Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio Ads play in background- even if nothing else is running.


  • This topic is locked This topic is locked
6 replies to this topic

#1 Reed03

Reed03

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 25 August 2015 - 02:12 PM

Hey Team,

 

I ran into some sort of virus yesterday. There were multiple facets to this virus, but I managed to get rid of everything but this. I've never experienced anything like it before.

 

About 5 minutes after startup, an audio ad will play in the background of my computer. These ads aren't attached to a browser, however. They play even if I have no other programs running. Another ad plays anywhere from 15 to 30 minutes later.

 

I don't think that it is malicious, but it sure is annoying. Regardless, I'd like to get rid of it in case that it is malicious.

 

I've run Malwarebytes, Avira, TDSSKILLER, and adwcleaner. I got it to a point where the only program that finds anything is adwcleaner- 2 to 4 items in the Registry, that I have been unsuccessful to remove.

 

Attached is Addition.txt from FarBar. Hope you guys can help me out

Attached Files


Edited by Reed03, 25 August 2015 - 02:17 PM.


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 PM

Posted 27 August 2015 - 08:11 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please post the FRST.txt log that was also created when your ran the Farbar too.


Wait for further instructions.

#3 Reed03

Reed03
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 27 August 2015 - 02:24 PM

I'm actually going to be visiting my girlfriend until Saturday, so I won't be able to respond until then. Sorry for the inconvenience.

_____________________________________________________________________________________________________

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
Ran by Maxx (administrator) on REED-COMPUTER (27-08-2015 15:19:09)
Running from C:\Users\Maxx\Downloads
Loaded Profiles: Maxx (Available Profiles: Maxx)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\tiresome\laughable.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS6\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CS6\32\Adobe QT32 Server.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CS6\PhotoshopServer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.820.12440.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Maxx\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\...\Run: [AdobeBridge] => [X]
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{345d2fea-3405-412e-9bb2-5489b8257ca3}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Maxx\AppData\Roaming\Mozilla\Firefox\Profiles\wvBpM9ON.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-24] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Maxx\AppData\Roaming\Mozilla\Firefox\Profiles\wvBpM9ON.default\Extensions\abs@avira.com [2015-08-24]
FF HKLM\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
 
Chrome: 
=======
CHR Profile: C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-24]
CHR Extension: (Google Docs) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-24]
CHR Extension: (Google Drive) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-24]
CHR Extension: (YouTube) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-24]
CHR Extension: (Adblock Plus) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-24]
CHR Extension: (Google Search) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-24]
CHR Extension: (Google Sheets) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-24]
CHR Extension: (Black Wood) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfigpljkonjldfhkfgbbmibfbcggnhj [2015-08-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR Extension: (Gmail) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2828300622-781250135-2028311287-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-09] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-09] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-11] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-09] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-09] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-09] (Microsoft Corporation)
S3 UnistoreSvc_Session3; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation)
S3 UserDataSvc_Session3; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc_Session3; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 akshhl; C:\Windows\System32\drivers\akshhl.sys [57088 2012-06-15] (SafeNet Inc.)
S3 akspccard; C:\Windows\System32\drivers\akspccard.sys [20736 2007-08-20] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\Windows\System32\drivers\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows ® Win 7 DDK provider)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [129024 2010-04-26] (MCCI Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-09] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-27 15:18 - 2015-08-27 15:18 - 02186752 _____ (Farbar) C:\Users\Maxx\Downloads\FRST64 (1).exe
2015-08-27 15:15 - 2015-08-27 15:15 - 00016148 _____ C:\WINDOWS\system32\REED-COMPUTER_Maxx_HistoryPrediction.bin
2015-08-27 06:21 - 2015-08-27 06:21 - 00341416 _____ C:\Users\Maxx\Desktop\TLoU Chunk 6.xml
2015-08-27 06:21 - 2015-08-27 06:21 - 00000816 _____ C:\Users\Maxx\Desktop\FCP Translation Results 2015-08-27 06-21.txt
2015-08-27 02:22 - 2015-08-27 02:46 - 06957088 _____ C:\Users\Maxx\Desktop\xanders  voice.wav
2015-08-27 01:39 - 2015-08-27 02:42 - 00000897 _____ C:\WINDOWS\setupact.log
2015-08-27 01:39 - 2015-08-27 01:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-26 06:31 - 2015-08-27 06:25 - 00000000 ____D C:\Users\Maxx\Desktop\TBC
2015-08-26 05:58 - 2015-08-26 05:58 - 00000000 ____D C:\Users\Public\Documents\Adobe
2015-08-26 05:58 - 2015-08-26 05:58 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-08-26 04:47 - 2015-08-26 04:43 - 00001122 _____ C:\Users\Maxx\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
2015-08-26 04:43 - 2015-08-26 04:43 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-08-26 04:25 - 2015-08-26 04:25 - 00003622 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Reed-Computer-Maxx
2015-08-26 04:23 - 2015-08-26 04:23 - 00001131 _____ C:\Users\Maxx\Desktop\Adobe Premiere Pro CS6.lnk
2015-08-26 04:23 - 2015-08-26 04:23 - 00000000 ____D C:\Users\Maxx\Documents\Adobe
2015-08-26 04:23 - 2015-08-26 04:23 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\PACE Anti-Piracy
2015-08-26 04:23 - 2015-08-26 04:23 - 00000000 ____D C:\Users\Maxx\AppData\Local\PACE Anti-Piracy
2015-08-26 04:23 - 2015-08-26 04:23 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2015-08-26 04:21 - 2015-08-26 04:43 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-26 04:18 - 2015-08-26 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-26 04:18 - 2015-08-26 04:18 - 00001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-08-26 04:18 - 2015-08-26 04:18 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-26 04:18 - 2015-08-26 04:18 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-26 04:17 - 2015-08-26 04:43 - 00000000 ____D C:\Program Files\Adobe
2015-08-26 04:17 - 2015-08-26 04:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-08-26 04:15 - 2015-08-26 04:43 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-26 04:11 - 2015-08-26 04:13 - 00000000 ____D C:\Users\Maxx\Desktop\Adobe Premiere Pro CS6
2015-08-25 01:03 - 2015-08-25 01:04 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Apple Computer
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\Users\Maxx\AppData\Local\Apple Computer
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\Program Files\iTunes
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\Program Files\iPod
2015-08-25 01:03 - 2015-08-25 01:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-25 01:00 - 2015-08-25 01:01 - 155835672 _____ (Apple Inc.) C:\Users\Maxx\Downloads\iTunes6464Setup (2).exe
2015-08-25 00:34 - 2015-08-27 10:10 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-25 00:33 - 2015-08-25 00:33 - 00000000 ____D C:\NVIDIA
2015-08-25 00:32 - 2015-08-25 00:33 - 228190392 _____ (NVIDIA Corporation) C:\Users\Maxx\Downloads\355.60-desktop-win10-32bit-international-whql.exe
2015-08-25 00:13 - 2015-08-25 00:13 - 00187466 _____ C:\Users\Maxx\Documents\cc_RegBackup.reg
2015-08-24 23:37 - 2015-08-24 23:37 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-24 23:37 - 2015-08-24 23:37 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files\CCleaner
2015-08-24 23:36 - 2015-08-24 23:36 - 06667640 _____ (Piriform Ltd) C:\Users\Maxx\Downloads\ccsetup509.exe
2015-08-24 23:12 - 2015-08-24 23:13 - 00038623 _____ C:\Users\Maxx\Downloads\Addition.txt
2015-08-24 23:11 - 2015-08-27 15:19 - 00018306 _____ C:\Users\Maxx\Downloads\FRST.txt
2015-08-24 23:11 - 2015-08-27 15:19 - 00000000 ____D C:\FRST
2015-08-24 23:11 - 2015-08-24 23:11 - 02186752 _____ (Farbar) C:\Users\Maxx\Downloads\FRST64.exe
2015-08-24 22:00 - 2015-08-24 22:00 - 00662016 _____ C:\Users\Maxx\Downloads\MicrosoftFixit50566.msi
2015-08-24 17:29 - 2015-08-24 17:29 - 00000019 _____ C:\WINDOWS\SysWOW64\30322479.bat
2015-08-24 05:13 - 2015-08-24 05:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-24 05:12 - 2015-08-24 05:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-24 05:12 - 2015-08-24 05:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-24 04:40 - 2015-08-27 14:45 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 04:40 - 2015-08-27 06:50 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 04:40 - 2015-08-24 04:40 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-24 04:40 - 2015-08-24 04:40 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-24 04:40 - 2015-08-24 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-24 04:37 - 2015-08-24 04:37 - 00000000 ____D C:\Program Files (x86)\GUME343.tmp
2015-08-24 04:37 - 2015-08-24 04:37 - 00000000 ____D C:\Program Files (x86)\GUM712B.tmp
2015-08-24 04:36 - 2015-08-24 04:37 - 00000000 ____D C:\Program Files (x86)\GUM5CCD.tmp
2015-08-24 03:53 - 2015-08-24 03:53 - 05635162 _____ (Swearware) C:\Users\Maxx\Downloads\ComboFix (1).exe
2015-08-24 03:46 - 2015-08-24 03:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Maxx\Downloads\tdsskiller.exe
2015-08-24 03:35 - 2015-08-24 03:42 - 05635162 _____ (Swearware) C:\Users\Maxx\Downloads\ComboFix.exe
2015-08-24 03:32 - 2015-08-24 03:32 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Avira
2015-08-24 03:10 - 2015-08-24 03:10 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Mozilla
2015-08-24 03:09 - 2015-08-24 03:09 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Maxx\Downloads\JRT.exe
2015-08-24 03:08 - 2015-07-15 08:37 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-24 03:08 - 2015-07-15 08:37 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-08-24 03:08 - 2015-07-15 08:37 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-08-24 03:08 - 2015-07-15 08:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-08-24 03:07 - 2015-08-26 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-24 03:07 - 2015-08-24 03:08 - 00000000 ____D C:\ProgramData\Avira
2015-08-24 03:07 - 2015-08-24 03:08 - 00000000 ____D C:\Program Files (x86)\Avira
2015-08-24 03:07 - 2015-08-24 03:07 - 00001281 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-08-24 03:06 - 2015-08-24 03:06 - 04771216 _____ (Avira Operations GmbH & Co. KG) C:\Users\Maxx\Downloads\avira_en_av_55dba2b9d5647__ws.exe
2015-08-24 03:06 - 2015-08-24 03:06 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-24 03:03 - 2015-08-27 06:51 - 00000000 ____D C:\a
2015-08-24 02:52 - 2015-08-24 04:39 - 00000000 ____D C:\Users\Maxx\AppData\Local\Deployment
2015-08-24 02:52 - 2015-08-24 02:52 - 00000000 ____D C:\Users\Maxx\AppData\Local\Apps\2.0
2015-08-24 02:40 - 2015-08-24 03:01 - 00000000 ____D C:\Program Files (x86)\12e4bcc9-62c3-47bf-b7e9-18d9a6e73236
2015-08-24 02:38 - 2015-08-24 02:38 - 00003550 _____ C:\WINDOWS\System32\Tasks\Uataoovwsau
2015-08-24 02:33 - 2015-08-24 02:33 - 00000000 _____ C:\places.sqlite
2015-08-24 02:27 - 2015-08-24 02:43 - 00000000 ____D C:\Program Files (x86)\5ff6a9f4-89c4-4720-a93b-75950b9d294d
2015-08-24 02:27 - 2015-08-24 02:43 - 00000000 ____D C:\Program Files (x86)\258730c1-8e8a-4800-be47-346bfdd7fb80
2015-08-24 02:26 - 2015-08-24 22:25 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-24 02:26 - 2015-08-24 02:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Maxx\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-24 02:26 - 2015-08-24 02:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Maxx\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-08-24 02:26 - 2015-08-24 02:26 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-24 02:26 - 2015-08-24 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-24 02:26 - 2015-08-24 02:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-24 02:26 - 2015-08-24 02:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-24 02:26 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-24 02:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-24 02:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-24 01:51 - 2015-08-24 01:53 - 00000000 ____D C:\Users\Maxx\AppData\Local\Comms
2015-08-24 01:42 - 2015-08-25 00:25 - 00003860 _____ C:\WINDOWS\System32\Tasks\GraphicUpdates
2015-08-24 01:42 - 2015-08-24 22:19 - 00003872 _____ C:\WINDOWS\System32\Tasks\PaintSystemUpdate
2015-08-24 01:42 - 2015-08-24 01:42 - 00003874 _____ C:\WINDOWS\System32\Tasks\y1oWQpdQAo7F7TXg3FgV-ni-2015-08-24-ni-12202
2015-08-24 01:42 - 2015-08-24 01:42 - 00000000 ____D C:\Program Files (x86)\tiresome
2015-08-24 01:42 - 2015-08-24 01:42 - 00000000 ____D C:\Program Files (x86)\Keepkey
2015-08-24 01:39 - 2015-08-27 11:40 - 00001018 _____ C:\WINDOWS\Tasks\zBXK5RwlEZQ.job
2015-08-24 01:39 - 2015-08-24 01:39 - 00004144 _____ C:\WINDOWS\System32\Tasks\zBXK5RwlEZQ
2015-08-24 01:37 - 2015-08-24 01:38 - 00004688 _____ C:\WINDOWS\SysWOW64\Ooteeotoor.ini
2015-08-24 01:37 - 2015-08-24 01:38 - 00002400 _____ C:\WINDOWS\SysWOW64\OoteeotoorOff.ini
2015-08-24 01:37 - 2015-08-24 01:38 - 00002400 _____ C:\WINDOWS\system32\OoteeotoorOff.ini
2015-08-24 01:37 - 2015-08-24 01:37 - 00000000 ____D C:\WINDOWS\system32\abis
2015-08-24 01:32 - 2015-08-24 01:32 - 00020454 _____ C:\WINDOWS\srtpoq.xml
2015-08-24 01:28 - 2015-08-27 10:51 - 00001030 _____ C:\WINDOWS\Tasks\UfeJ6tc7kSk6eUoBO.job
2015-08-24 01:28 - 2015-08-24 01:28 - 00004168 _____ C:\WINDOWS\System32\Tasks\UfeJ6tc7kSk6eUoBO
2015-08-24 01:27 - 2015-08-24 02:40 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-24 01:27 - 2015-08-10 02:44 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-24 01:21 - 2015-08-24 01:21 - 00191488 __RSH C:\WINDOWS\SysWOW64\ntlanui21.dll
2015-08-24 01:20 - 2015-08-26 02:41 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{491D843F-5E6F-4737-BC80-B10E6AB4A577}
2015-08-24 01:11 - 2015-08-27 02:00 - 00000000 ____D C:\ProgramData\Adobe
2015-08-24 01:06 - 2015-08-27 02:00 - 00000000 ____D C:\Users\Maxx\AppData\Local\Adobe
2015-08-24 00:22 - 2015-08-24 00:22 - 01377255 _____ (Denzi) C:\Users\Maxx\Downloads\Denzi_setup.exe
2015-08-24 00:22 - 2015-08-24 00:22 - 01377255 _____ (Denzi) C:\Users\Maxx\Downloads\Denzi_setup (1).exe
2015-08-24 00:20 - 2015-08-24 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-24 00:19 - 2015-08-24 00:20 - 00000000 ____D C:\Program Files\7-Zip
2015-08-24 00:19 - 2015-08-24 00:19 - 01334336 _____ (Igor Pavlov) C:\Users\Maxx\Downloads\7z1506-x64.exe
2015-08-24 00:13 - 2015-08-24 00:20 - 00000000 ____D C:\ProgramData\WinZip
2015-08-24 00:12 - 2015-08-24 00:12 - 11055386 _____ C:\Users\Maxx\Downloads\Adobe Premiere Pro CC 7.2.2 Crack with Keygen Only.rar
2015-08-24 00:12 - 2015-08-24 00:12 - 00685648 _____ (WinZip Computing, S.L.) C:\Users\Maxx\Downloads\winzip19.exe
2015-08-24 00:12 - 2015-08-24 00:12 - 00000000 ____D C:\ProgramData\UniqueId
2015-08-24 00:10 - 2015-08-24 00:11 - 306522963 _____ C:\Users\Maxx\Downloads\PremierePro_CC_7_1_upd.zip
2015-08-24 00:04 - 2015-08-27 02:35 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Audacity
2015-08-24 00:04 - 2015-08-24 00:04 - 25186399 _____ (Audacity Team ) C:\Users\Maxx\Downloads\audacity-win-2.1.1.exe
