pip
    • 5 posts
    OMG it removed the alert :D !!!!! Thank you so very much <3 
     
     
     
    FIX LOG:
     
    Fix result of Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
    Ran by Jamie (12-03-2017 18:32:52) Run:1
    Running from C:\Users\Jamie\Downloads\Programs
    Loaded Profiles: Jamie (Available Profiles: Jamie)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\StartupApproved\Run: => "YkhvPack"
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [YkhvPack] => C:\Users\Jamie\AppData\Local\YkhvPack\7f5fa15c2802891dc341d97a85b5cf7c.exe
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\...\Run: [Ezltion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Jamie\AppData\Local\YkhvPack\xtsrivjr.dll <===== ATTENTION
    CHR HomePage: Default -> hxxp://search.certified-toolbar.com?si=42826&st=home&tid=3374
    S1 akixqorj; \??\C:\Windows\system32\drivers\akixqorj.sys [X]
    2017-03-09 23:17 - 2017-03-09 23:17 - 00000299 _____ C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk 
    C:\Users\Jamie\AppData\Local\YkhvPack
    C:\Windows\system32\drivers\akixqorj.sys 
    CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
    reboot:
     
     
     
    *****************
     
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\YkhvPack => value removed successfully
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\YkhvPack => value removed successfully
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YkhvPack => value not found.
    HKU\S-1-5-21-586894515-286337750-1407449125-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ezltion => value removed successfully
    Chrome HomePage => removed successfully
    HKLM\System\CurrentControlSet\Services\akixqorj => key removed successfully
    akixqorj => service removed successfully
    C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk => moved successfully
    "C:\Users\Jamie\AppData\Local\YkhvPack" => not found.
    "C:\Windows\system32\drivers\akixqorj.sys" => not found.
     
    ========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
     
    Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
     
    ========= End of CMD: =========
     
     
     
    The system needed a reboot.
     
    ==== End of Fixlog 18:33:55 ====

    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,009 posts
    • MVP

    You had an active infection that had only been partly removed by Windows Defender.  I would install the free version of Avast and let it do a boot-time scan to make sure there is nothing left that we can't see with FRST.

     

    Click on Download then choose the free version.
     
     
    Download, Save and right click and Run As Admin.
     
    Once it installs and has updated:
    Let it do a boot-time scan.  I usually let it run at night since it takes so long.  Mute your speakers so it doesn't wake you up when Windows boots.
     
    Open Avast using the shortcut on your desk or search for it if you have to.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.
     
      Reboot and let it run a scan.  It may take hours.
    Once it finishes it should load windows.   
    When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:
     
     
    Copy and paste the text from the log to a Reply when done.

    • 1

    #7
    JaayJams

    JaayJams

      New Member

    • Topic Starter
    • Member
    • Pip
    • 5 posts
    03/13/2017 10:07
    Scan of C:
     
    Scan of *STARTUP
     
    Number of searched folders: 32053
    Number of tested files: 530870
    Number of infected files: 0

    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,009 posts
    • MVP

    Looks good. 

     

    I think we can clean up now:

     

    To delete the Quarantine Folder used by FRST create a fixlist.txt file with just the following line:
     
    DeleteQuarantine:
     
    Save the fixlist.txt to the same folder as FRST then run FRST and hit Fix.  You can easily delete any other folders and logs.
     
    If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.
     
    Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
     
    Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
     
     
    If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on.  Go to adblockplus.org with each browser and get the add-on.  (It's actually a program for IE)
     
    If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
    http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
     
    If you are a Facebook user get the FB Purity extension for your browser:
    This will stop all of the suggested pages and ads so that Facebook loads much quicker.
     
     
    Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.
     
    Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
     
    CryptoPrevent
     
     
    The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.
     
    If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
     
    Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
    Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
    Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
     
     
    My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's an Orcas Island environmental organization that I volunteered with: http://www.kwiaht.org/donate.htm
    (The name means something like "clean place" in one of the local native-American dialects)
     
    Ron

    • 1

    #9
    JaayJams

    JaayJams

      New Member

    • Topic Starter
    • Member
    • Pip
    • 5 posts

    Thank you so much <3


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP