Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Event id 4797 and 4624


  • This topic is locked This topic is locked
11 replies to this topic

#1 billionick

billionick

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:31 AM

Posted 02 April 2015 - 12:43 AM

Hi, and thanks for your help, in advance.It very nice to be there.

 

 

I have a nearly brand new Msi computer with Windows 8.1

 

I had noticed wierd entries in my event viewer Security log, attempts were made to query a blank password for my accounts.  That was the initial post.  I believe this to have been resolved.  However, I would like someone to take a deeper look, because it always says guest accounts in the event with this error (invité mean guest in french).

 

I have Avast! and Comodo, and they say i am clean

---

 

No apps deleted, there is details about the event:

- System
    - Provider
      [ Name] Microsoft-Windows-Security-Auditing       [ Guid] {54849625-5478-4994-A5BA-3E3B0328C30D}
      EventID 4797       Version 0       Level 0       Task 13824       Opcode 0       Keywords 0x8020000000000000     - TimeCreated
      [ SystemTime] 2015-04-02T05:05:01.159456600Z
      EventRecordID 99545       Correlation     - Execution
      [ ProcessID] 900       [ ThreadID] 924
      Channel Security       Computer MSI       Security
- EventData
    SubjectUserSid S-1-5-19     SubjectUserName SERVICE LOCAL     SubjectDomainName AUTORITE NT     SubjectLogonId 0x3e5     Workstation MSI     TargetUserName Invité     TargetDomainName

MSI

 

 and

 

    - Provider
      [ Name] Microsoft-Windows-Security-Auditing       [ Guid] {54849625-5478-4994-A5BA-3E3B0328C30D}
      EventID 4624       Version 1       Level 0       Task 12544       Opcode 0       Keywords 0x8020000000000000     - TimeCreated
      [ SystemTime] 2015-04-02T05:17:46.776811500Z
      EventRecordID 99563       Correlation     - Execution
      [ ProcessID] 900       [ ThreadID] 1068
      Channel Security       Computer MSI       Security
- EventData
    SubjectUserSid S-1-5-18     SubjectUserName MSI$     SubjectDomainName WORKGROUP     SubjectLogonId 0x3e7     TargetUserSid S-1-5-18     TargetUserName Système     TargetDomainName AUTORITE NT     TargetLogonId 0x3e7     LogonType 5     LogonProcessName Advapi     AuthenticationPackageName Negotiate     WorkstationName       LogonGuid {00000000-0000-0000-0000-000000000000}     TransmittedServices -     LmPackageName -     KeyLength 0     ProcessId 0x37c     ProcessName C:\Windows\System32\services.exe     IpAddress -     IpPort -     ImpersonationLevel %%1833
 

 

 

Now:

 

The computer is now running okay with chrome, avast!, malwarebytes, malwarebytes anti-rootkit, comodo and CCleaner.I have used CCleaner to clean up some of the reg edits left by Spybot, which I realize now may not have been a good idea.

 

But, there are some issues: 

 

In network discovery I occasionally see unknown phones connect or computer VERY BRIEFLY to my network. I have already disable fews service for files sharing Also, the title of chrome and firefox occasionally changes to "Connecting" for no reason.  My local user "Snap-In" does not work, although it did before the system refresh.  Avast! says there is no virus

 

 

---

 

Thank you much.

 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:31 PM

Posted 07 April 2015 - 12:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/572003 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 billionick

billionick
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:31 AM

Posted 07 April 2015 - 06:23 AM

Hello, thanks there is the scan:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by john (administrator) on MSI on 07-04-2015 13:19:21
Running from C:\Users\john\Downloads
Loaded Profiles: john (Available profiles: john)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Lock My PC 4\LmpcServ.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(FSPro Labs) C:\Program Files\Lock My PC 4\lockpc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\KLM\KLM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Arcai.com) C:\Program Files (x86)\netcut\netcut.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-18] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-18] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [392592 2015-04-03] ()
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-31] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2013-04-23] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2015-03-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1564040 2013-04-22] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-31] (cyberlink)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-02-26] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-29] (Piriform Ltd)
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-25] (Valve Corporation)
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-01] (Electronic Arts)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi13.msn.com
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-02-26] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-09] (Avast Software s.r.o.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-09] (Avast Software s.r.o.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 8.20.247.20
Tcpip\..\Interfaces\{4EF38F2F-0784-408E-A81A-A8E81ED265E0}: [NameServer] 156.154.70.25,156.154.71.25
 
FireFox:
========
FF ProfilePath: C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Extension: WOT - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-09]
FF Extension: Ghostery - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\firefox@ghostery.com.xpi [2015-03-09]
FF Extension: NoScript - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-09]
FF Extension: Adblock Plus - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-09]
 
Chrome: 
=======
CHR Profile: C:\Users\john\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (WOT) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-10]
CHR Extension: (YouTube) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Adblock Plus) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-10]
CHR Extension: (Google Search) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Ghostery) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR Profile: C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (WOT) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-14]
CHR Extension: (YouTube) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Adblock Plus) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-10]
CHR Extension: (Google Search) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-03-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Ghostery) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-09]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2015-04-06] (Arcai.com) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-26] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-09] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-17] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2015-01-30] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2015-01-30] (COMODO)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-31] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-04-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2015-03-09] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2015-03-09] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2015-03-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2015-03-09] (Intel Corporation)
R2 LmpcService; C:\Program Files\Lock My PC 4\LmpcServ.exe [52592 2015-03-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-18] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-31] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-31] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-01] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-03-10] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-03-10] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-11] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-25] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3758800 2013-03-15] (Qualcomm Atheros, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-09] ()
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-26] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-20] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2015-03-09] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2015-01-30] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2015-01-30] (COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2015-03-09] (COMODO)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2015-03-09] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299664 2015-03-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-09] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-23] (RTS Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-03-09] (SlimWare Utilities, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-09] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-11] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-07 13:19 - 2015-04-07 13:19 - 00026439 _____ () C:\Users\john\Downloads\FRST.txt
2015-04-07 13:17 - 2015-04-07 13:19 - 00000000 ____D () C:\FRST
2015-04-07 13:17 - 2015-04-07 13:17 - 02095616 _____ (Farbar) C:\Users\john\Downloads\FRST64.exe
2015-04-07 04:33 - 2015-04-07 04:33 - 00000000 ____D () C:\Users\john\AppData\Roaming\StunlockStudios
2015-04-06 20:49 - 2015-04-06 20:49 - 00000022 _____ () C:\Users\john\Desktop\vv.txt
2015-04-06 20:48 - 2015-04-06 20:48 - 00000009 _____ () C:\Users\john\Desktop\lac.txt
2015-04-06 20:47 - 2015-04-06 20:47 - 00704512 _____ () C:\WINDOWS\is-NEJVK.exe
2015-04-06 20:47 - 2015-04-06 20:47 - 00389120 _____ () C:\WINDOWS\SysWOW64\actskn43.ocx
2015-04-06 20:47 - 2015-04-06 20:47 - 00001001 _____ () C:\Users\john\Desktop\netcut.lnk
2015-04-06 20:47 - 2015-04-06 20:47 - 00000046 _____ () C:\Users\john\Desktop\netcut support.url
2015-04-06 20:47 - 2015-04-06 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2015-04-06 20:47 - 2015-04-06 20:47 - 00000000 ____D () C:\Program Files (x86)\netcut
2015-04-06 20:46 - 2015-04-06 20:50 - 37682800 _____ (Agnitum, Ltd. ) C:\Users\john\Downloads\Unconfirmed 493421.crdownload
2015-04-06 20:45 - 2015-04-06 20:45 - 01748153 _____ (arcai.com ) C:\Users\john\Downloads\netcut.exe
2015-04-04 17:01 - 2015-04-04 17:54 - 00000000 ____D () C:\Users\john\.zenmap
2015-04-04 17:01 - 2015-04-04 17:01 - 00000985 _____ () C:\Users\john\Desktop\Nmap - Zenmap GUI.lnk
2015-04-04 17:01 - 2015-04-04 17:01 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2015-04-04 17:00 - 2015-04-04 17:00 - 00000000 ____D () C:\Program Files\WinPcap
2015-04-04 17:00 - 2015-04-04 17:00 - 00000000 ____D () C:\Program Files (x86)\Nmap
2015-04-04 16:59 - 2015-04-04 17:00 - 27111830 _____ (Insecure.org) C:\Users\john\Downloads\nmap-6.47-setup (1).exe
2015-04-04 16:34 - 2015-04-04 16:36 - 27111830 _____ (Insecure.org) C:\Users\john\Downloads\nmap-6.47-setup.exe
2015-04-04 15:47 - 2015-04-04 15:47 - 01168277 _____ () C:\Users\john\Downloads\TradeSkillInfo-v2.3.6.zip
2015-04-04 15:45 - 2015-04-04 15:45 - 00007039 _____ () C:\Users\john\Downloads\BulkOrder v1.171.zip
2015-04-04 15:43 - 2015-04-04 15:44 - 01070806 _____ () C:\Users\john\Downloads\MountFarmHelper-1.2.zip
2015-04-04 15:38 - 2015-04-04 15:38 - 02975191 _____ () C:\Users\john\Downloads\Carbonite-011515.zip
2015-04-04 15:35 - 2015-04-04 15:35 - 02445662 _____ () C:\Users\john\Downloads\DBM-6.1.5-r13486-Core-and-Draenor-Mods.zip
2015-04-04 15:06 - 2015-04-05 03:40 - 00000058 _____ () C:\Users\john\Documents\pas.txt
2015-04-03 22:49 - 2015-04-03 22:50 - 00000000 ____D () C:\Users\john\AppData\Roaming\uTorrent
2015-04-03 22:36 - 2015-04-03 22:36 - 01741904 _____ (BitTorrent Inc.) C:\Users\john\Downloads\uTorrent.exe
2015-04-03 17:57 - 2015-04-06 20:50 - 00000693 _____ () C:\WINDOWS\setupact.log
2015-04-03 17:57 - 2015-04-03 17:57 - 00337928 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-03 17:57 - 2015-04-03 17:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-03 17:09 - 2015-04-03 17:09 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-03 17:09 - 2015-04-03 17:09 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-03 16:53 - 2015-04-03 16:53 - 00430501 _____ () C:\Users\john\Downloads\niche_ideas.txt
2015-04-02 20:00 - 2015-04-02 20:02 - 47755504 _____ (Kingsoft Corp. Ltd.) C:\Users\john\Downloads\office_free_2013.exe
2015-04-02 17:32 - 2015-04-02 17:32 - 01116160 _____ () C:\Users\john\Downloads\param.tar
2015-04-02 17:32 - 2015-04-02 17:32 - 00319398 _____ () C:\Users\john\Downloads\TriangleAway-v3.26.apk
2015-04-02 06:01 - 2015-04-02 06:01 - 00005762 _____ () C:\Users\john\Desktop\auditpol.bak
2015-04-02 04:50 - 2015-04-02 04:54 - 34394000 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US (1).exe
2015-04-02 02:46 - 2015-04-02 02:46 - 01620280 _____ (Microsoft Corporation) C:\Users\john\Downloads\WindowsXP-KB925876-x86-ENU.exe
2015-04-02 02:42 - 2015-04-02 02:42 - 00000000 ____D () C:\Users\john\AppData\Local\Microsoft Corporation
2015-04-02 02:41 - 2015-04-02 02:41 - 00807424 _____ () C:\Users\john\Downloads\RDCMan.msi
2015-04-02 00:37 - 2015-04-02 00:37 - 00002448 _____ () C:\Users\john\Documents\cc_20150402_003724.reg
2015-04-01 20:00 - 2015-04-01 20:17 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-01 18:45 - 2015-04-01 18:45 - 01429777 _____ () C:\Users\john\Downloads\amung.us.zip
2015-04-01 14:40 - 2015-04-01 14:40 - 00000477 _____ () C:\Users\john\Desktop\old 301.txt
2015-04-01 14:12 - 2015-04-01 20:17 - 00000000 ____D () C:\Users\john\Desktop\mbar
2015-04-01 14:11 - 2015-04-01 14:11 - 16502728 _____ (Malwarebytes Corp.) C:\Users\john\Downloads\mbar-1.09.1.1004.exe
2015-04-01 14:11 - 2015-04-01 14:11 - 02208768 _____ () C:\Users\john\Downloads\adwcleaner_4.200.exe
2015-04-01 14:07 - 2015-04-01 14:09 - 34394000 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US.exe
2015-04-01 12:53 - 2015-04-07 08:34 - 00692643 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-01 02:17 - 2015-04-01 02:18 - 00000043 _____ () C:\Users\john\Documents\dees.txt
2015-03-31 19:02 - 2015-04-03 17:09 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-04-03 17:09 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-04-03 16:57 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-04-03 16:57 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-04-03 16:57 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 03320320 _____ () C:\WINDOWS\SysWOW64\SETE2E9.tmp
2015-03-31 19:01 - 2015-04-03 16:57 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:00 - 2015-04-03 16:57 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-03-31 18:05 - 2015-03-31 18:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\john\Downloads\HijackThis.exe
2015-03-31 18:05 - 2015-03-31 18:05 - 00028211 _____ () C:\Users\john\Downloads\hijackthis.log
2015-03-31 18:04 - 2015-03-31 18:04 - 01402880 _____ () C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2015-03-31 18:03 - 2015-03-31 18:03 - 00717976 _____ (Internet ) C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.exe
2015-03-30 20:28 - 2015-03-30 20:30 - 07432575 _____ () C:\Users\john\Downloads\sqlbrowser_2014_11_1256.zip
2015-03-30 19:40 - 2015-03-30 19:40 - 17334297 _____ () C:\Users\john\Downloads\usb140201.zip
2015-03-29 14:29 - 2015-03-29 14:29 - 05344528 _____ (Piriform Ltd) C:\Users\john\Downloads\ccsetup504.exe
2015-03-27 20:23 - 2015-03-27 20:23 - 00190874 _____ () C:\Users\john\Downloads\RaidChecklist-6.0.3.4.zip
2015-03-24 23:30 - 2015-03-24 23:30 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-24 23:30 - 2015-03-24 23:30 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 13:24 - 2015-03-24 13:24 - 34391223 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.5_en-US.exe
2015-03-22 05:34 - 2015-03-22 05:34 - 00000600 _____ () C:\Users\john\Downloads\MyFirstAddOn.zip
2015-03-21 20:49 - 2015-04-07 02:36 - 00002260 ____H () C:\Users\john\Documents\Default.rdp
2015-03-21 03:21 - 2015-03-21 03:23 - 00000000 ____D () C:\Users\john\AppData\Roaming\Curse Advertising
2015-03-21 03:20 - 2015-03-21 03:20 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-03-21 03:17 - 2015-03-26 15:16 - 00000000 ____D () C:\Users\john\AppData\Local\Deployment
2015-03-21 03:17 - 2015-03-21 03:17 - 00402696 _____ () C:\Users\john\Downloads\setup.exe
2015-03-21 03:17 - 2015-03-21 03:17 - 00000000 ____D () C:\Users\john\AppData\Local\Apps\2.0
2015-03-20 22:50 - 2015-04-01 00:55 - 00000000 ____D () C:\Users\john\Documents\Windows game
2015-03-20 21:48 - 2015-03-28 21:15 - 00000000 ____D () C:\Users\john\AppData\Roaming\vlc
2015-03-20 21:46 - 2015-03-20 21:46 - 00001092 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-20 21:46 - 2015-03-20 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-20 21:46 - 2015-03-20 21:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-19 16:08 - 2015-03-19 16:08 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-03-19 16:08 - 2015-03-19 16:08 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-03-18 19:05 - 2015-04-03 17:54 - 00000000 ____D () C:\Users\john\AppData\Roaming\Notepad++
2015-03-18 19:05 - 2015-03-18 19:06 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-18 19:05 - 2015-03-18 19:05 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-18 19:05 - 2015-03-18 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-17 23:09 - 2015-04-04 13:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-03-17 23:09 - 2015-04-04 13:46 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-03-17 23:06 - 2015-03-17 23:07 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-17 23:06 - 2015-03-17 23:07 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00400584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00390288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00346824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00299664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-03-17 23:06 - 2015-03-17 23:07 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-03-14 22:37 - 2015-03-14 22:37 - 00000000 ____D () C:\Users\john\Desktop\gpg4usb
2015-03-14 20:27 - 2015-03-14 20:30 - 00000600 _____ () C:\Users\john\AppData\Local\PUTTY.RND
2015-03-14 20:22 - 2015-03-29 00:21 - 00000000 ____D () C:\Users\john\AppData\Roaming\Skype
2015-03-14 20:22 - 2015-03-14 20:22 - 00000000 ____D () C:\Users\john\Tracing
2015-03-14 20:22 - 2015-03-14 20:22 - 00000000 ____D () C:\Users\john\AppData\Local\Skype
2015-03-14 20:21 - 2015-03-14 20:22 - 00000000 ____D () C:\ProgramData\Skype
2015-03-14 20:21 - 2015-03-14 20:21 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-14 20:21 - 2015-03-14 20:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-14 20:21 - 2015-03-14 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-13 16:39 - 2015-03-13 16:39 - 00000759 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2015-03-13 16:39 - 2015-03-13 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-03-12 06:18 - 2015-03-12 06:18 - 00000000 ____D () C:\Users\john\Documents\my games
2015-03-12 03:10 - 2015-03-12 03:10 - 00000017 _____ () C:\Users\john\AppData\Local\resmon.resmoncfg
2015-03-12 03:03 - 2015-03-12 03:03 - 00000000 ____D () C:\Users\john\AppData\Roaming\Comodo
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\Documents\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Roaming\WebApp
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Roaming\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Local\Cyberlink
2015-03-11 15:33 - 2015-03-11 15:33 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 15:33 - 2015-03-11 15:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 15:33 - 2015-03-11 15:33 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 15:33 - 2015-03-11 15:33 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 15:32 - 2015-03-11 15:32 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 15:32 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 15:31 - 2015-03-11 15:31 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 15:31 - 2015-03-11 15:31 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 15:31 - 2015-03-11 15:31 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 15:31 - 2015-03-11 15:31 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 15:31 - 2015-03-11 15:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-10 19:24 - 2015-03-10 19:24 - 00000000 ____D () C:\Users\john\AppData\Local\Blizzard
2015-03-10 19:16 - 2015-03-10 19:16 - 00000788 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2015-03-10 19:16 - 2015-03-10 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-03-10 18:20 - 2015-03-10 18:20 - 00000843 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2015-03-10 18:20 - 2015-03-10 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-03-10 15:18 - 2015-03-10 15:18 - 00000000 ____D () C:\Users\john\AppData\Local\Axialis
2015-03-10 15:05 - 2015-03-10 15:05 - 00000000 ____D () C:\Users\john\Desktop\Tor Browser
2015-03-10 14:57 - 2015-03-10 14:57 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-03-10 14:47 - 2015-03-10 14:47 - 00000000 ____D () C:\Users\john\AppData\Local\PunkBuster
2015-03-10 14:41 - 2015-03-10 14:42 - 00000000 ____D () C:\Users\john\Documents\Battlefield 4
2015-03-10 14:41 - 2015-03-10 14:41 - 00000000 ____D () C:\Users\john\AppData\Local\ESN
2015-03-10 13:36 - 2015-03-29 16:22 - 00000128 _____ () C:\Users\john\Documents\battle.txt
2015-03-10 12:32 - 2015-01-02 21:10 - 00002250 _____ () C:\Users\john\Desktop\Default_70.rdp
2015-03-10 07:07 - 2015-03-10 07:07 - 00000800 _____ () C:\Users\Public\Desktop\SimCity™.lnk
2015-03-10 05:51 - 2015-03-10 05:51 - 00000897 _____ () C:\Users\Public\Desktop\PVZ Garden Warfare.lnk
2015-03-10 04:29 - 2015-03-11 17:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-03-10 04:29 - 2015-03-10 04:29 - 00000726 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-03-10 04:29 - 2015-03-10 04:29 - 00000710 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-03-10 04:28 - 2015-03-11 17:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-10 04:28 - 2015-03-10 14:57 - 00226680 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-03-10 04:28 - 2015-03-10 14:47 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-03-10 04:28 - 2015-03-10 04:28 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-03-10 04:28 - 2015-03-10 04:28 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00069448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-03-10 04:28 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-03-10 04:27 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-03-10 01:53 - 2015-04-07 01:27 - 00000000 ____D () C:\Users\john\AppData\Local\Battle.net
2015-03-10 01:53 - 2015-03-13 23:09 - 00000000 ____D () C:\Users\john\AppData\Roaming\Battle.net
2015-03-10 01:53 - 2015-03-10 01:53 - 00000800 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-03-10 01:53 - 2015-03-10 01:53 - 00000000 ____D () C:\Users\john\AppData\Local\Blizzard Entertainment
2015-03-10 01:53 - 2015-03-10 01:53 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-10 01:53 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-03-10 01:50 - 2015-03-10 01:51 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-10 01:45 - 2015-03-10 01:45 - 00045888 _____ (FSPro Labs) C:\WINDOWS\system32\fsp_lmwl.dll
2015-03-10 01:45 - 2015-03-10 01:45 - 00015800 _____ (FSPro Labs) C:\WINDOWS\system32\Drivers\lmpc4.sys
2015-03-10 01:45 - 2015-03-10 01:45 - 00000000 ____D () C:\Program Files\Lock My PC 4
2015-03-10 01:45 - 2015-03-09 20:00 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lock My PC 4
2015-03-10 00:13 - 2015-04-03 19:19 - 00002211 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 00:13 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-10 00:12 - 2015-04-07 13:17 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-10 00:12 - 2015-04-07 00:17 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-10 00:12 - 2015-03-10 00:13 - 00000000 ____D () C:\Users\john\AppData\Local\Google
2015-03-10 00:12 - 2015-03-10 00:13 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-10 00:12 - 2015-03-10 00:12 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-10 00:12 - 2015-03-10 00:12 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-09 22:46 - 2015-03-09 22:46 - 00000000 ____D () C:\Users\john\AppData\Local\Creative
2015-03-09 22:32 - 2015-03-09 22:32 - 00000118 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-09 22:29 - 2015-03-09 22:29 - 00001077 _____ () C:\Users\Public\Desktop\FileASSASSIN.lnk
2015-03-09 22:29 - 2015-03-09 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-03-09 22:29 - 2015-03-09 22:29 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-03-09 22:21 - 2015-03-09 22:21 - 00000000 ____D () C:\Users\john\AppData\Roaming\AVAST Software
2015-03-09 22:19 - 2015-03-09 22:19 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-09 22:19 - 2015-03-09 22:19 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-09 22:19 - 2015-03-09 22:19 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-09 22:19 - 2015-03-09 22:19 - 00001932 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-09 22:19 - 2015-03-09 21:57 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-09 22:19 - 2015-03-09 20:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-03-09 22:19 - 2015-03-09 20:00 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-03-09 22:19 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-09 22:15 - 2015-03-09 22:15 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-09 22:14 - 2015-03-09 22:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-09 21:59 - 2015-03-09 21:59 - 00012164 _____ () C:\Users\john\Documents\cc_20150309_215908.reg
2015-03-09 21:48 - 2015-04-03 17:57 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-03-09 21:44 - 2015-03-09 20:20 - 00000000 ____D () C:\Users\john\AppData\Local\CrashDumps
2015-03-09 21:42 - 2015-03-09 21:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-09 21:42 - 2015-03-09 21:42 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-09 21:35 - 2015-03-09 21:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-03-09 21:20 - 2015-03-11 17:43 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-09 21:07 - 2015-03-09 21:07 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-03-09 21:07 - 2015-03-09 21:07 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-03-09 21:07 - 2015-03-09 21:07 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-03-09 21:07 - 2015-03-09 21:07 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-03-09 21:07 - 2015-03-09 21:07 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-03-09 21:07 - 2015-03-09 21:07 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-03-09 21:07 - 2015-03-09 21:07 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-03-09 21:07 - 2015-03-09 21:07 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-03-09 20:57 - 2015-03-24 23:31 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-09 20:51 - 2015-01-29 09:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-03-09 20:41 - 2015-03-09 20:41 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-03-09 20:41 - 2015-03-09 20:41 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-03-09 20:38 - 2015-03-09 20:38 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-09 20:38 - 2015-03-09 20:38 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-09 20:36 - 2015-03-09 20:36 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-09 20:36 - 2015-03-09 20:36 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-09 20:36 - 2015-03-09 20:36 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-09 20:36 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-09 20:36 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-09 20:35 - 2015-03-09 20:35 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-09 20:35 - 2015-03-09 20:35 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-09 20:35 - 2015-03-09 20:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-09 20:35 - 2015-03-09 20:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-09 20:35 - 2015-03-09 20:35 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-09 20:35 - 2015-03-09 20:35 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-09 20:35 - 2015-03-09 20:35 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-09 20:35 - 2015-03-09 20:35 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-09 20:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-09 20:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-09 20:34 - 2015-03-09 20:34 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-03-09 20:34 - 2015-03-09 20:34 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-09 20:34 - 2015-03-09 20:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-09 20:34 - 2015-03-09 20:34 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-09 20:33 - 2015-03-09 20:33 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-09 20:33 - 2015-03-09 20:33 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-09 20:33 - 2015-03-09 20:33 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-09 20:33 - 2015-03-09 20:33 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-09 20:29 - 2015-03-09 20:29 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-09 20:29 - 2015-03-09 20:29 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-09 20:28 - 2015-03-09 20:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-09 20:28 - 2015-03-09 20:28 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-09 20:20 - 2015-03-09 20:21 - 00041396 _____ () C:\Users\john\Documents\cc_20150309_202058.reg
2015-03-09 20:12 - 2015-03-09 20:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-09 20:11 - 2015-03-09 20:11 - 00001468 _____ () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 20:11 - 2015-03-09 20:11 - 00000020 ___SH () C:\Users\john\ntuser.ini
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Modèles
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Mes vidéos
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Mes images
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default User\Documents\Ma musique
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historique
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\ProgramData\Modèles
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\ProgramData\Bureau
2015-03-09 20:11 - 2015-03-09 20:11 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2015-03-09 20:08 - 2015-03-09 20:08 - 00023108 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-09 20:02 - 2015-03-09 20:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-09 20:02 - 2015-03-09 20:02 - 00000000 ____D () C:\Program Files\Realtek
2015-03-09 20:02 - 2015-03-09 18:22 - 03956056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-03-09 20:02 - 2015-03-09 18:22 - 02834648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 02800344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 01999640 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-03-09 20:02 - 2015-03-09 18:22 - 01728280 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 01022168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00948952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00397592 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-03-09 20:02 - 2015-03-09 18:22 - 00032344 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\MBfilt64.sys
2015-03-09 20:02 - 2015-03-09 18:22 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-03-09 20:02 - 2000-01-01 01:00 - 01057494 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-03-09 20:01 - 2015-03-09 20:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2015-03-09 19:59 - 2015-03-09 19:59 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-09 19:51 - 2015-03-09 19:51 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-09 19:50 - 2015-04-04 17:01 - 00000000 ____D () C:\Users\john
2015-03-09 19:50 - 2015-03-09 19:51 - 00000000 ___RD () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Voisinage réseau
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Voisinage d'impression
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Modèles
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Menu Démarrer
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Documents\Mes vidéos
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Documents\Mes images
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\Documents\Ma musique
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2015-03-09 19:50 - 2015-03-09 19:50 - 00000000 _SHDL () C:\Users\john\AppData\Local\Historique
2015-03-09 19:50 - 2014-11-21 06:56 - 00000000 ___RD () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-09 19:50 - 2014-11-21 06:56 - 00000000 ___RD () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-09 19:50 - 2014-11-20 23:55 - 00000369 _____ () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-09 19:50 - 2014-11-20 23:55 - 00000369 _____ () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-09 19:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-09 19:48 - 2015-03-09 20:11 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-03-09 19:48 - 2015-03-09 20:11 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-03-09 19:44 - 2015-03-17 23:09 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-03-09 19:44 - 2015-03-17 23:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-09 19:44 - 2015-03-13 17:16 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-09 19:44 - 2015-03-11 14:10 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-03-09 19:44 - 2015-03-09 19:44 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-09 19:44 - 2015-03-09 19:44 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-09 19:43 - 2015-03-17 23:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-09 19:43 - 2015-03-09 19:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-09 19:43 - 2015-03-09 19:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-09 19:42 - 2015-04-03 16:57 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-03-09 19:42 - 2015-04-03 16:57 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-03-09 19:42 - 2015-03-09 19:55 - 00000000 ____D () C:\Program Files\Intel
2015-03-09 19:42 - 2015-03-09 19:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-09 19:41 - 2015-03-09 19:41 - 00000000 __SHD () C:\Recovery
2015-03-09 19:38 - 2015-03-09 19:38 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-09 19:32 - 2015-03-09 19:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-03-09 19:32 - 2015-03-09 19:32 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-09 19:32 - 2015-03-09 19:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-09 19:32 - 2015-03-09 19:32 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-09 19:32 - 2015-03-09 19:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-09 19:31 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-09 19:31 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-09 19:31 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-09 19:31 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-09 18:40 - 2015-03-09 18:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-03-09 18:28 - 2015-03-09 18:28 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-03-09 18:28 - 2015-03-09 18:28 - 00100312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2015-03-09 18:17 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-09 18:17 - 2015-03-09 18:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-09 18:17 - 2015-03-09 18:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-09 18:12 - 2015-03-09 18:12 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-03-09 18:09 - 2015-03-09 18:09 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2015-03-09 18:09 - 2015-03-09 18:09 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-03-09 18:09 - 2015-03-09 18:09 - 00000000 ____D () C:\Users\john\AppData\Local\SlimWare Utilities Inc
2015-03-09 18:05 - 2015-03-09 18:05 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-09 03:47 - 2015-03-09 20:00 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
2015-03-09 03:27 - 2003-06-12 23:25 - 00007062 _____ () C:\WINDOWS\SysWOW64\audiopid.vxd
2015-03-09 03:24 - 2015-03-10 14:41 - 00000000 ____D () C:\Users\john\AppData\Local\Origin
2015-03-09 03:24 - 2015-03-09 21:35 - 00000000 ____D () C:\Users\john\AppData\Roaming\Origin
2015-03-09 03:21 - 2015-04-02 06:04 - 00000000 ____D () C:\ProgramData\Origin
2015-03-09 03:21 - 2015-04-01 22:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-09 03:21 - 2015-03-10 14:41 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-03-09 03:21 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-03-09 03:21 - 2015-03-09 03:21 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-03-09 03:19 - 2015-03-09 03:19 - 00032848 _____ () C:\Users\john\Documents\cc_20150309_031943.reg
2015-03-09 03:08 - 2015-03-09 03:08 - 00000000 ____D () C:\Users\john\AppData\Roaming\WinRAR
2015-03-09 03:07 - 2015-03-09 20:00 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-09 03:07 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-09 03:07 - 2015-03-09 03:07 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-03-09 02:57 - 2015-03-09 02:57 - 00000000 ____D () C:\Users\john\AppData\Local\Steam
2015-03-09 02:52 - 2015-03-09 02:52 - 00295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-03-09 02:50 - 2015-04-07 04:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-09 02:50 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-09 02:50 - 2015-03-09 02:50 - 00000973 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-03-09 02:49 - 2015-03-09 02:49 - 00000000 ___RD () C:\Users\john\SkyDrive