2015-08-24 00:04 - 2015-08-24 00:04 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-08-24 00:04 - 2015-08-24 00:04 - 00001078 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-08-24 00:04 - 2015-08-24 00:04 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-08-23 08:35 - 2015-08-23 08:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-18 09:28 - 2015-08-13 00:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-18 09:28 - 2015-08-13 00:23 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-18 09:28 - 2015-08-13 00:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-18 09:28 - 2015-08-13 00:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-18 09:28 - 2015-08-13 00:17 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-18 09:28 - 2015-08-13 00:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 09:28 - 2015-08-12 23:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-18 09:28 - 2015-08-11 06:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-18 09:28 - 2015-08-11 06:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-18 09:28 - 2015-08-11 06:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-18 09:28 - 2015-08-11 06:03 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-18 09:28 - 2015-08-11 06:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-18 09:28 - 2015-08-11 06:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-18 09:28 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-18 09:28 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-18 09:28 - 2015-08-11 05:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-18 09:28 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-18 09:28 - 2015-08-11 05:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-18 09:28 - 2015-08-11 05:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-18 09:28 - 2015-08-11 05:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-18 09:28 - 2015-08-11 05:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-18 09:28 - 2015-08-11 05:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-18 09:28 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-18 09:28 - 2015-08-11 05:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-18 09:28 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-18 09:28 - 2015-08-11 05:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-18 09:28 - 2015-08-11 05:22 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-18 09:28 - 2015-08-11 05:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-18 09:28 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-18 09:28 - 2015-08-11 05:20 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-18 09:28 - 2015-08-11 05:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-18 09:28 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-18 09:28 - 2015-08-11 05:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-18 09:28 - 2015-08-11 05:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-18 09:28 - 2015-08-11 05:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-18 09:28 - 2015-08-11 05:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-18 09:28 - 2015-08-11 05:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-18 09:28 - 2015-08-11 05:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-18 09:28 - 2015-08-11 05:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-18 09:28 - 2015-08-11 05:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 09:28 - 2015-08-11 05:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-18 09:28 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-18 09:28 - 2015-08-11 05:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-18 09:28 - 2015-08-11 05:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-18 09:28 - 2015-08-11 05:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-18 09:28 - 2015-08-11 05:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-18 09:28 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-18 09:28 - 2015-08-11 05:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-18 09:28 - 2015-08-11 05:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-18 09:28 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-18 09:28 - 2015-08-11 05:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-18 09:28 - 2015-08-11 05:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-18 09:28 - 2015-08-11 05:02 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-18 09:28 - 2015-08-11 05:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-18 09:28 - 2015-08-11 05:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-18 09:28 - 2015-08-11 05:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-18 09:28 - 2015-08-11 05:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-18 09:28 - 2015-08-11 05:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-18 09:28 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-18 09:28 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-18 09:28 - 2015-08-11 04:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-18 09:28 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-18 09:28 - 2015-08-11 04:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-18 09:28 - 2015-08-11 04:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-18 09:28 - 2015-08-11 04:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-18 09:28 - 2015-08-11 04:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-18 09:28 - 2015-08-11 04:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-18 09:28 - 2015-08-11 04:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-18 09:28 - 2015-08-11 04:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-18 09:28 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-18 09:28 - 2015-08-11 04:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-18 09:28 - 2015-08-11 04:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 09:28 - 2015-08-11 04:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-18 09:28 - 2015-08-11 04:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-18 09:28 - 2015-08-11 04:45 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-18 09:28 - 2015-08-11 04:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-18 09:28 - 2015-08-11 04:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-18 09:28 - 2015-08-11 04:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-18 09:28 - 2015-08-11 04:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-18 09:28 - 2015-08-11 04:40 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-18 09:28 - 2015-08-11 04:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-18 09:28 - 2015-08-11 04:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-18 09:28 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 09:03 - 2015-08-26 09:24 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\OBS
2015-08-18 09:03 - 2015-08-18 09:03 - 00001006 _____ C:\Users\Maxx\Desktop\Open Broadcaster Software.lnk
2015-08-18 09:03 - 2015-08-18 09:03 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-08-18 09:03 - 2015-08-18 09:03 - 00000000 ____D C:\Program Files\OBS
2015-08-18 09:03 - 2015-08-18 09:03 - 00000000 ____D C:\Program Files (x86)\OBS
2015-08-18 01:15 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-08-18 01:15 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-08-18 01:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-08-18 01:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-08-18 01:15 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-08-18 01:15 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-08-18 01:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-08-18 01:15 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-08-18 01:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-08-18 01:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-08-18 01:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-08-18 01:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-08-18 01:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-08-18 01:15 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-08-18 01:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-08-18 01:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-08-18 01:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-08-18 01:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-08-18 01:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-08-18 01:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-08-18 01:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-08-18 01:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-08-18 01:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-08-18 01:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-08-18 01:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-08-18 01:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-08-18 01:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-08-18 01:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-08-18 01:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-08-18 01:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-08-18 01:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-08-18 01:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-08-18 01:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-08-18 01:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-08-18 01:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-08-18 01:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-08-18 01:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-08-18 01:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-08-18 01:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-08-18 01:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-08-18 01:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-08-18 01:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-08-18 01:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-08-18 01:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-08-18 01:15 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-08-18 01:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-08-18 01:15 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-08-18 01:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-08-18 01:15 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-08-18 01:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-08-18 01:15 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-08-18 01:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-08-18 01:15 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-08-18 01:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-08-18 01:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-08-18 01:15 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-08-18 01:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-08-18 01:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-08-18 01:15 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-08-18 01:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-08-18 01:15 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-08-18 01:15 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-08-18 01:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-08-18 01:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-08-18 01:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-08-18 01:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-08-18 01:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-08-18 01:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-08-18 01:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-08-18 01:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-08-18 01:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-08-18 01:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-08-18 01:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-08-18 01:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-08-18 01:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-08-18 01:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-08-18 01:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-08-18 01:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-08-18 01:14 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-08-18 01:14 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-08-18 01:14 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-08-18 01:14 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-08-18 01:14 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-08-18 01:14 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-08-18 01:14 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-08-18 01:14 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-08-18 01:14 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-08-18 01:14 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-08-18 01:14 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-08-18 01:14 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-08-18 01:14 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-08-18 01:14 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-08-18 01:14 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-08-18 01:14 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-08-18 01:14 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-08-18 01:14 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-08-18 01:14 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-08-18 01:14 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-08-18 01:14 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-08-18 01:14 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-08-18 01:14 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-08-18 01:14 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-08-18 01:14 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-08-18 01:14 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-08-18 01:14 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-08-18 01:14 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-08-18 01:14 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-08-18 01:14 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-08-18 01:14 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-08-18 01:14 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-08-18 00:09 - 2015-08-18 01:15 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-08-18 00:09 - 2015-08-18 01:14 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-08-18 00:09 - 2015-08-18 00:09 - 07420880 _____ C:\Users\Maxx\Downloads\OBS_0_655b_Installer.exe
