Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Potential Infection - Need Guidance


  • This topic is locked This topic is locked
9 replies to this topic

#1 tillmanj

tillmanj

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 01 October 2015 - 10:54 AM

It looks as if the problem begins with this:
Attached File  syswow64.PNG   97.04KB   0 downloads
 
Symptoms:
  • browsers (firefox, chrome, canary) do not work as expected
    • firefox crashes on startup
    • chrome/canary fails to reach any host
    • other applications (Telegram, Slack, etc) seems to work as intended)
Steps Taken So Far:
  • checked proxy settings. fine
  • checked hosts file, no changes
  • started vpn application
    • can now connect with chrome/canary
    • firefox still crashes
  • attempted to run already installed MBAM
  • attempted to reinstall MBAM
  • ran DDS
  • ran Hijackthis
I would like someone to look over these logs and suggest a next course of action please.
 
Thank you all for your time!

Edited by Queen-Evie, 03 October 2015 - 09:23 AM.
moved from Am I Infected to Malware Removal Logs. DDS & HJT logs are allowed only in MRL forum. Replies deleted after moving to MRL


BC AdBot (Login to Remove)

 


#2 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 03 October 2015 - 06:53 PM

Hi there,

 

Welcome here at BleepingComputer.com. I am Black_Bird and I'll be helping you during the malware removal process.

 

Before we can start, I'd like to ask you to follow up all steps given in this article: Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help.

 

Please post all requested logfiles and a detailed description of your encountered PC problems into your next reply.

 

Good luck! Feel free to ask if you've got any questions about these instructions. :)


Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#3 tillmanj

tillmanj
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 05 October 2015 - 08:32 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by tillmanj (administrator) on OFFICE (05-10-2015 09:27:21)
Running from C:\Users\tillmanj\Downloads
Loaded Profiles: tillmanj (Available Profiles: tillmanj & Administrator)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Scarlet.Crush Productions) C:\Games\ScpServer\bin\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\mainserv.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Buffalo Inc.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\OSC\nvosc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Buffalo Inc.) C:\Program Files\BUFFALO\Device server\Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\apcsystray.exe
() C:\Users\tillmanj\AppData\Local\Wunderlist\Wunderlist.exe
() C:\Users\tillmanj\AppData\Local\Wunderlist\Wunderlist.exe
() C:\Users\tillmanj\AppData\Local\Wunderlist\Wunderlist.exe
() C:\Users\tillmanj\AppData\Local\Wunderlist\Wunderlist.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Ventis Media Inc.) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\8.0\ACDSeeCommanderUltimate8.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
() C:\Games\TSEV Skyrim LE\Mod Organizer\ModOrganizer.exe
(Telegram Messenger LLP) C:\Users\tillmanj\AppData\Roaming\Telegram Desktop\Telegram.exe
(ACD Systems International Inc.) C:\Program Files\ACD Systems\ACDSee Ultimate\8.0\ACDSeeUltimate8.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Slack Technologies) C:\Users\tillmanj\AppData\Local\slack\app-1.2.2\slack.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2730616 2015-09-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15003256 2015-09-19] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112512 2015-06-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => D:\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [Google Update] => C:\Users\tillmanj\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc.)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [ACDSeeCommanderUltimate8] => C:\Program Files\ACD Systems\ACDSee Ultimate\8.0\ACDSeeCommanderUltimate8.exe [2054664 2015-05-06] ()
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\MountPoints2: {aaf0152c-49c4-11e5-9bcc-806e6f6e6963} - "N:\VerizonWirelessUpgradeAssistantSetup.exe" -a
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-09-24]
ShortcutTarget: APC UPS Status.lnk -> D:\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Client Manager V.lnk [2015-08-27]
ShortcutTarget: Client Manager V.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (Buffalo Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-08-22]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-08-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mega2 - Shortcut.lnk [2015-09-05]
ShortcutTarget: mega2 - Shortcut.lnk -> D:\NZBMegasearcH\mega2.exe ()
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Network-USB Navigator.lnk [2015-08-27]
ShortcutTarget: Network-USB Navigator.lnk -> C:\Program Files\BUFFALO\Device server\Connect.exe (Buffalo Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{1de17765-4c3a-4254-b4c1-f321eb89e0e9}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{4985968c-bdf5-4b9a-8079-8f1196a042f0}: [DhcpNameServer] 71.10.216.1 71.10.216.2