2015-03-09 02:38 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-03-09 02:38 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-03-09 02:30 - 2015-03-09 02:30 - 00000000 ____D () C:\Users\john\AppData\Local\Macromedia
2015-03-09 02:17 - 2015-03-17 23:07 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-03-09 02:17 - 2015-03-17 23:07 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-03-09 02:17 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-09 02:17 - 2015-03-09 02:17 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434752.dll
2015-03-09 02:17 - 2015-03-09 02:17 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434752.dll
2015-03-09 02:16 - 2015-04-07 12:26 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-09 02:16 - 2015-03-14 20:32 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-09 02:15 - 2015-03-09 02:16 - 00000000 ____D () C:\Users\john\AppData\Local\Adobe
2015-03-09 02:11 - 2015-03-31 14:59 - 00001403 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-09 02:11 - 2015-03-28 04:44 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-03-09 02:11 - 2015-03-28 04:44 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-03-09 02:11 - 2015-03-28 04:43 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-03-09 02:11 - 2015-03-28 04:43 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-03-09 02:11 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-09 02:11 - 2015-03-09 02:11 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-03-09 02:11 - 2015-03-09 02:11 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-03-09 02:11 - 2015-03-09 02:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-03-09 02:11 - 2015-03-09 02:11 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-03-09 02:11 - 2015-03-09 02:11 - 00000000 ____D () C:\Users\john\AppData\Local\NVIDIA Corporation
2015-03-09 02:11 - 2015-03-09 02:11 - 00000000 ____D () C:\Users\john\AppData\Local\NVIDIA
2015-03-09 02:10 - 2015-03-09 02:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-09 02:09 - 2015-03-09 02:10 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-03-09 02:09 - 2015-03-09 02:10 - 00035472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-03-09 02:09 - 2015-03-09 02:10 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-03-09 01:57 - 2015-04-03 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-03-09 01:57 - 2015-03-09 01:57 - 00001870 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-03-09 01:57 - 2015-03-09 01:57 - 00000000 ____D () C:\Users\john\AppData\Local\Comodo
2015-03-09 01:57 - 2015-03-09 01:57 - 00000000 ____D () C:\ProgramData\Shared Space
2015-03-09 01:57 - 2015-03-09 01:57 - 00000000 ____D () C:\Program Files\COMODO
2015-03-09 01:56 - 2015-03-12 03:03 - 00000000 ____D () C:\ProgramData\Comodo
2015-03-09 01:56 - 2015-03-09 01:56 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-03-09 01:36 - 2015-03-09 01:36 - 00000000 _____ () C:\Users\john\agent.log
2015-03-09 01:35 - 2015-04-07 04:30 - 00000000 ____D () C:\Users\john\AppData\Roaming\ClassicShell
2015-03-09 01:35 - 2015-04-01 14:12 - 00000000 ____D () C:\AdwCleaner
2015-03-09 01:35 - 2015-03-16 03:14 - 00000000 ____D () C:\ProgramData\ClassicShell
2015-03-09 01:35 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-03-09 01:35 - 2015-03-09 01:35 - 00000000 ____D () C:\Program Files\Classic Shell
2015-03-09 01:28 - 2015-03-29 14:56 - 00000844 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-09 01:28 - 2015-03-29 14:56 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-09 01:28 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-09 01:28 - 2015-03-09 01:28 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-03-09 01:20 - 2015-04-07 12:32 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 01:20 - 2015-04-01 20:00 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-09 01:20 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-09 01:20 - 2015-03-09 01:20 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-09 01:20 - 2015-03-09 01:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-09 01:20 - 2015-03-09 01:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-09 01:20 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-09 01:20 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-09 01:17 - 2015-03-09 01:17 - 00000000 ____D () C:\Users\john\AppData\Local\Intel_Corporation
2015-03-09 01:15 - 2015-04-06 21:48 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1802870966-341709537-1984002351-1002
2015-03-09 01:15 - 2015-03-26 14:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-09 01:15 - 2015-03-09 01:15 - 00001169 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-09 01:15 - 2015-03-09 01:15 - 00001157 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-09 01:15 - 2015-03-09 01:15 - 00000000 ____D () C:\Users\john\AppData\Roaming\Mozilla
2015-03-09 01:15 - 2015-03-09 01:15 - 00000000 ____D () C:\Users\john\AppData\Local\Mozilla
2015-03-09 01:15 - 2015-03-09 01:15 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-09 01:15 - 2015-03-09 01:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-09 01:13 - 2015-03-09 01:13 - 00000000 ____D () C:\Users\john\AppData\Roaming\Macromedia
2015-03-09 01:12 - 2015-03-09 01:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Anti-Theft
2015-03-09 01:05 - 2015-03-09 01:05 - 00000000 ____D () C:\Users\john\AppData\Roaming\Intel Corporation
2015-03-09 01:04 - 2015-03-09 02:17 - 00000000 ____D () C:\Users\john\Documents\Bluetooth Folder
2015-03-09 01:04 - 2015-03-09 01:04 - 00000000 ____D () C:\Users\john\AppData\Roaming\Atheros
2015-03-09 01:04 - 2015-03-09 01:04 - 00000000 ____D () C:\Users\john\AppData\Roaming\Adobe
2015-03-09 01:04 - 2015-03-09 01:04 - 00000000 ____D () C:\Users\john\AppData\Local\MSI
2015-03-09 01:04 - 2015-03-09 01:04 - 00000000 ____D () C:\Users\john\AppData\Local\Micro-Star_International_
2015-03-09 01:04 - 2015-03-09 01:04 - 00000000 ____D () C:\Users\john\AppData\Local\BMExplorer
2015-03-09 01:03 - 2015-03-31 18:05 - 00000000 ____D () C:\Users\john\AppData\Local\VirtualStore
2015-03-09 01:03 - 2015-03-09 20:14 - 00000000 ____D () C:\Users\john\AppData\Local\Packages
2015-03-09 01:03 - 2015-03-09 01:03 - 00000000 ____D () C:\Users\john\AppData\Roaming\Synaptics
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-07 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-06 20:58 - 2014-11-20 23:46 - 01830274 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-06 20:58 - 2014-11-20 23:03 - 00814880 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-04-06 20:58 - 2014-11-20 23:03 - 00160956 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-04-06 20:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-06 20:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-04 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-03 17:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-03 17:09 - 2014-09-19 03:07 - 00042288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys
2015-04-03 17:09 - 2014-09-19 03:07 - 00030512 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys
2015-04-03 17:09 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-03 16:57 - 2014-10-03 17:36 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-04-03 16:57 - 2014-10-03 17:36 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-03-24 23:31 - 2014-11-21 06:55 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-12 03:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-12 02:28 - 2013-04-24 11:47 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 15:32 - 2014-11-21 07:02 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-11 15:32 - 2014-11-21 07:02 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-09 21:51 - 2013-04-24 10:19 - 00000000 ____D () C:\Intel
2015-03-09 21:43 - 2014-10-03 17:36 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3960.dll
2015-03-09 21:43 - 2014-10-03 17:36 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2015-03-09 21:23 - 2013-04-24 10:31 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-03-09 21:20 - 2013-02-22 13:22 - 00000000 ____D () C:\WINDOWS\system32\Drivers\tr-TR
2015-03-09 21:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-09 21:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-03-09 21:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-03-09 21:07 - 2015-03-04 23:28 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2015-03-09 21:07 - 2015-03-04 23:28 - 00182784 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2015-03-09 21:07 - 2015-03-04 23:28 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\WINDOWS\system32\btcoinst.dll
2015-03-09 21:07 - 2014-11-20 23:42 - 02472960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-03-09 21:07 - 2013-04-24 10:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-03-09 20:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-03-09 20:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-03-09 20:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-09 20:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-09 20:15 - 2015-01-30 12:28 - 00126208 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2015-03-09 20:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-09 20:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-09 20:11 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-03-09 20:06 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-09 20:05 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-09 20:03 - 2013-04-24 10:29 - 01851286 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-03-09 20:03 - 2013-04-24 10:29 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-09 20:02 - 2013-04-24 10:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-09 20:00 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-09 20:00 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-09 20:00 - 2013-04-24 11:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-03-09 20:00 - 2013-04-24 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-03-09 20:00 - 2013-04-24 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-03-09 20:00 - 2013-04-24 10:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-03-09 19:59 - 2014-11-20 23:02 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\uk-UA
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\tr-TR
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sl-SI
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sk-SK
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ro-RO
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lv-LV
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\lt-LT
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\hr-HR
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\he-IL
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\et-EE
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\bg-BG
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2015-03-09 19:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2015-03-09 19:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-09 19:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-03-09 19:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-03-09 19:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-09 19:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-03-09 19:59 - 2013-04-24 10:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-03-09 19:59 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-03-09 19:57 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-09 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2015-03-09 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-09 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-09 19:55 - 2014-11-20 23:27 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-09 19:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-09 19:55 - 2013-04-24 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2015-03-09 19:55 - 2013-02-22 08:10 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-09 19:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-09 19:39 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-09 18:48 - 2013-02-22 13:27 - 00703484 _____ () C:\WINDOWS\system32\perfh01F.dat
2015-03-09 18:48 - 2013-02-22 13:27 - 00147116 _____ () C:\WINDOWS\system32\perfc01F.dat
2015-03-09 18:48 - 2013-02-22 13:14 - 00713560 _____ () C:\WINDOWS\system32\perfh01D.dat
2015-03-09 18:48 - 2013-02-22 13:14 - 00149444 _____ () C:\WINDOWS\system32\perfc01D.dat
2015-03-09 18:48 - 2013-02-22 12:32 - 00769726 _____ () C:\WINDOWS\system32\perfh019.dat
2015-03-09 18:48 - 2013-02-22 12:32 - 00158362 _____ () C:\WINDOWS\system32\perfc019.dat
2015-03-09 18:48 - 2013-02-22 12:10 - 00777732 _____ () C:\WINDOWS\system32\prfh0816.dat
2015-03-09 18:48 - 2013-02-22 12:10 - 00160510 _____ () C:\WINDOWS\system32\prfc0816.dat
2015-03-09 18:48 - 2013-02-22 11:57 - 00763854 _____ () C:\WINDOWS\system32\prfh0416.dat
2015-03-09 18:48 - 2013-02-22 11:57 - 00155144 _____ () C:\WINDOWS\system32\prfc0416.dat
2015-03-09 18:48 - 2013-02-22 11:45 - 00786784 _____ () C:\WINDOWS\system32\perfh015.dat
2015-03-09 18:48 - 2013-02-22 11:45 - 00159932 _____ () C:\WINDOWS\system32\perfc015.dat
2015-03-09 18:48 - 2013-02-22 11:34 - 00786588 _____ () C:\WINDOWS\system32\perfh013.dat
2015-03-09 18:48 - 2013-02-22 11:34 - 00159122 _____ () C:\WINDOWS\system32\perfc013.dat
2015-03-09 18:48 - 2013-02-22 11:21 - 00441800 _____ () C:\WINDOWS\system32\perfh014.dat
2015-03-09 18:48 - 2013-02-22 11:21 - 00077450 _____ () C:\WINDOWS\system32\perfc014.dat
2015-03-09 18:48 - 2013-02-22 10:56 - 00782014 _____ () C:\WINDOWS\system32\perfh010.dat
2015-03-09 18:48 - 2013-02-22 10:56 - 00153144 _____ () C:\WINDOWS\system32\perfc010.dat
2015-03-09 18:48 - 2013-02-22 10:44 - 00731582 _____ () C:\WINDOWS\system32\perfh00E.dat
2015-03-09 18:48 - 2013-02-22 10:44 - 00174554 _____ () C:\WINDOWS\system32\perfc00E.dat
2015-03-09 18:48 - 2013-02-22 10:27 - 00409156 _____ () C:\WINDOWS\system32\perfh00D.dat
2015-03-09 18:48 - 2013-02-22 10:27 - 00065162 _____ () C:\WINDOWS\system32\perfc00D.dat
2015-03-09 18:48 - 2013-02-22 10:08 - 00427352 _____ () C:\WINDOWS\system32\perfh00B.dat
2015-03-09 18:48 - 2013-02-22 10:08 - 00081986 _____ () C:\WINDOWS\system32\perfc00B.dat
2015-03-09 18:48 - 2013-02-22 09:53 - 00788984 _____ () C:\WINDOWS\system32\perfh00A.dat
2015-03-09 18:48 - 2013-02-22 09:53 - 00162890 _____ () C:\WINDOWS\system32\perfc00A.dat
2015-03-09 18:48 - 2013-02-22 09:42 - 00542830 _____ () C:\WINDOWS\system32\perfh008.dat
2015-03-09 18:48 - 2013-02-22 09:42 - 00089394 _____ () C:\WINDOWS\system32\perfc008.dat
2015-03-09 18:48 - 2013-02-22 09:34 - 00742838 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-09 18:48 - 2013-02-22 09:34 - 00155896 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-09 18:48 - 2013-02-22 09:23 - 00456714 _____ () C:\WINDOWS\system32\perfh006.dat
2015-03-09 18:48 - 2013-02-22 09:23 - 00079958 _____ () C:\WINDOWS\system32\perfc006.dat
2015-03-09 18:48 - 2013-02-22 09:15 - 00719336 _____ () C:\WINDOWS\system32\perfh005.dat
2015-03-09 18:48 - 2013-02-22 09:15 - 00148412 _____ () C:\WINDOWS\system32\perfc005.dat
2015-03-09 18:29 - 2013-04-24 10:28 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-03-09 18:29 - 2013-04-24 10:28 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-03-09 18:24 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-03-09 18:22 - 2013-04-24 10:29 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-09 03:26 - 2013-04-24 10:44 - 00000000 ____D () C:\ProgramData\Creative
2015-03-09 03:26 - 2013-04-24 10:42 - 00000000 ____D () C:\Program Files (x86)\MSI
2015-03-09 02:00 - 2014-06-26 06:33 - 00040224 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\CFRMD.sys
2015-03-09 01:29 - 2013-02-22 12:57 - 00000000 ____D () C:\WINDOWS\sr-Latn-CS
2015-03-09 01:12 - 2013-02-22 08:24 - 00000000 ____D () C:\ProgramData\Norton
2015-03-09 01:09 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-09 01:07 - 2013-02-22 08:31 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-09 01:04 - 2013-04-24 10:35 - 00000000 ____D () C:\ProgramData\Atheros
 