2015-08-18 00:09 - 2015-08-18 00:09 - 00292184 _____ (Microsoft Corporation) C:\Users\Maxx\Downloads\dxwebsetup.exe
2015-08-11 09:27 - 2015-08-11 09:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-11 09:27 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 09:18 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 09:18 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 09:18 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 09:18 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 09:18 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 09:18 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 09:17 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 09:17 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 09:17 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 09:17 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 09:17 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 09:17 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 09:17 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 09:17 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 09:17 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 09:17 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 09:17 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 09:17 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 09:17 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 09:17 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 09:17 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 09:17 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 09:17 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 09:17 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 09:17 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 09:17 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 09:17 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 09:17 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 09:17 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 09:17 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 09:17 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 09:17 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 09:17 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 09:17 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 09:17 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 09:17 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 09:17 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 09:17 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 09:17 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 09:17 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 09:17 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 09:17 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 09:17 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 09:17 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 09:17 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 09:17 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 09:17 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 09:17 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 09:17 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 09:17 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 09:17 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 09:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 09:17 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 09:17 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 09:17 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 09:17 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 09:17 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 09:17 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 09:17 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 09:17 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 09:17 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 09:17 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 09:17 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 09:17 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 09:17 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 09:17 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 09:17 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 09:17 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 09:17 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 09:17 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 09:17 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 09:17 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 03:35 - 2015-08-08 11:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-11 03:35 - 2015-08-08 11:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 01:02 - 2015-08-11 01:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-10 09:32 - 2015-08-10 09:32 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\NVIDIA
2015-08-10 09:31 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-08-10 03:36 - 2015-08-10 03:36 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Macromedia
2015-08-10 03:36 - 2015-08-10 03:36 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\LolClient
2015-08-10 03:13 - 2015-08-25 01:28 - 00000000 ____D C:\Windows.old
2015-08-10 02:58 - 2015-08-10 02:58 - 00028672 ___SH C:\WINDOWS\system32\config\BCD-Template.LOG
2015-08-10 02:57 - 2015-08-10 02:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-10 02:55 - 2015-08-10 02:55 - 00000000 ____D C:\WINDOWS\Setup
2015-08-10 02:54 - 2015-08-10 02:54 - 00000000 ____D C:\WINDOWS\OCR
2015-08-10 02:54 - 2015-08-10 02:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-10 02:54 - 2015-08-10 02:54 - 00000000 ____D C:\Program Files\MSBuild
2015-08-10 02:54 - 2015-08-10 02:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-10 02:54 - 2015-08-10 02:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\0409
2015-08-10 02:53 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-10 02:48 - 2015-08-10 03:13 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-10 02:48 - 2015-08-10 02:45 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-08-10 02:48 - 2015-08-10 02:45 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-08-10 02:48 - 2015-08-10 02:45 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-08-10 02:48 - 2015-08-10 02:45 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-08-10 02:48 - 2015-08-10 02:45 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-08-10 02:48 - 2015-08-10 02:44 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-08-10 02:48 - 2015-08-10 02:44 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-08-10 02:48 - 2015-08-10 02:44 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2015-08-10 02:48 - 2015-08-10 02:44 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-08-10 02:48 - 2015-08-10 02:44 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-08-10 02:48 - 2015-08-10 02:44 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-08-10 02:48 - 2015-08-10 02:44 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-08-10 02:48 - 2015-08-10 02:44 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2015-08-10 02:48 - 2015-08-10 02:44 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-08-10 02:48 - 2015-08-10 02:44 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-08-10 02:48 - 2015-08-10 02:44 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2015-08-10 02:47 - 2015-08-27 14:32 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-10 02:47 - 2015-08-27 07:01 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-10 02:47 - 2015-08-26 04:16 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-10 02:47 - 2015-08-24 02:46 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-10 02:47 - 2015-08-24 01:40 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-10 02:47 - 2015-08-23 02:03 - 00000000 ____D C:\WINDOWS\rescache
2015-08-10 02:47 - 2015-08-22 03:15 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-10 02:47 - 2015-08-22 03:15 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-10 02:47 - 2015-08-12 03:31 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 02:47 - 2015-08-12 03:31 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 02:47 - 2015-08-12 03:30 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-10 02:47 - 2015-08-11 03:31 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-10 02:47 - 2015-08-10 03:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\setup
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\system32\Com
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\IME
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-10 02:47 - 2015-08-10 02:53 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-CA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\ias
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\es-MX
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\downlevel
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\system\Speech
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-10 02:47 - 2015-08-10 02:48 - 00000000 ____D C:\WINDOWS\Registration
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 __RSD C:\WINDOWS\Media
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Web
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Vss
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\tracing
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\TAPI
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sru
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech_OneCore
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\restore
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RasToast
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\networklist
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SystemResources
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\spp
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\Speech_OneCore
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\Speech
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\RasToast
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\ras
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\networklist
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\Licenses
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\System
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Speech_OneCore
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Speech
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SKB
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\security
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\schemas
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\SchCache
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Resources
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\PLA
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Performance
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Globalization
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Cursors
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\Branding
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\addins
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\ProgramData\Comms
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files\Windows NT
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files\Common Files\Services
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-08-10 02:47 - 2015-08-10 02:44 - 00000219 _____ C:\WINDOWS\system.ini
2015-08-10 02:47 - 2015-08-10 02:44 - 00000092 _____ C:\WINDOWS\win.ini
2015-08-10 02:47 - 2015-08-10 02:18 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-10 02:47 - 2015-08-10 02:14 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-10 02:47 - 2015-08-09 23:53 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-10 02:47 - 2015-08-09 23:53 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-10 02:47 - 2015-08-09 23:30 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-10 02:47 - 2015-08-09 23:30 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-10 02:47 - 2015-08-09 23:30 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-10 02:47 - 2015-08-09 23:27 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-08-10 02:47 - 2015-08-09 23:26 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-10 02:47 - 2015-08-09 23:21 - 00000000 ____D C:\WINDOWS\Help
2015-08-10 02:47 - 2015-08-09 23:20 - 00000000 ____D C:\ProgramData\USOPrivate