==================== Files in the root of some directories =======
 
2015-03-14 20:27 - 2015-03-14 20:30 - 0000600 _____ () C:\Users\john\AppData\Local\PUTTY.RND
2015-03-12 03:10 - 2015-03-12 03:10 - 0000017 _____ () C:\Users\john\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-07 05:14
 
==================== End Of Log ============================


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 09 April 2015 - 08:35 AM

Greetings billionick and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please rerun FRST making sure to check Addition.txt and post both logs. Let me know what your current symptoms are.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 billionick

billionick
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:31 AM

Posted 09 April 2015 - 09:26 AM

Hello, thanks you for the reply. My computer is a little slow and i keep getting that kind of event : windows security event: 4624 and 4672 with succes login.

 

In network discovery I occasionally see unknown  phones connect or computer VERY BRIEFLY to my network. I have already disable fews service for files sharing Also, the title of chrome and firefox occasionally changes to "Connecting" for no reason.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by john (administrator) on MSI on 09-04-2015 16:15:17
Running from C:\Users\john\Downloads
Loaded Profiles: john (Available profiles: john)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Lock My PC 4\LmpcServ.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(FSPro Labs) C:\Program Files\Lock My PC 4\lockpc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dropbox, Inc.) C:\Users\john\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Arcai.com) C:\Program Files (x86)\netcut\netcut.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\john\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Farbar) C:\Users\john\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-18] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407968 2013-04-18] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [392592 2015-04-03] ()
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-31] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2013-04-23] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2015-03-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1564040 2013-04-22] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-31] (cyberlink)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-02-26] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-29] (Piriform Ltd)
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-25] (Valve Corporation)
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-01] (Electronic Arts)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\john\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PureVPN.lnk
ShortcutTarget: PureVPN.lnk -> C:\Program Files (x86)\PureVPN\purevpn.exe (PureVPN)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> DefaultScope {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-02-26] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-09] (Avast Software s.r.o.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-09] (Avast Software s.r.o.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 8.26.56.26 8.20.247.20
Tcpip\..\Interfaces\{4EF38F2F-0784-408E-A81A-A8E81ED265E0}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{974F0231-A7AF-42AA-B01E-DE6FC1C9272B}: [NameServer] 8.8.8.8,208.67.222.222
 
FireFox:
========
FF ProfilePath: C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Extension: WOT - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-09]
FF Extension: Ghostery - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\firefox@ghostery.com.xpi [2015-03-09]
FF Extension: NoScript - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-09]
FF Extension: Adblock Plus - C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\hls6fapi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-09]
 