2015-08-10 02:39 - 2015-08-18 17:53 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-10 02:39 - 2015-08-10 02:39 - 00000000 ____D C:\ProgramData\Riot Games
2015-08-10 02:32 - 2015-08-10 22:15 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Skype
2015-08-10 02:32 - 2015-08-10 02:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-10 02:32 - 2015-08-10 02:32 - 00000000 ____D C:\Users\Maxx\AppData\Local\Skype
2015-08-10 02:32 - 2015-08-10 02:32 - 00000000 ____D C:\ProgramData\Skype
2015-08-10 02:32 - 2015-08-10 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-10 02:32 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-08-10 02:32 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-08-10 02:32 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-08-10 02:32 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-08-10 02:32 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-08-10 02:31 - 2015-08-10 02:31 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Maxx\Downloads\SkypeSetup (1).exe
2015-08-10 02:31 - 2015-08-10 02:31 - 00000000 ____D C:\Riot Games
2015-08-10 02:30 - 2015-08-25 00:25 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-08-10 02:30 - 2015-08-10 02:53 - 00000000 ____D C:\WINDOWS\servicing
2015-08-10 02:30 - 2015-08-10 02:47 - 00000000 ____D C:\WINDOWS\system32\SMI
2015-08-10 02:30 - 2015-08-09 23:32 - 00000000 __RHD C:\Users\Default
2015-08-10 02:30 - 2015-08-09 23:20 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-10 02:30 - 2015-07-10 05:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2015-08-10 02:30 - 2015-07-05 06:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-10 02:29 - 2015-08-10 01:14 - 00000000 ___HD C:\$SysReset
2015-08-10 02:27 - 2015-08-10 02:32 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Riot Games
2015-08-10 02:26 - 2015-08-10 02:27 - 27864920 _____ (Riot Games) C:\Users\Maxx\Downloads\LeagueofLegends_NA_Installer_9_15_2014.exe
2015-08-10 02:24 - 2015-08-10 02:25 - 155875632 _____ (Apple Inc.) C:\Users\Maxx\Downloads\iTunes6464Setup (1).exe
2015-08-10 02:14 - 2015-08-10 02:14 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-10 02:14 - 2015-08-10 02:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-08-10 02:14 - 2015-08-10 02:14 - 00000000 ____D C:\Users\Maxx\AppData\Local\Apple
2015-08-10 02:14 - 2015-08-10 02:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-10 02:10 - 2015-08-25 01:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-10 02:10 - 2015-08-10 02:10 - 00000000 ____D C:\Users\Maxx\AppData\Local\Steam
2015-08-10 02:10 - 2015-08-10 02:10 - 00000000 ____D C:\Users\Maxx\AppData\Local\CEF
2015-08-10 02:10 - 2015-08-10 02:10 - 00000000 ____D C:\Program Files\Bonjour
2015-08-10 02:10 - 2015-08-10 02:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-10 02:09 - 2015-08-25 01:03 - 00000000 ____D C:\ProgramData\Apple
2015-08-10 02:06 - 2015-08-26 09:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-10 02:06 - 2015-08-10 02:08 - 155875632 _____ (Apple Inc.) C:\Users\Maxx\Downloads\iTunes6464Setup.exe
2015-08-10 02:06 - 2015-08-10 02:06 - 01476720 _____ C:\Users\Maxx\Downloads\SteamSetup (5).exe
2015-08-10 02:06 - 2015-08-10 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-10 00:03 - 2015-08-24 04:41 - 00000000 ____D C:\Users\Maxx\AppData\Local\Google
2015-08-10 00:03 - 2015-08-24 04:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-10 00:03 - 2015-08-10 00:03 - 00931408 _____ (Google Inc.) C:\Users\Maxx\Downloads\ChromeSetup.exe
2015-08-10 00:01 - 2015-08-10 00:03 - 00000000 ____D C:\Users\Maxx\AppData\Local\MicrosoftEdge
2015-08-09 23:56 - 2015-08-24 04:12 - 00002333 _____ C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-09 23:56 - 2015-08-24 04:12 - 00000000 ___RD C:\Users\Maxx\OneDrive
2015-08-09 23:55 - 2015-08-09 23:55 - 00071824 _____ C:\Users\Maxx\Desktop\Removed Apps.html
2015-08-09 23:55 - 2015-08-09 23:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-09 23:54 - 2015-08-09 23:54 - 00000000 ____D C:\Users\Maxx\AppData\Local\Publishers
2015-08-09 23:53 - 2015-08-26 05:58 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Adobe
2015-08-09 23:53 - 2015-08-24 01:51 - 00000000 ____D C:\Users\Maxx\AppData\Local\Packages
2015-08-09 23:53 - 2015-08-09 23:53 - 00000020 ___SH C:\Users\Maxx\ntuser.ini
2015-08-09 23:53 - 2015-08-09 23:53 - 00000000 ____D C:\Users\Maxx\AppData\Local\VirtualStore
2015-08-09 23:53 - 2015-08-09 23:53 - 00000000 ____D C:\Users\Maxx\AppData\Local\TileDataLayer
2015-08-09 23:35 - 2015-08-27 02:43 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-09 23:32 - 2015-08-09 23:32 - 00000000 __SHD C:\Recovery
2015-08-09 23:29 - 2015-08-26 05:13 - 00000000 ____D C:\Users\Maxx
2015-08-09 23:29 - 2015-08-24 02:46 - 00000000 ___RD C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-09 23:29 - 2015-08-10 02:48 - 00000000 __RSD C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-09 23:29 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-09 23:29 - 2015-08-10 02:47 - 00000000 ___RD C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-09 23:29 - 2015-08-10 02:47 - 00000000 ____D C:\Users\Maxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-09 23:21 - 2015-08-25 00:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-09 23:21 - 2015-08-09 23:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-09 23:21 - 2015-08-09 23:21 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-08-09 23:21 - 2015-08-09 23:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-09 23:21 - 2015-08-09 23:21 - 00000000 ____D C:\Program Files\Realtek
2015-08-09 23:21 - 2015-07-22 21:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-09 23:21 - 2015-07-22 21:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-09 23:21 - 2015-07-22 21:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-09 23:21 - 2015-07-22 21:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-09 23:21 - 2015-07-22 21:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-09 23:21 - 2015-07-22 21:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-09 23:21 - 2015-07-22 00:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-09 23:20 - 2015-08-09 23:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-09 23:20 - 2015-08-09 23:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-09 23:20 - 2015-08-09 23:20 - 00000000 ____D C:\ProgramData\USOShared
2015-08-09 23:20 - 2015-08-09 23:20 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-09 23:18 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-09 23:15 - 2015-08-25 00:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-09 23:15 - 2015-08-12 03:33 - 00189240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-09 08:40 - 2015-08-09 08:42 - 211428531 _____ C:\Users\Maxx\Downloads\Conelrad 640-1240-35061-1-4.zip
2015-08-09 08:34 - 2015-07-30 02:24 - 01561872 ____N (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-09 08:34 - 2015-07-30 02:23 - 00527952 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-09 08:34 - 2015-07-30 02:21 - 00816576 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-09 08:34 - 2015-07-30 02:17 - 01200400 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-09 08:34 - 2015-07-30 02:17 - 01025840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-09 08:34 - 2015-07-30 02:16 - 02147080 ____N (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-09 08:34 - 2015-07-30 02:15 - 00632168 ____N (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-09 08:34 - 2015-07-30 02:14 - 00333168 ____N (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-09 08:34 - 2015-07-30 02:09 - 01562968 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-09 08:34 - 2015-07-30 02:06 - 01043872 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-09 08:34 - 2015-07-30 02:05 - 02498808 ____N C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-09 08:34 - 2015-07-30 02:05 - 00501008 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-09 08:34 - 2015-07-30 02:04 - 01396064 ____N (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-09 08:34 - 2015-07-30 02:03 - 02116448 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-09 08:34 - 2015-07-30 01:24 - 00252768 ____N (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-09 08:34 - 2015-07-30 00:29 - 00705520 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-09 08:34 - 2015-07-30 00:26 - 01867160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-09 08:34 - 2015-07-30 00:26 - 00877016 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-09 08:34 - 2015-07-30 00:25 - 01356368 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-09 08:34 - 2015-07-30 00:25 - 00713312 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-09 08:34 - 2015-07-30 00:24 - 01769056 ____N C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-09 08:34 - 2015-07-30 00:24 - 00445240 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-09 08:34 - 2015-07-30 00:24 - 00407616 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-09 08:34 - 2015-07-30 00:24 - 00285632 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-09 08:34 - 2015-07-30 00:22 - 00896144 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-09 08:34 - 2015-07-30 00:22 - 00507696 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-09 08:34 - 2015-07-30 00:21 - 00962400 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-09 08:34 - 2015-07-30 00:12 - 00287744 ____N (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-09 08:34 - 2015-07-30 00:12 - 00268800 ____N (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-09 08:34 - 2015-07-30 00:09 - 00024576 ____N (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-09 08:34 - 2015-07-30 00:08 - 00494592 ____N (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-09 08:34 - 2015-07-30 00:08 - 00168960 ____N (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-09 08:34 - 2015-07-30 00:08 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-09 08:34 - 2015-07-29 23:59 - 00187904 ____N (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-09 08:34 - 2015-07-29 23:52 - 00859136 ____N (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-09 08:34 - 2015-07-29 23:52 - 00521216 ____N (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-09 08:34 - 2015-07-29 23:52 - 00075264 ____N (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-09 08:34 - 2015-07-29 23:49 - 11557888 ____N (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-09 08:34 - 2015-07-29 23:46 - 02125312 ____N (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-09 08:34 - 2015-07-29 23:46 - 00487424 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-09 08:34 - 2015-07-29 23:46 - 00204288 ____N (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-09 08:34 - 2015-07-29 23:45 - 00195584 ____N (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-09 08:34 - 2015-07-29 23:45 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-09 08:34 - 2015-07-29 23:44 - 00280064 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-09 08:34 - 2015-07-29 23:44 - 00229376 ____N (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-09 08:34 - 2015-07-29 23:44 - 00091648 ____N (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-09 08:34 - 2015-07-29 23:44 - 00065536 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-09 08:34 - 2015-07-29 23:44 - 00041984 ____N (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-09 08:34 - 2015-07-29 23:42 - 00518144 ____N (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-09 08:34 - 2015-07-29 23:41 - 00407040 ____N (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-09 08:34 - 2015-07-29 23:41 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-09 08:34 - 2015-07-29 23:40 - 00846336 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-09 08:34 - 2015-07-29 23:38 - 01420288 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-09 08:34 - 2015-07-29 23:38 - 00080384 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-09 08:34 - 2015-07-29 23:34 - 00599552 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-09 08:34 - 2015-07-29 23:29 - 00654848 ____N (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-09 08:34 - 2015-07-29 23:15 - 09889792 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-09 08:34 - 2015-07-29 23:07 - 00163328 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-09 08:34 - 2015-07-29 23:06 - 00373248 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-09 08:34 - 2015-07-29 23:06 - 00078336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-09 08:34 - 2015-07-29 23:06 - 00034816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-09 08:34 - 2015-07-29 23:04 - 01714176 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-09 08:34 - 2015-07-29 23:04 - 00335360 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-09 08:34 - 2015-07-29 22:59 - 00473088 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-09 08:34 - 2015-07-29 22:58 - 00497152 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-09 08:32 - 2015-08-09 08:33 - 112147177 _____ C:\Users\Maxx\Downloads\Project Nevada 2_5-40040-2-5.7z
2015-08-09 08:26 - 2015-08-09 08:26 - 00779023 _____ C:\Users\Maxx\Downloads\nvse_4_5.7z
2015-08-09 08:22 - 2015-08-09 08:22 - 00000000 ____D C:\Users\Maxx\Documents\FOMM
2015-08-09 08:21 - 2015-08-09 08:21 - 00000255 _____ C:\Users\Maxx\Downloads\Perk every level-34707.7z
2015-08-09 08:19 - 2015-08-09 08:19 - 01404186 _____ (Q, Timeslip ) C:\Users\Maxx\Downloads\FOMM-36901-0-13-21.exe
2015-08-09 07:40 - 2015-08-09 07:40 - 14241792 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 12589056 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 03248640 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 02646528 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 01411072 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 01067520 ____N (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 01043968 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00980832 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-09 07:40 - 2015-08-09 07:40 - 00799232 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00670208 ____N (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00584704 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00569344 ____N (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00480256 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00437248 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00310784 ____N (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00294912 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00275456 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-09 07:40 - 2015-08-09 07:40 - 00251392 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-09 07:40 - 2015-08-09 07:40 - 00082616 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 07569408 ____N (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 07051264 ____N (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 06488312 ____N (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 06305792 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 06101504 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 05118024 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 05076480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04791296 ____N (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04760576 ____N (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04611584 ____N (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04398080 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04350464 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 04169728 ____N (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 03687936 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 03579904 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 03443200 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 03362816 ____N (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 03248128 ____N (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 02741760 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 02606080 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 02235904 ____N (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 02207744 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 02112512 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01773056 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01611264 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01602560 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01591856 ____N (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01521664 ____N (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01418240 ____N (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 01417216 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01380864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01365072 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01294352 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-09 07:39 - 2015-08-09 07:39 - 01203200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01203200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01201664 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01169408 ____N (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01168736 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 01135312 ____N (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 01123400 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 01101792 ____N (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01061888 ____N (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 01031680 ____N (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 01018568 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-09 07:39 - 2015-08-09 07:39 - 00966424 ____N (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00934752 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00925696 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00902656 ____N (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00872448 ____N (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00869376 ____N (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00858408 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00856064 ____N (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00855552 ____N (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00850432 ____N (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00841728 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00832512 ____N (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00828416 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00823336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00808856 ____N (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00798208 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00783872 ____N (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00762896 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00754688 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00752640 ____N (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00750592 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00695136 ____N (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00680448 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00679424 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00677888 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00667136 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00658568 ____N (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00630160 ____N (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00623616 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00607008 ____N (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00601344 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00590336 ____N (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00589824 ____N (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00589312 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00584704 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00584704 ____N (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00584544 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00578048 ____N (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00565088 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00542720 ____N (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00521568 ____N (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00510976 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00505344 ____N C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00503296 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00498016 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00485888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00465920 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00458752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00452608 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00446976 ____N (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00441344 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00430592 ____N (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00425824 ____N (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00421888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00416256 ____N (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00414720 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00366592 ____N (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00359936 ____N (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00356352 ____N (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00343040 ____N (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00342528 ____N (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00335248 ____N (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00329728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00328704 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00325984 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00322048 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00322048 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00316928 ____N (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00303616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00296960 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00291840 ____N (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00290312 ____N (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00283648 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00279552 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00271872 ____N (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00265480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00263168 ____N (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00242176 ____N (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00232960 ____N (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00208736 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00208384 ____N (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00204288 ____N (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00193024 ____N (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00191488 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00186880 ____N (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00185856 ____N (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00181760 ____N (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00181088 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00179712 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00179200 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00176640 ____N (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00169984 ____N (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00167424 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00151040 ____N (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00137216 ____N (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00120832 ____N (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00116736 ____N (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00107520 ____N (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00104960 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00097128 ____N (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00093696 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00084480 ____N (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00069632 ____N (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00069120 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00068096 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00065536 ____N (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00064000 ____N (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00061280 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00060928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00058368 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00057856 ____N (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-09 07:39 - 2015-08-09 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00045056 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00032768 ____N C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-09 07:39 - 2015-08-09 07:39 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-09 07:39 - 2015-08-09 07:39 - 00031232 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-09 07:28 - 2015-06-17 22:10 - 01166520 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-09 07:28 - 2015-06-17 22:10 - 00124112 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 07:28 - 2015-06-17 22:10 - 00035480 ____N (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-09 07:28 - 2015-05-30 01:07 - 00778936 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-09 07:28 - 2015-05-30 01:07 - 00102608 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 07:28 - 2015-05-30 01:07 - 00035480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-30 03:30 - 2015-07-30 03:46 - 00000000 ____D C:\Users\Maxx\Documents\RaceTheSun_Screenshots
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-25 00:25 - 2015-04-12 17:45 - 00000000 ____D C:\AdwCleaner
2015-08-24 04:40 - 2015-04-17 02:32 - 00000000 ____D C:\Users\Maxx\Desktop\Desktop Junk
2015-08-24 02:52 - 2015-04-12 17:45 - 02217984 _____ C:\Users\Maxx\Desktop\adwcleaner_4.201.exe
2015-08-24 01:37 - 2012-05-24 15:28 - 00000045 _____ C:\user.js
2015-08-09 23:30 - 2009-07-14 03:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-09 10:14 - 2013-08-23 13:45 - 00000000 ___RD C:\Users\Maxx\SkyDrive
2015-08-09 08:13 - 2013-09-16 16:01 - 00000000 ____D C:\Users\Maxx\Documents\my games
2015-07-28 10:13 - 2011-06-04 13:18 - 00000000 ____D C:\Users\Maxx\Documents\Word Docs
 