Chrome: 
=======
CHR Profile: C:\Users\john\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\john\AppData\Local\Google\Chrome\User Data\default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2015-04-08]
CHR Profile: C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (WOT) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-14]
CHR Extension: (YouTube) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Adblock Plus) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-10]
CHR Extension: (Google Search) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-03-09]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2015-04-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Ghostery) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\john\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKU\S-1-5-21-1802870966-341709537-1984002351-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\john\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-09]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2015-04-06] (Arcai.com) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-26] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-09] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-17] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-31] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-04-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2015-03-09] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2015-03-09] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2015-03-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2015-03-09] (Intel Corporation)
R2 LmpcService; C:\Program Files\Lock My PC 4\LmpcServ.exe [52592 2015-03-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-18] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-31] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-31] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [32568 2015-04-07] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-01] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-03-10] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-03-10] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-11] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-25] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3758800 2013-03-15] (Qualcomm Atheros, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-09] ()
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-26] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-20] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2015-03-09] (Windows ® Win 7 DDK provider)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2015-03-09] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299664 2015-03-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-09] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-23] (RTS Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-03-09] (SlimWare Utilities, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-09] (Avast Software)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-11] (Microsoft Corporation)
U4 CmdAgent; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 16:14 - 2015-04-09 16:14 - 02095616 _____ (Farbar) C:\Users\john\Downloads\FRST64 (1).exe
2015-04-09 16:13 - 2015-04-09 16:13 - 02095616 _____ (Farbar) C:\Users\john\Downloads\FRST64.exe
2015-04-09 03:14 - 2015-04-09 14:11 - 00000000 ___RD () C:\Users\john\Dropbox
2015-04-09 03:14 - 2015-04-09 03:14 - 00001144 _____ () C:\Users\john\Desktop\Dropbox.lnk
2015-04-09 03:13 - 2015-04-09 03:13 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 03:06 - 2015-04-09 14:11 - 00000000 ____D () C:\Users\john\AppData\Roaming\Dropbox
2015-04-09 03:06 - 2015-04-09 03:06 - 00356232 _____ (Dropbox, Inc.) C:\Users\john\Downloads\DropboxInstaller.exe
2015-04-09 00:47 - 2015-04-09 00:47 - 00000000 ____D () C:\Users\john\Downloads\backups
2015-04-08 21:57 - 2015-04-08 21:58 - 00431395 _____ () C:\WINDOWS\system32\Drivers\vsconfig.xml
2015-04-08 21:57 - 2015-04-08 21:57 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\john\Downloads\zafwSetupWeb_133_209_000 (2).exe
2015-04-08 21:57 - 2015-04-08 21:57 - 00000778 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2015-04-08 21:57 - 2015-04-08 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-04-08 21:51 - 2015-04-08 21:57 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2015-04-08 21:51 - 2015-04-08 21:51 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\john\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-04-08 21:51 - 2015-04-08 21:51 - 00000000 ____D () C:\Users\john\AppData\Roaming\Check Point Software Technologies LTD
2015-04-08 21:51 - 2015-04-08 21:51 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2015-04-08 21:50 - 2015-04-08 21:50 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-04-08 21:49 - 2015-04-08 21:50 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\john\Downloads\zafwSetupWeb_133_209_000.exe
2015-04-08 21:44 - 2015-04-08 21:44 - 00029244 _____ () C:\Users\john\Documents\CisReport_x64_v8.1.0.4426_20150408-214449.zip
2015-04-08 21:44 - 2015-04-08 21:44 - 00028807 _____ () C:\Users\john\Documents\CisReport_x64_v8.1.0.4426_20150408-214415.zip
2015-04-08 21:44 - 2015-04-08 21:44 - 00000355 _____ () C:\Users\john\Documents\Favoris - Raccourci.lnk
2015-04-08 20:26 - 2015-04-08 20:05 - 382167403 _____ () C:\Users\john\Downloads\Echantillon images.zip
2015-04-08 20:25 - 2015-04-08 20:05 - 382167403 _____ () C:\Echantillon images.zip
2015-04-08 20:24 - 2015-04-08 20:05 - 382167403 _____ () C:\Users\john\Documents\Echantillon images.zip
2015-04-08 20:05 - 2015-04-08 20:05 - 382167403 _____ () C:\Users\john\Desktop\Echantillon images.zip
2015-04-08 13:33 - 2015-04-09 14:16 - 00345703 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-07 19:53 - 2015-04-07 19:53 - 00704123 _____ () C:\Users\john\Desktop\fz.zip
2015-04-07 19:49 - 2015-04-07 19:50 - 00000000 ____D () C:\Users\john\Desktop\fz
2015-04-07 19:49 - 2015-04-07 19:49 - 00706124 _____ () C:\Users\john\Downloads\cgi-bin.zip
2015-04-07 19:31 - 2015-04-07 19:31 - 02208768 _____ () C:\Users\john\Downloads\adwcleaner_4.200 (1).exe
2015-04-07 17:20 - 2015-04-07 17:20 - 01070232 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2015-04-07 17:20 - 2015-04-07 17:20 - 01010720 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCHRT20.OCX
2015-04-07 17:20 - 2015-04-07 17:20 - 00224016 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-04-07 17:20 - 2015-04-07 17:20 - 00140488 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-04-07 17:20 - 2015-04-07 17:20 - 00001228 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\TMAC v6.lnk
2015-04-07 17:20 - 2015-04-07 17:20 - 00001222 _____ () C:\Users\Public\Desktop\TMAC v6.lnk
2015-04-07 17:20 - 2015-04-07 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6
2015-04-07 17:20 - 2015-04-07 17:20 - 00000000 ____D () C:\Program Files (x86)\Technitium
2015-04-07 17:19 - 2015-04-07 17:20 - 02230574 _____ () C:\Users\john\Downloads\TMACv6.0.6_Setup.zip
2015-04-07 15:35 - 2015-04-08 21:35 - 00000000 ____D () C:\ProgramData\purevpn
2015-04-07 15:35 - 2015-04-07 18:57 - 00000000 ____D () C:\Program Files (x86)\PureVPN
2015-04-07 15:35 - 2015-04-07 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureVPN
2015-04-07 15:35 - 2015-04-07 15:35 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2015-04-07 15:35 - 2015-04-07 15:35 - 00001093 _____ () C:\Users\Public\Desktop\PureVPN.lnk
2015-04-07 15:34 - 2015-04-07 15:34 - 00441560 _____ (PureVPN ) C:\Users\john\Downloads\purevpn_windows.exe
2015-04-07 13:20 - 2015-04-07 13:20 - 00074175 _____ () C:\Users\john\Downloads\Addition.txt
2015-04-07 13:19 - 2015-04-09 16:15 - 00027529 _____ () C:\Users\john\Downloads\FRST.txt
2015-04-07 13:17 - 2015-04-09 16:15 - 00000000 ____D () C:\FRST
2015-04-07 04:33 - 2015-04-07 04:33 - 00000000 ____D () C:\Users\john\AppData\Roaming\StunlockStudios
2015-04-06 20:49 - 2015-04-06 20:49 - 00000022 _____ () C:\Users\john\Desktop\vv.txt
2015-04-06 20:48 - 2015-04-06 20:48 - 00000009 _____ () C:\Users\john\Desktop\lac.txt
2015-04-06 20:47 - 2015-04-06 20:47 - 00389120 _____ () C:\WINDOWS\SysWOW64\actskn43.ocx
2015-04-06 20:47 - 2015-04-06 20:47 - 00001001 _____ () C:\Users\john\Desktop\netcut.lnk
2015-04-06 20:47 - 2015-04-06 20:47 - 00000046 _____ () C:\Users\john\Desktop\netcut support.url
2015-04-06 20:47 - 2015-04-06 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2015-04-06 20:47 - 2015-04-06 20:47 - 00000000 ____D () C:\Program Files (x86)\netcut
2015-04-06 20:46 - 2015-04-06 20:50 - 37682800 _____ (Agnitum, Ltd. ) C:\Users\john\Downloads\Unconfirmed 493421.crdownload
2015-04-06 20:45 - 2015-04-06 20:45 - 01748153 _____ (arcai.com ) C:\Users\john\Downloads\netcut.exe
2015-04-04 17:01 - 2015-04-04 17:54 - 00000000 ____D () C:\Users\john\.zenmap
2015-04-04 17:01 - 2015-04-04 17:01 - 00000985 _____ () C:\Users\john\Desktop\Nmap - Zenmap GUI.lnk
2015-04-04 17:01 - 2015-04-04 17:01 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2015-04-04 17:00 - 2015-04-04 17:00 - 00000000 ____D () C:\Program Files\WinPcap
2015-04-04 17:00 - 2015-04-04 17:00 - 00000000 ____D () C:\Program Files (x86)\Nmap
2015-04-04 16:59 - 2015-04-04 17:00 - 27111830 _____ (Insecure.org) C:\Users\john\Downloads\nmap-6.47-setup (1).exe
2015-04-04 16:34 - 2015-04-04 16:36 - 27111830 _____ (Insecure.org) C:\Users\john\Downloads\nmap-6.47-setup.exe
2015-04-04 15:47 - 2015-04-04 15:47 - 01168277 _____ () C:\Users\john\Downloads\TradeSkillInfo-v2.3.6.zip
2015-04-04 15:45 - 2015-04-04 15:45 - 00007039 _____ () C:\Users\john\Downloads\BulkOrder v1.171.zip
2015-04-04 15:43 - 2015-04-04 15:44 - 01070806 _____ () C:\Users\john\Downloads\MountFarmHelper-1.2.zip
2015-04-04 15:38 - 2015-04-04 15:38 - 02975191 _____ () C:\Users\john\Downloads\Carbonite-011515.zip
2015-04-04 15:35 - 2015-04-04 15:35 - 02445662 _____ () C:\Users\john\Downloads\DBM-6.1.5-r13486-Core-and-Draenor-Mods.zip
2015-04-04 15:06 - 2015-04-05 03:40 - 00000058 _____ () C:\Users\john\Documents\pas.txt
2015-04-03 22:49 - 2015-04-03 22:50 - 00000000 ____D () C:\Users\john\AppData\Roaming\uTorrent
2015-04-03 22:36 - 2015-04-03 22:36 - 01741904 _____ (BitTorrent Inc.) C:\Users\john\Downloads\uTorrent.exe
2015-04-03 17:09 - 2015-04-03 17:09 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-03 17:09 - 2015-04-03 17:09 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-03 16:53 - 2015-04-03 16:53 - 00430501 _____ () C:\Users\john\Downloads\niche_ideas.txt
2015-04-02 20:00 - 2015-04-02 20:02 - 47755504 _____ (Kingsoft Corp. Ltd.) C:\Users\john\Downloads\office_free_2013.exe
2015-04-02 17:32 - 2015-04-02 17:32 - 01116160 _____ () C:\Users\john\Downloads\param.tar
2015-04-02 17:32 - 2015-04-02 17:32 - 00319398 _____ () C:\Users\john\Downloads\TriangleAway-v3.26.apk
2015-04-02 06:01 - 2015-04-02 06:01 - 00005762 _____ () C:\Users\john\Desktop\auditpol.bak
2015-04-02 04:50 - 2015-04-02 04:54 - 34394000 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US (1).exe
2015-04-02 02:46 - 2015-04-02 02:46 - 01620280 _____ (Microsoft Corporation) C:\Users\john\Downloads\WindowsXP-KB925876-x86-ENU.exe
2015-04-02 02:42 - 2015-04-02 02:42 - 00000000 ____D () C:\Users\john\AppData\Local\Microsoft Corporation
2015-04-02 02:41 - 2015-04-02 02:41 - 00807424 _____ () C:\Users\john\Downloads\RDCMan.msi
2015-04-02 00:37 - 2015-04-02 00:37 - 00002448 _____ () C:\Users\john\Documents\cc_20150402_003724.reg
2015-04-01 20:00 - 2015-04-01 20:17 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-01 18:45 - 2015-04-01 18:45 - 01429777 _____ () C:\Users\john\Downloads\amung.us.zip
2015-04-01 14:40 - 2015-04-01 14:40 - 00000477 _____ () C:\Users\john\Desktop\old 301.txt
2015-04-01 14:12 - 2015-04-01 20:17 - 00000000 ____D () C:\Users\john\Desktop\mbar
2015-04-01 14:11 - 2015-04-01 14:11 - 16502728 _____ (Malwarebytes Corp.) C:\Users\john\Downloads\mbar-1.09.1.1004.exe
2015-04-01 14:11 - 2015-04-01 14:11 - 02208768 _____ () C:\Users\john\Downloads\adwcleaner_4.200.exe
2015-04-01 14:07 - 2015-04-01 14:09 - 34394000 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US.exe
2015-04-01 02:17 - 2015-04-01 02:18 - 00000043 _____ () C:\Users\john\Documents\dees.txt
2015-03-31 19:02 - 2015-04-03 17:09 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-04-03 17:09 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-04-03 16:57 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2015-04-03 16:57 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-04-03 16:57 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-04-03 16:57 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-04-03 16:57 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 03320320 _____ () C:\WINDOWS\SysWOW64\SETE2E9.tmp
2015-03-31 19:01 - 2015-04-03 16:57 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-04-03 16:57 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:00 - 2015-04-03 16:57 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-04-03 16:57 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-04-03 16:57 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-03-31 18:05 - 2015-04-09 00:43 - 00028351 _____ () C:\Users\john\Downloads\hijackthis.log
2015-03-31 18:05 - 2015-03-31 18:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\john\Downloads\HijackThis.exe
2015-03-31 18:04 - 2015-03-31 18:04 - 01402880 _____ () C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi
2015-03-31 18:03 - 2015-03-31 18:03 - 00717976 _____ (Internet ) C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.exe
2015-03-30 20:28 - 2015-03-30 20:30 - 07432575 _____ () C:\Users\john\Downloads\sqlbrowser_2014_11_1256.zip
2015-03-30 19:40 - 2015-03-30 19:40 - 17334297 _____ () C:\Users\john\Downloads\usb140201.zip
2015-03-29 14:29 - 2015-03-29 14:29 - 05344528 _____ (Piriform Ltd) C:\Users\john\Downloads\ccsetup504.exe
2015-03-27 20:23 - 2015-03-27 20:23 - 00190874 _____ () C:\Users\john\Downloads\RaidChecklist-6.0.3.4.zip
2015-03-24 23:30 - 2015-03-24 23:30 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-24 23:30 - 2015-03-24 23:30 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-24 23:20 - 2015-03-24 23:20 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-03-24 13:24 - 2015-03-24 13:24 - 34391223 _____ () C:\Users\john\Downloads\torbrowser-install-4.0.5_en-US.exe
2015-03-22 05:34 - 2015-03-22 05:34 - 00000600 _____ () C:\Users\john\Downloads\MyFirstAddOn.zip
2015-03-21 20:49 - 2015-04-08 20:23 - 00002260 ____H () C:\Users\john\Documents\Default.rdp
2015-03-21 03:21 - 2015-03-21 03:23 - 00000000 ____D () C:\Users\john\AppData\Roaming\Curse Advertising
2015-03-21 03:20 - 2015-03-21 03:20 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-03-21 03:17 - 2015-03-26 15:16 - 00000000 ____D () C:\Users\john\AppData\Local\Deployment
2015-03-21 03:17 - 2015-03-21 03:17 - 00402696 _____ () C:\Users\john\Downloads\setup.exe
2015-03-21 03:17 - 2015-03-21 03:17 - 00000000 ____D () C:\Users\john\AppData\Local\Apps\2.0
2015-03-20 22:50 - 2015-04-08 04:39 - 00000000 ____D () C:\Users\john\Documents\Windows game
2015-03-20 21:48 - 2015-04-09 15:54 - 00000000 ____D () C:\Users\john\AppData\Roaming\vlc
2015-03-20 21:46 - 2015-03-20 21:46 - 00001092 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-20 21:46 - 2015-03-20 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-20 21:46 - 2015-03-20 21:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-19 16:08 - 2015-03-19 16:08 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-03-19 16:08 - 2015-03-19 16:08 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-03-18 19:05 - 2015-04-09 01:01 - 00000000 ____D () C:\Users\john\AppData\Roaming\Notepad++
2015-03-18 19:05 - 2015-03-18 19:06 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-18 19:05 - 2015-03-18 19:05 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-18 19:05 - 2015-03-18 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-17 23:09 - 2015-04-04 13:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-03-17 23:09 - 2015-04-04 13:46 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-03-17 23:06 - 2015-03-17 23:07 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-17 23:06 - 2015-03-17 23:07 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00400584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00390288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00346824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-03-17 23:06 - 2015-03-17 23:07 - 00299664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-03-17 23:06 - 2015-03-17 23:07 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-03-14 22:37 - 2015-03-14 22:37 - 00000000 ____D () C:\Users\john\Desktop\gpg4usb
2015-03-14 20:27 - 2015-03-14 20:30 - 00000600 _____ () C:\Users\john\AppData\Local\PUTTY.RND
2015-03-14 20:22 - 2015-03-29 00:21 - 00000000 ____D () C:\Users\john\AppData\Roaming\Skype
2015-03-14 20:22 - 2015-03-14 20:22 - 00000000 ____D () C:\Users\john\Tracing
2015-03-14 20:22 - 2015-03-14 20:22 - 00000000 ____D () C:\Users\john\AppData\Local\Skype
2015-03-14 20:21 - 2015-03-14 20:22 - 00000000 ____D () C:\ProgramData\Skype
2015-03-14 20:21 - 2015-03-14 20:21 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-14 20:21 - 2015-03-14 20:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-14 20:21 - 2015-03-14 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-13 16:39 - 2015-03-13 16:39 - 00000759 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2015-03-13 16:39 - 2015-03-13 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-03-12 06:18 - 2015-03-12 06:18 - 00000000 ____D () C:\Users\john\Documents\my games
2015-03-12 03:10 - 2015-03-12 03:10 - 00000017 _____ () C:\Users\john\AppData\Local\resmon.resmoncfg
2015-03-12 03:03 - 2015-03-12 03:03 - 00000000 ____D () C:\Users\john\AppData\Roaming\Comodo
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\Documents\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Roaming\WebApp
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Roaming\CyberLink
2015-03-12 02:28 - 2015-03-12 02:28 - 00000000 ____D () C:\Users\john\AppData\Local\Cyberlink
2015-03-11 15:33 - 2015-03-11 15:33 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 15:33 - 2015-03-11 15:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 15:33 - 2015-03-11 15:33 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 15:33 - 2015-03-11 15:33 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 15:32 - 2015-03-11 15:32 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 15:32 - 2015-03-11 15:32 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 15:32 - 2015-03-11 15:32 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 15:32 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 15:31 - 2015-03-11 15:31 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 15:31 - 2015-03-11 15:31 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 15:31 - 2015-03-11 15:31 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 15:31 - 2015-03-11 15:31 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 15:31 - 2015-03-11 15:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 15:31 - 2015-03-11 15:31 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-10 19:24 - 2015-03-10 19:24 - 00000000 ____D () C:\Users\john\AppData\Local\Blizzard
2015-03-10 19:16 - 2015-03-10 19:16 - 00000788 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2015-03-10 19:16 - 2015-03-10 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-03-10 18:20 - 2015-03-10 18:20 - 00000843 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2015-03-10 18:20 - 2015-03-10 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-03-10 15:18 - 2015-03-10 15:18 - 00000000 ____D () C:\Users\john\AppData\Local\Axialis
2015-03-10 15:05 - 2015-03-10 15:05 - 00000000 ____D () C:\Users\john\Desktop\Tor Browser
2015-03-10 14:57 - 2015-03-10 14:57 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-03-10 14:47 - 2015-03-10 14:47 - 00000000 ____D () C:\Users\john\AppData\Local\PunkBuster
2015-03-10 14:41 - 2015-03-10 14:42 - 00000000 ____D () C:\Users\john\Documents\Battlefield 4
2015-03-10 14:41 - 2015-03-10 14:41 - 00000000 ____D () C:\Users\john\AppData\Local\ESN
2015-03-10 13:36 - 2015-03-29 16:22 - 00000128 _____ () C:\Users\john\Documents\battle.txt
2015-03-10 12:32 - 2015-01-02 21:10 - 00002250 _____ () C:\Users\john\Desktop\Default_70.rdp
2015-03-10 07:07 - 2015-03-10 07:07 - 00000800 _____ () C:\Users\Public\Desktop\SimCity™.lnk
2015-03-10 05:51 - 2015-03-10 05:51 - 00000897 _____ () C:\Users\Public\Desktop\PVZ Garden Warfare.lnk
2015-03-10 04:29 - 2015-03-11 17:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-03-10 04:29 - 2015-03-10 04:29 - 00000726 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2015-03-10 04:29 - 2015-03-10 04:29 - 00000710 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-03-10 04:28 - 2015-03-11 17:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-10 04:28 - 2015-03-10 14:57 - 00226680 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-03-10 04:28 - 2015-03-10 14:47 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-03-10 04:28 - 2015-03-10 04:28 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-03-10 04:28 - 2015-03-10 04:28 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00069448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-03-10 04:28 - 2015-03-10 04:28 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-03-10 04:28 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-03-10 04:27 - 2015-03-10 04:27 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-03-10 04:27 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-03-10 04:26 - 2015-03-10 04:26 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-03-10 01:53 - 2015-04-08 04:39 - 00000000 ____D () C:\Users\john\AppData\Local\Battle.net
2015-03-10 01:53 - 2015-03-13 23:09 - 00000000 ____D () C:\Users\john\AppData\Roaming\Battle.net
2015-03-10 01:53 - 2015-03-10 01:53 - 00000800 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-03-10 01:53 - 2015-03-10 01:53 - 00000000 ____D () C:\Users\john\AppData\Local\Blizzard Entertainment
2015-03-10 01:53 - 2015-03-10 01:53 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-10 01:53 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-03-10 01:50 - 2015-03-10 01:51 - 00000000 ____D () C:\ProgramData\Battle.net
2015-03-10 01:45 - 2015-03-10 01:45 - 00045888 _____ (FSPro Labs) C:\WINDOWS\system32\fsp_lmwl.dll
2015-03-10 01:45 - 2015-03-10 01:45 - 00015800 _____ (FSPro Labs) C:\WINDOWS\system32\Drivers\lmpc4.sys
2015-03-10 01:45 - 2015-03-10 01:45 - 00000000 ____D () C:\Program Files\Lock My PC 4
2015-03-10 01:45 - 2015-03-09 20:00 - 00000000 ____D () C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lock My PC 4
2015-03-10 00:13 - 2015-04-03 19:19 - 00002211 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 00:13 - 2015-03-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-10 00:12 - 2015-04-09 15:17 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-10 00:12 - 2015-04-09 14:03 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-10 00:12 - 2015-03-10 00:13 - 00000000 ____D () C:\Users\john\AppData\Local\Google
2015-03-10 00:12 - 2015-03-10 00:13 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-10 00:12 - 2015-03-10 00:12 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-10 00:12 - 2015-03-10 00:12 - 00003638 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 16:12 - 2015-03-09 01:35 - 00000000 ____D () C:\Users\john\AppData\Roaming\ClassicShell
2015-04-09 16:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-09 15:36 - 2015-03-09 01:20 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-09 15:26 - 2015-03-09 02:16 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-09 03:27 - 2015-03-09 01:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1802870966-341709537-1984002351-1002
2015-04-09 03:14 - 2015-03-09 19:50 - 00000000 ____D () C:\Users\john
2015-04-09 00:54 - 2014-11-20 23:46 - 02171780 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-09 00:54 - 2014-11-20 23:03 - 01067676 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-04-09 00:54 - 2014-11-20 23:03 - 00245908 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-04-09 00:47 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-08 21:47 - 2015-03-09 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-04-08 20:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-08 13:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-08 04:40 - 2015-03-09 02:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 19:32 - 2015-03-09 01:35 - 00000000 ____D () C:\AdwCleaner
2015-04-07 15:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-04-03 17:57 - 2015-03-09 21:48 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-03 17:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-03 17:09 - 2014-09-19 03:07 - 00042288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys
2015-04-03 17:09 - 2014-09-19 03:07 - 00030512 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys
2015-04-03 17:09 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-03 16:57 - 2015-03-09 19:42 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-04-03 16:57 - 2015-03-09 19:42 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-04-03 16:57 - 2014-10-03 17:36 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-04-03 16:57 - 2014-10-03 17:36 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-04-03 16:57 - 2014-10-03 17:36 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-04-02 06:04 - 2015-03-09 03:21 - 00000000 ____D () C:\ProgramData\Origin
2015-04-01 22:54 - 2015-03-09 03:21 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-01 20:00 - 2015-03-09 01:20 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-31 18:05 - 2015-03-09 01:03 - 00000000 ____D () C:\Users\john\AppData\Local\VirtualStore
2015-03-31 14:59 - 2015-03-09 02:11 - 00001403 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-29 14:56 - 2015-03-09 01:28 - 00000844 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-29 14:56 - 2015-03-09 01:28 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-28 04:44 - 2015-03-09 02:11 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-03-28 04:44 - 2015-03-09 02:11 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-03-28 04:43 - 2015-03-09 02:11 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-03-28 04:43 - 2015-03-09 02:11 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-03-26 14:31 - 2015-03-09 01:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-24 23:31 - 2015-03-09 20:57 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-24 23:31 - 2014-11-21 06:55 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-17 23:09 - 2015-03-09 19:44 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-03-17 23:09 - 2015-03-09 19:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-17 23:08 - 2015-03-09 19:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-17 23:07 - 2015-03-09 02:17 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-03-17 23:07 - 2015-03-09 02:17 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-03-16 03:14 - 2015-03-09 01:35 - 00000000 ____D () C:\ProgramData\ClassicShell
2015-03-14 20:32 - 2015-03-09 02:16 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-13 20:41 - 2015-03-09 02:17 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-13 17:16 - 2015-03-09 19:44 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-03-13 17:16 - 2015-03-09 19:44 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-12 03:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-12 03:03 - 2015-03-09 01:56 - 00000000 ____D () C:\ProgramData\Comodo
2015-03-12 02:28 - 2013-04-24 11:47 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-11 17:43 - 2015-03-09 21:20 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 15:32 - 2014-11-21 07:02 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-11 15:32 - 2014-11-21 07:02 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-11 14:10 - 2015-03-09 19:44 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-03-10 14:41 - 2015-03-09 03:24 - 00000000 ____D () C:\Users\john\AppData\Local\Origin
2015-03-10 14:41 - 2015-03-09 03:21 - 00000000 ____D () C:\ProgramData\Electronic Arts
 