==================== Files in the root of some directories =======
 
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ
 
Some files in TEMP:
====================
C:\Users\Maxx\AppData\Local\Temp\avgnt.exe
C:\Users\Maxx\AppData\Local\Temp\Quarantine.exe
C:\Users\Maxx\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-23 01:55
 
==================== End of FRST.txt ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 PM

Posted 28 August 2015 - 06:36 AM


To me this is suspicious. If you DO NOT know what it is do the fix as suggested.

If you do remove these 2 lines before saving the Fixlist.txt file.

() C:\Program Files (x86)\tiresome\laughable.exe
C:\Program Files (x86)\tiresome


===


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Program Files (x86)\tiresome\laughable.exe
C:\Program Files (x86)\tiresome
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\...\Run: [AdobeBridge] => [X]
FF HKLM\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
CHR Extension: (Avira Browser Safety) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2828300622-781250135-2028311287-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO
C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ
Task: {0361F07B-C3B1-4311-A8E8-6305F717D0A3} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {10541950-8191-4217-A983-1A499ED713ED} - \SMWUpd -> No File <==== ATTENTION
Task: {2952E3E5-8AC1-4A2C-A12A-342C87CE74CC} - System32\Tasks\UfeJ6tc7kSk6eUoBO => C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe <==== ATTENTION
C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe
Task: {680F274E-F043-4B93-A531-A01D303F872A} - System32\Tasks\zBXK5RwlEZQ => C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe <==== ATTENTION
C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe
Task: {8E66A609-FEDC-4A94-B515-87019E7C088E} - \bvxvbxvd -> No File <==== ATTENTION
Task: {9B0DBDA1-0358-4352-A911-9262A3A5FC0D} - \WordSurfer Auto Updater 1.10.0.19 Core -> No File <==== ATTENTION
Task: {9E9DDA6E-3E89-4A34-B921-210FCCCDEEAB} - \WordSurfer Auto Updater 1.10.0.19 Pending Update -> No File <==== ATTENTION
Task: {9F276260-5D24-40CE-BFF4-6D008EEA6424} - \Inst_Rep -> No File <==== ATTENTION
Task: {BEE6E0E1-9B35-4AC4-A893-7B9F85B0E021} - \SMW_UpdateTask_Time_313034333833383838392d3737555a416c503257344a41 -> No File <==== ATTENTION
Task: {D4688E09-047E-4DFC-8F99-DE01711DC08E} - \LaunchPreSignup -> No File <==== ATTENTION
Task: {F75B4578-DF1B-47E8-BDE1-EC1B42C2646A} - \Installer_geforce -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\UfeJ6tc7kSk6eUoBO.job => C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\zBXK5RwlEZQ.job => C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe <==== ATTENTION

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Make sure you have the latest version.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome.

How is the computer running now?

#5 Reed03

Reed03
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:07 PM

Posted 29 August 2015 - 06:25 PM

FixLog.txt

===============================================================================================