==================== Files in the root of some directories =======
 
2015-03-14 20:27 - 2015-03-14 20:30 - 0000600 _____ () C:\Users\john\AppData\Local\PUTTY.RND
2015-03-12 03:10 - 2015-03-12 03:10 - 0000017 _____ () C:\Users\john\AppData\Local\resmon.resmoncfg
 
Some content of TEMP:
====================
C:\Users\john\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa9s7pq.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-07 05:14
 
==================== End Of Log ===========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by john at 2015-04-09 16:16:14
Running from C:\Users\john\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Bitcoin Core (64-bit)) (Version: 0.10.0 - Bitcoin Core project)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version:  - DIMPS)
Dropbox (HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
GeekBuddy (HKLM\...\{8EE6F031-FD37-45A2-95CE-696777FC4EC6}) (Version: 4.13.120 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hybrid Power (HKLM-x32\...\InstallShield_{C07F934A-3253-4740-86B8-22BA5F571E6E}) (Version: 1.0.1304.0301 - Micro-Star International Co., Ltd.)
Hybrid Power (x32 Version: 1.0.1304.0301 - Micro-Star International Co., Ltd.) Hidden
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
KLM (HKLM-x32\...\InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}) (Version: 1.0.1304.2201 - Micro-Star International Co., Ltd.)
KLM (x32 Version: 1.0.1304.2201 - Micro-Star International Co., Ltd.) Hidden
Lock My PC Free Edition 4.9.5 (HKLM\...\Lock My PC Free Edition_is1) (Version: 4.9.5 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mises à jour NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 fr) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 fr)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version:  - arcai.com)
Nmap 6.47 (HKLM-x32\...\Nmap) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Pilote graphique 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Panneau de configuration NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 4.0.0.0 - PureVPN)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.550 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{5172DE8A-2640-474E-B89F-A04A90312A74}) (Version: 10.013.04183 - Application)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.01 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.017 - MSI)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\john\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1802870966-341709537-1984002351-1002_Classes\CLSID\{fe0ef6f5-751e-4dce-b803-6716c5941417}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
24-03-2015 23:30:36 Windows Update
01-04-2015 06:09:48 Point de contrôle planifié
03-04-2015 17:55:57 Removed Remote Desktop Connection Manager
08-04-2015 21:46:15 Removed COMODO Firewall
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {37554F40-CF8F-4CEF-8C8E-AFFACD6AE19D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-03] (Microsoft Corporation)
Task: {4ECFA5CB-0138-4E63-AD51-E01E0CC8EDAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {56BDB67A-0439-4657-9F4C-809556C5A983} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {926E2539-6D8A-43D7-8629-03F8C5BCF851} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe
Task: {9ADE197C-DFBD-4CDB-803E-D8BEE1B647CF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)
Task: {9F9CB685-FD83-4444-8F92-70988AD2E03A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-09] (Avast Software s.r.o.)
Task: {AFD63570-E277-4D13-9A58-4154424A1714} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2015-03-09] (Intel Corporation)
Task: {B7C76B2E-5344-4077-8423-A02EE8A0CCFD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-23] (Synaptics Incorporated)
Task: {BA312A84-1E31-4580-8024-B11FE9D0EA21} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-04-03] (Microsoft Corporation)
Task: {C7CCD323-8112-4934-A059-C5ACEE265231} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-29] (Piriform Ltd)
Task: {D2B20D6A-83F1-43DF-86B5-358F7767BD9E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-03] (Microsoft Corporation)
Task: {D4BA69A5-23E0-4FC5-824F-EB0B4BF19443} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-04-03] (Microsoft Corporation)
Task: {DC6C813B-EEFB-4FD5-9153-BEA0CFE5983A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2015-03-09] (Intel Corporation)
Task: {E9A1F0E1-067D-491E-B053-AAC8AE6D1CE7} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe
Task: {F8FD89A8-22C7-4468-9191-489D6CF87A02} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-09] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-03-10 01:45 - 2015-03-10 01:45 - 00052592 _____ () C:\Program Files\Lock My PC 4\LmpcServ.exe
2015-03-10 14:57 - 2015-03-10 14:57 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2013-03-15 20:22 - 2013-03-15 20:22 - 00495616 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2015-03-09 19:44 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-02-26 00:40 - 2013-02-26 00:40 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-26 00:37 - 2013-02-26 00:37 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-26 00:43 - 2013-02-26 00:43 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-13 14:54 - 2015-03-13 14:54 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-03-09 22:19 - 2015-03-09 22:19 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-09 22:19 - 2015-03-09 22:19 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-08 20:53 - 2015-04-08 20:53 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040802\algo.dll
2015-03-09 18:28 - 2000-01-01 01:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-09 14:03 - 2015-04-09 14:03 - 00043008 _____ () c:\users\john\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa9s7pq.dll
2015-04-09 03:12 - 2015-03-04 22:45 - 00750080 _____ () C:\Users\john\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-04-09 03:12 - 2015-03-04 22:45 - 00047616 _____ () C:\Users\john\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-04-09 03:12 - 2015-03-04 22:45 - 00865280 _____ () C:\Users\john\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-04-09 03:12 - 2015-03-04 22:45 - 00200704 _____ () C:\Users\john\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-09 22:19 - 2015-03-09 22:19 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-09 22:19 - 2015-03-09 22:19 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-09 22:19 - 2015-03-09 22:19 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2015-04-03 19:18 - 2015-03-30 22:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-01 02:28 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\john\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-01 02:28 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\john\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-04-03 19:18 - 2015-03-30 22:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\actxprxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aspnet_counters.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aswBoot.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\BFE.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\btcoinst.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\BtContextMenu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\calc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_47.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DevicePairing.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DeviceSetupStatusProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dnsapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dnsrslvr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\eapp3hst.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\eappcfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\eappgnui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\eapphost.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\eventcls.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fsp_lmwl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IccLibDll_x64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v3960.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4156.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IKEEXT.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAAC64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCUMD64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMux64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiVAD64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\kmddsp.tsp:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\localspl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LockScreenContentServer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MDMAgent.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfc42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfc42u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MrmCoreR.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msftedit.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msvcr120_clr0400.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434752.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434788.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434752.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434788.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\photowiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PnkBstrA.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\QSHVHOST.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\QSVRMGMT.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rasapi32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rascfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rasdiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rasmxs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rasser.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SHCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SkyDrive.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SkyDriveTelemetry.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\sppobjs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\StorageContextHandler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SyncEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.Handlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsDatabase.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\untfs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vpnike.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vssapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vsstrace.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wer.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32spl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WinSCard.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winshfhc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WSDApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WSDMon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WSShared.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuaext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WUSettingsProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\actskn43.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\aspnet_counters.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atlthunk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\calc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\certcli.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_47.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\DevicePairing.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dnsapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\eapp3hst.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\eappcfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\eappgnui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\eapphost.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\eventcls.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\kmddsp.tsp:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc42.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc42u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MrmCoreR.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msftedit.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\photowiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrA.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintConfig.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\QSHVHOST.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\QSVRMGMT.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasapi32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rascfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasdiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasmxs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasser.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SETE2E9.tmp:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SHCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\StorageContextHandler.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TsWpfWrp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\untfs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vssapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vsstrace.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\webcheck.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wer.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinSCard.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\winshfhc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WSDApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WSShared.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\agilevpn.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ahcache.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswHwid.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswMonFlt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswRdr2.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswRvrt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswSnx.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswSP.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswStm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aswVmm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btfilter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dam.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidbth.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\i8042prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\intelaud.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\intelpep.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iwdbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdclass.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lmpc4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mouclass.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mouhid.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndis.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndistapi.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndproxy.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvkflt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rfcomm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sermouse.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SWDUMon.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpip.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\TeeDriverx64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vwififlt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vwifimp.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wanarp.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdBoot.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdFilter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdNisDrv.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wfplwfs.sys:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\adwcleaner_4.200 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\adwcleaner_4.200 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\adwcleaner_4.200.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\adwcleaner_4.200.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\amung.us.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\BulkOrder v1.171.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\Carbonite-011515.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\ccsetup504.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\ccsetup504.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\cgi-bin.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\DBM-6.1.5-r13486-Core-and-Draenor-Mods.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\DSC00642.jpg:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\harcelement-en-reseau-harcelement-global.pdf:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\HijackThis.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\HijackThis.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\mbar-1.09.1.1004.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\mbar-1.09.1.1004.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\MountFarmHelper-1.2.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\MyFirstAddOn.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\netcut.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\netcut.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\niche_ideas.txt:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\nmap-6.47-setup (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\nmap-6.47-setup (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\nmap-6.47-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\nmap-6.47-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\office_free_2013.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\office_free_2013.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\param.tar:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\passp.jpg:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\purevpn_windows.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\purevpn_windows.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\RaidChecklist-6.0.3.4.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\RDCMan.msi:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\sqlbrowser_2014_11_1256.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.5_en-US.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.5_en-US.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\torbrowser-install-4.0.6_en-US.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\TradeSkillInfo-v2.3.6.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\TriangleAway-v3.26.apk:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\usb140201.zip:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\uTorrent.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\uTorrent.exe:$CmdZnID
AlternateDataStreams: C:\Users\john\Downloads\WindowsXP-KB925876-x86-ENU.exe:$CmdTcID
AlternateDataStreams: C:\Users\john\Downloads\WindowsXP-KB925876-x86-ENU.exe:$CmdZnID
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\john\Desktop\zx620y348_957194.jpg
DNS Servers: 8.8.8.8 - 208.67.222.222
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Qualcomm Atheros Killer Network Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Start GeekBuddy.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Radio Manager"
HKLM\...\StartupApproved\Run: => "MBCfg64"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "KLM"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Super-Charger"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "BDRegion"
HKLM\...\StartupApproved\Run32: => "SCM"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\StartupApproved\StartupFolder: => "PureVPN.lnk"
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1802870966-341709537-1984002351-1002\...\StartupApproved\Run: => "Steam"
 
==================== Accounts: =============================
 
Administrateur (S-1-5-21-1802870966-341709537-1984002351-500 - Administrator - Disabled)
Invité (S-1-5-21-1802870966-341709537-1984002351-501 - Limited - Disabled)
john (S-1-5-21-1802870966-341709537-1984002351-1002 - Administrator - Enabled) => C:\Users\john
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/09/2015 04:14:13 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows ne peut pas accéder au fichier  pour une des raisons suivantes :
un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les
pilotes de stockage installés sur cet ordinateur, ou le disque est manquant.
Windows a fermé le programme Farbar Recovery Scan Tool en raison de cette erreur.
 
Programme : Farbar Recovery Scan Tool
Fichier : 
 
La valeur de l’erreur est affichée dans la section Données supplémentaires.
Action utilisateur
1. Ouvrez à nouveau le fichier.
Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme.
2.
Si le fichier est toujours inaccessible et
- Il se trouve sur le réseau :
votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté.
- Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.
3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde.
5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur
pour obtenir une assistance supplémentaire.
 
Données supplémentaires
Valeur de l’erreur : 00000000
Type du disque : 0
 
Error: (04/09/2015 04:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Nom du module défaillant : FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Code d’exception : 0xc0000096
Décalage d’erreur : 0x000000000002c9d9
ID du processus défaillant : 0x2018
Heure de début de l’application défaillante : 0xFRST64.exe0
Chemin d’accès de l’application défaillante : FRST64.exe1
Chemin d’accès du module défaillant: FRST64.exe2
ID de rapport : FRST64.exe3
Nom complet du package défaillant : FRST64.exe4
ID de l’application relative au package défaillant : FRST64.exe5
 
Error: (04/09/2015 04:13:52 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows ne peut pas accéder au fichier  pour une des raisons suivantes :
un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les
pilotes de stockage installés sur cet ordinateur, ou le disque est manquant.
Windows a fermé le programme Farbar Recovery Scan Tool en raison de cette erreur.
 
Programme : Farbar Recovery Scan Tool
Fichier : 
 
La valeur de l’erreur est affichée dans la section Données supplémentaires.
Action utilisateur
1. Ouvrez à nouveau le fichier.
Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme.
2.
Si le fichier est toujours inaccessible et
- Il se trouve sur le réseau :
votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté.
- Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.
3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde.
5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur
pour obtenir une assistance supplémentaire.
 
Données supplémentaires
Valeur de l’erreur : 00000000
Type du disque : 0
 
Error: (04/09/2015 04:13:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Nom du module défaillant : FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Code d’exception : 0xc0000096
Décalage d’erreur : 0x000000000002c9d9
ID du processus défaillant : 0x1310
Heure de début de l’application défaillante : 0xFRST64.exe0
Chemin d’accès de l’application défaillante : FRST64.exe1
Chemin d’accès du module défaillant: FRST64.exe2
ID de rapport : FRST64.exe3
Nom complet du package défaillant : FRST64.exe4
ID de l’application relative au package défaillant : FRST64.exe5
 
Error: (04/09/2015 04:13:32 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows ne peut pas accéder au fichier  pour une des raisons suivantes :
un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les
pilotes de stockage installés sur cet ordinateur, ou le disque est manquant.
Windows a fermé le programme Farbar Recovery Scan Tool en raison de cette erreur.
 
Programme : Farbar Recovery Scan Tool
Fichier : 
 
La valeur de l’erreur est affichée dans la section Données supplémentaires.
Action utilisateur
1. Ouvrez à nouveau le fichier.
Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme.
2.
Si le fichier est toujours inaccessible et
- Il se trouve sur le réseau :
votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté.
- Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.
3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde.
5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur
pour obtenir une assistance supplémentaire.
 
Données supplémentaires
Valeur de l’erreur : 00000000
Type du disque : 0
 
Error: (04/09/2015 04:13:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Nom du module défaillant : FRST64.exe, version : 11.3.2015.0, horodatage : 0x550011de
Code d’exception : 0xc0000096
Décalage d’erreur : 0x000000000002c9d9
ID du processus défaillant : 0x19b8
Heure de début de l’application défaillante : 0xFRST64.exe0
Chemin d’accès de l’application défaillante : FRST64.exe1
Chemin d’accès du module défaillant: FRST64.exe2
ID de rapport : FRST64.exe3
Nom complet du package défaillant : FRST64.exe4
ID de l’application relative au package défaillant : FRST64.exe5
 
Error: (04/09/2015 03:49:26 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 
 
Error: (04/09/2015 03:43:27 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (04/09/2015 03:43:26 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 
 
Error: (04/09/2015 03:41:19 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
 
System errors:
=============
Error: (04/09/2015 03:36:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 03:36:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 03:36:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 03:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 03:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 03:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 02:37:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 02:37:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 02:37:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
Error: (04/09/2015 02:37:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : 
%%1058
 
 
Microsoft Office Sessions:
=========================
Error: (04/09/2015 04:14:13 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Farbar Recovery Scan Tool000000000
 
Error: (04/09/2015 04:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe11.3.2015.0550011deFRST64.exe11.3.2015.0550011dec0000096000000000002c9d9201801d072d7d64074c0C:\Users\john\Downloads\FRST64.exeC:\Users\john\Downloads\FRST64.exe14111877-decb-11e4-bead-00013da510ce
 
Error: (04/09/2015 04:13:52 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Farbar Recovery Scan Tool000000000
 
Error: (04/09/2015 04:13:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe11.3.2015.0550011deFRST64.exe11.3.2015.0550011dec0000096000000000002c9d9131001d072d7c9f97890C:\Users\john\Downloads\FRST64.exeC:\Users\john\Downloads\FRST64.exe07ce151f-decb-11e4-bead-00013da510ce
 
Error: (04/09/2015 04:13:32 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Farbar Recovery Scan Tool000000000
 
Error: (04/09/2015 04:13:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe11.3.2015.0550011deFRST64.exe11.3.2015.0550011dec0000096000000000002c9d919b801d072d7b92ca5d4C:\Users\john\Downloads\FRST64.exeC:\Users\john\Downloads\FRST64.exefbaa36f6-deca-11e4-bead-00013da510ce
 
Error: (04/09/2015 03:49:26 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 
 
Error: (04/09/2015 03:43:27 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
Error: (04/09/2015 03:43:26 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 
 
Error: (04/09/2015 03:41:19 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-08 20:33:21.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 20:22:54.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 20:13:40.008
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 19:55:47.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 19:48:40.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 19:22:56.016
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 19:08:45.285
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 18:58:40.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 18:13:35.795
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-08 17:34:21.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 22%
Total physical RAM: 16271.3 MB
Available physical RAM: 12612.87 MB
Total Pagefile: 18703.3 MB
Available Pagefile: 14694.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (OS_Install) (Fixed) (Total:117.75 GB) (Free:56.6 GB) NTFS
Drive d: (Data) (Fixed) (Total:665.53 GB) (Free:363.8 GB) NTFS
Drive f: () (Removable) (Total:30.45 GB) (Free:25.21 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 49C87B67)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 49C87B42)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 2 (Size: 30.5 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 10 April 2015 - 10:59 AM

Greetings.

Sorry for the delay in replying. I am not seeing any evidence of malicious software although there are a few things we can clean up. If your router is broadcasting your Network ID any device within range may pop up on your list. The "Connecting" you see is most likely due to a setting in your web browsers. If you want to follow up on that let me know.

Please consider and do this.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
Winlogon\Notify\igfxcui: igfxdev.dll [X]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> DefaultScope {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
U4 CmdAgent; No ImagePath
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Running Administrator CMD and Posting Information in Reply

--------------------
  • Click Start, type cmd, then press the Shift, Ctrl, + Enter keys at the same time
  • An Administrator Command Prompt window should open
  • Type or copy and paste the following after the Command Prompt and press Enter

auditpol /get /category:*

  • Click on the very small black box in the upper left corner of the command screen
  • Click Edit, then Select All
  • Hit the Ctrl + C keys at the same time to copy the information
  • Paste the information in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Command information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 billionick

billionick
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:31 AM

Posted 10 April 2015 - 11:14 AM

Hi, it done,  thanks so much for the help :)

 

 

Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by john at 2015-04-10 18:07:53 Run:1
Running from C:\Users\john\Desktop
Loaded Profiles: john (Available profiles: john)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Winlogon\Notify\igfxcui: igfxdev.dll [X]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes:
HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> DefaultScope {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
SearchScopes: HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = 
U4 CmdAgent; No ImagePath
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
SearchScopes: => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1802870966-341709537-1984002351-1002 -> DefaultScope {44800FAD-40A2-4A7F-B648-D5F76B27BD39} URL = => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-1802870966-341709537-1984002351-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44800FAD-40A2-4A7F-B648-D5F76B27BD39}" => Key deleted successfully.
HKCR\CLSID\{44800FAD-40A2-4A7F-B648-D5F76B27BD39} => Key not found. 
CmdAgent => Service deleted successfully.
 
==== End of Fixlog 18:07:53 ====
 
 
  • Command information:
 
Microsoft Windows [version 6.3.9600]
© 2013 Microsoft Corporation. Tous droits réservés.
 
C:\WINDOWS\system32>auditpol /get /category:*
Stratégie d'audit système
Catégorie/Sous-catégorie                  Paramètre
Système
  Extension système de sécurité           Aucun audit
  Intégrité du système                    Succès et échec
  Pilote IPSEC                            Aucun audit
  Autres événements système               Succès et échec
  Modification de l'état de la sécurité   Opération réussie
Ouverture/Fermeture de session
  Ouvrir la session                       Opération réussie
  Fermer la session                       Opération réussie
  Verrouillage du compte                  Opération réussie
  Mode principal IPsec                    Aucun audit
  Mode rapide IPsec                       Aucun audit
  Mode étendu IPsec                       Aucun audit
  Ouverture de session spéciale           Opération réussie
  Autres événements d'ouverture/fermeture de sessionAucun audit
  Serveur NPS                             Succès et échec
  Revendications utilisateur/de périphériqueAucun audit
Accès aux objets
  Système de fichiers                     Aucun audit
  Registre                                Aucun audit
  Objet de noyau                          Aucun audit
  SAM                                     Aucun audit
  Services de certification               Aucun audit
  Généré par application                  Aucun audit
  Manipulation de handle                  Aucun audit
  Partage de fichiers                     Aucun audit
  Rejet de paquet par la plateforme de filtrageAucun audit
  Connexion de la plateforme de filtrage  Aucun audit
  Autres événements d'accès à l'objet     Aucun audit
  Partage de fichiers détaillé            Aucun audit
  Stockage amovible                       Aucun audit
  Stratégie centralisée intermédiaire     Aucun audit
Utilisation de privilège
  Utilisation de privilèges non sensibles Aucun audit
  Autres événements d'utilisation de privilègesAucun audit
  Utilisation de privilèges sensibles     Aucun audit
Suivi détaillé
  Création du processus                   Aucun audit
  Fin du processus                        Aucun audit
  Activité DPAPI                          Aucun audit
  Événements RPC                          Aucun audit
Changement de stratégie
  Modification de la stratégie d'authentificationOpération réussie
  Modification de la stratégie d'autorisationAucun audit
  Modification de la stratégie de niveau règle MPSSVCAucun audit
  Modification de la stratégie de plateforme de filtrageAucun audit
  Autres événements de modification de stratégieAucun audit
  Modification de la stratégie d'audit    Opération réussie
Gestion des comptes
  Gestion des comptes d'utilisateur       Opération réussie
  Gestion des comptes d'ordinateur        Aucun audit
  Gestion des groupes de sécurité         Opération réussie
  Gestion des groupes de distribution     Aucun audit
  Gestion des groupes d'applications      Aucun audit
  Autres événements de gestion des comptesAucun audit
Accès DS
  Modification du service d'annuaire      Aucun audit
  Réplication du service d'annuaire       Aucun audit
  Réplication du service d'annuaire détailléAucun audit
  Accès au service d'annuaire             Aucun audit
Connexion de compte
  Opérations de ticket du service KerberosAucun audit
  Autres événements d'ouverture de sessionAucun audit
  Service d'authentification Kerberos     Aucun audit
  Validation des informations d'identificationAucun audit
 
C:\WINDOWS\system32>
 
 
Why do i did it ? utorrent is aslo unistalled.


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 10 April 2015 - 11:37 AM

Thank you for the information. I don't think your Events are anything to be concerned about but if you wanted to follow up I would ask you to start a topic in the Windows 8 Forum where they have more expertise in this area which is system related.

Overall I am not seeing anything you should be concerned about.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 13 April 2015 - 09:45 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 billionick

billionick
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:31 AM

Posted 13 April 2015 - 10:14 AM

Hello, im thinks it done, i have setup fews windows firewall rules my local network.



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 13 April 2015 - 10:21 AM

Very good, thanks for letting me know.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a couple of days in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,525 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:31 PM

Posted 14 April 2015 - 08:28 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users