Fix result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 01
Ran by Maxx (2015-08-29 18:59:32) Run:1
Running from C:\Users\Maxx\Desktop
Loaded Profiles: Maxx (Available Profiles: Maxx)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
() C:\Program Files (x86)\tiresome\laughable.exe
C:\Program Files (x86)\tiresome
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\...\Run: [AdobeBridge] => [X]
FF HKLM\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}] - C:\Program Files\shopperz240820151333\Firefox
CHR Extension: (Avira Browser Safety) - C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2828300622-781250135-2028311287-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO
C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ
Task: {0361F07B-C3B1-4311-A8E8-6305F717D0A3} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {10541950-8191-4217-A983-1A499ED713ED} - \SMWUpd -> No File <==== ATTENTION
Task: {2952E3E5-8AC1-4A2C-A12A-342C87CE74CC} - System32\Tasks\UfeJ6tc7kSk6eUoBO => C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe <==== ATTENTION
C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe
Task: {680F274E-F043-4B93-A531-A01D303F872A} - System32\Tasks\zBXK5RwlEZQ => C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe <==== ATTENTION
C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe
Task: {8E66A609-FEDC-4A94-B515-87019E7C088E} - \bvxvbxvd -> No File <==== ATTENTION
Task: {9B0DBDA1-0358-4352-A911-9262A3A5FC0D} - \WordSurfer Auto Updater 1.10.0.19 Core -> No File <==== ATTENTION
Task: {9E9DDA6E-3E89-4A34-B921-210FCCCDEEAB} - \WordSurfer Auto Updater 1.10.0.19 Pending Update -> No File <==== ATTENTION
Task: {9F276260-5D24-40CE-BFF4-6D008EEA6424} - \Inst_Rep -> No File <==== ATTENTION
Task: {BEE6E0E1-9B35-4AC4-A893-7B9F85B0E021} - \SMW_UpdateTask_Time_313034333833383838392d3737555a416c503257344a41 -> No File <==== ATTENTION
Task: {D4688E09-047E-4DFC-8F99-DE01711DC08E} - \LaunchPreSignup -> No File <==== ATTENTION
Task: {F75B4578-DF1B-47E8-BDE1-EC1B42C2646A} - \Installer_geforce -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\UfeJ6tc7kSk6eUoBO.job => C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\zBXK5RwlEZQ.job => C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe <==== ATTENTION
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Program Files (x86)\tiresome\laughable.exe => Could not close process
C:\Program Files (x86)\tiresome => moved successfully
HKU\S-1-5-21-2828300622-781250135-2028311287-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{0420BEC0-F2C1-4578-8F19-471B9E5C63A5} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{0420BEC0-F2C1-4578-8F19-471B9E5C63A5} => value removed successfully
C:\Users\Maxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
"HKU\S-1-5-21-2828300622-781250135-2028311287-1001\SOFTWARE\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => key removed successfully
wfpcapture => service removed successfully
C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO => moved successfully
C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0361F07B-C3B1-4311-A8E8-6305F717D0A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0361F07B-C3B1-4311-A8E8-6305F717D0A3}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10541950-8191-4217-A983-1A499ED713ED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10541950-8191-4217-A983-1A499ED713ED}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMWUpd => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2952E3E5-8AC1-4A2C-A12A-342C87CE74CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2952E3E5-8AC1-4A2C-A12A-342C87CE74CC}" => key removed successfully
C:\WINDOWS\System32\Tasks\UfeJ6tc7kSk6eUoBO => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UfeJ6tc7kSk6eUoBO" => key removed successfully
"C:\Users\Maxx\AppData\Roaming\UfeJ6tc7kSk6eUoBO.exe" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{680F274E-F043-4B93-A531-A01D303F872A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{680F274E-F043-4B93-A531-A01D303F872A}" => key removed successfully
C:\WINDOWS\System32\Tasks\zBXK5RwlEZQ => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zBXK5RwlEZQ" => key removed successfully
"C:\Users\Maxx\AppData\Roaming\zBXK5RwlEZQ.exe" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E66A609-FEDC-4A94-B515-87019E7C088E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E66A609-FEDC-4A94-B515-87019E7C088E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bvxvbxvd => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B0DBDA1-0358-4352-A911-9262A3A5FC0D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B0DBDA1-0358-4352-A911-9262A3A5FC0D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSurfer Auto Updater 1.10.0.19 Core => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E9DDA6E-3E89-4A34-B921-210FCCCDEEAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E9DDA6E-3E89-4A34-B921-210FCCCDEEAB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WordSurfer Auto Updater 1.10.0.19 Pending Update => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F276260-5D24-40CE-BFF4-6D008EEA6424}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F276260-5D24-40CE-BFF4-6D008EEA6424}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Inst_Rep => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEE6E0E1-9B35-4AC4-A893-7B9F85B0E021}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEE6E0E1-9B35-4AC4-A893-7B9F85B0E021}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_313034333833383838392d3737555a416c503257344a41 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4688E09-047E-4DFC-8F99-DE01711DC08E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4688E09-047E-4DFC-8F99-DE01711DC08E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F75B4578-DF1B-47E8-BDE1-EC1B42C2646A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F75B4578-DF1B-47E8-BDE1-EC1B42C2646A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_geforce => key not found. 
C:\WINDOWS\Tasks\UfeJ6tc7kSk6eUoBO.job => moved successfully
C:\WINDOWS\Tasks\zBXK5RwlEZQ.job => moved successfully
EmptyTemp: => 867.4 MB temporary data Removed.
 
 

===============================================================================================

===============================================================================================
 
AdwCleaner[S9].txt
===============================================================================================
# AdwCleaner v4.201 - Logfile created 29/08/2015 at 19:07:37
# Updated 08/04/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Maxx - REED-COMPUTER
# Running from : C:\Users\Maxx\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.10240.16412
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v44.0.2403.157
 
 
*************************
 
AdwCleaner[R0].txt - [18011 bytes] - [12/04/2015 17:45:23]
AdwCleaner[R10].txt - [4270 bytes] - [14/04/2015 02:49:28]
AdwCleaner[R11].txt - [4121 bytes] - [14/04/2015 02:52:04]
AdwCleaner[R12].txt - [4181 bytes] - [14/04/2015 02:53:15]
AdwCleaner[R13].txt - [4347 bytes] - [14/04/2015 03:27:46]
AdwCleaner[R14].txt - [4359 bytes] - [14/04/2015 17:33:09]
AdwCleaner[R15].txt - [2383 bytes] - [29/08/2015 19:06:34]
AdwCleaner[R1].txt - [8633 bytes] - [12/04/2015 17:52:13]
AdwCleaner[R2].txt - [3741 bytes] - [12/04/2015 22:52:42]
AdwCleaner[R3].txt - [3867 bytes] - [12/04/2015 23:41:47]
AdwCleaner[R4].txt - [4835 bytes] - [12/04/2015 23:46:31]
AdwCleaner[R5].txt - [3852 bytes] - [12/04/2015 23:51:14]
AdwCleaner[R6].txt - [3911 bytes] - [13/04/2015 14:51:27]
AdwCleaner[R7].txt - [4029 bytes] - [14/04/2015 01:43:47]
AdwCleaner[R8].txt - [4329 bytes] - [14/04/2015 02:20:43]
AdwCleaner[R9].txt - [4264 bytes] - [14/04/2015 02:26:05]
AdwCleaner[S0].txt - [16457 bytes] - [12/04/2015 17:46:55]
AdwCleaner[S1].txt - [2940 bytes] - [12/04/2015 23:18:02]
AdwCleaner[S2].txt - [4926 bytes] - [12/04/2015 23:47:34]
AdwCleaner[S3].txt - [3990 bytes] - [14/04/2015 01:24:25]
AdwCleaner[S4].txt - [4108 bytes] - [14/04/2015 02:17:23]
AdwCleaner[S5].txt - [4119 bytes] - [14/04/2015 02:22:31]
AdwCleaner[S6].txt - [4635 bytes] - [14/04/2015 02:32:43]
AdwCleaner[S7].txt - [4372 bytes] - [14/04/2015 17:34:09]
AdwCleaner[S8].txt - [2331 bytes] - [25/08/2015 00:25:17]
AdwCleaner[S9].txt - [2311 bytes] - [29/08/2015 19:07:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [2370  bytes] ##########
 
 
 

===============================================================================================

===============================================================================================

 

My friend and I actually saw laughable in Task Manager and thought it looked suspicious, so your gut was definitely right!

 

So far so good over here, but I just performed everything maybe a half hour ago. Will definitely post again to let you know if we're all cleared up!



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 PM

Posted 30 August 2015 - 07:04 AM

Your copy of AdwCleaner is out dated. Please always use the latest.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 PM

Posted 05 September 2015 - 09:26 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users