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-27] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-27] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-22] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-22] (Oracle Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default
FF DefaultSearchEngine.US: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-27] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-22] (LastPass)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-22] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-22] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2396539890-642297927-1385516461-1001: @tools.google.com/Google Update;version=3 -> C:\Users\tillmanj\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2396539890-642297927-1385516461-1001: @tools.google.com/Google Update;version=9 -> C:\Users\tillmanj\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: LastPass - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\support@lastpass.com [2015-09-25]
FF Extension: Garmin Communicator - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-08-27]
FF Extension: FT DeepDark - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-08-26]
FF Extension: HttpRequester - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-08-27]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-08-26]
FF Extension: F.B. Purity - Cleans Up Facebook - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\fbp@fbpurity.com.xpi [2015-08-26]
FF Extension: Add to Wunderlist - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-3gu11JeYBiIuJA@jetpack.xpi [2015-08-22]
FF Extension: Reddit Enhancement Suite - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-08-24]
FF Extension: No Youtube Comments - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-YMBCq41qvDdqcA@jetpack.xpi [2015-08-26]
FF Extension: NoScript - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-26]
FF Extension: ReloadEvery - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-27]
FF Extension: Adblock Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-22]
FF Extension: Tab Mix Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-08-22]
FF Extension: DownThemAll! - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-08-22]
FF Extension: Evernote Web Clipper - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-08-25]
FF Extension: Greasemonkey - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-25]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 8.0.600.27) - C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U60) - C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2396539890-642297927-1385516461-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tillmanj\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-03]
CHR HKU\S-1-5-21-2396539890-642297927-1385516461-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; D:\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [139568 2015-07-06] (Buffalo Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-08-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-08-22] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-23] (Dropbox, Inc.)
R2 Ds3Service; C:\Games\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-09-28] (NVIDIA Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-19] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-09-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568632 2015-09-28] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2057736 2015-09-16] (Electronic Arts)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2015-08-22] () [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Bufeap; C:\Windows\system32\DRIVERS\bufeap64.sys [18944 2015-03-12] (BUFFALO INC.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-08-23] (REALiX™)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-22] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-09-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [302592 2015-08-27] (silex technology, Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 09:27 - 2015-10-05 09:27 - 00032291 _____ C:\Users\tillmanj\Downloads\FRST.txt
2015-10-05 09:27 - 2015-10-05 09:27 - 00000000 ____D C:\FRST
2015-10-05 09:26 - 2015-10-05 09:27 - 02193920 _____ (Farbar) C:\Users\tillmanj\Downloads\FRST64.exe
2015-10-05 09:06 - 2015-10-05 09:06 - 00016148 _____ C:\Windows\system32\OFFICE_tillmanj_HistoryPrediction.bin
2015-10-04 10:54 - 2015-10-04 10:54 - 00002144 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-04 10:53 - 2015-10-04 10:53 - 00005848 _____ C:\Windows\PFRO.log
2015-10-04 02:57 - 2015-10-04 02:57 - 00000000 ____D C:\Users\tillmanj\.android
2015-10-03 11:45 - 2015-10-03 11:45 - 00000751 _____ C:\Users\tillmanj\Desktop\Uplay.lnk
2015-10-03 11:45 - 2015-10-03 11:45 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-03 11:45 - 2015-10-03 11:45 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Ubisoft Game Launcher
2015-10-03 11:44 - 2015-10-03 11:44 - 67153848 _____ (Ubisoft) C:\Users\tillmanj\Downloads\UplayInstaller.exe
2015-10-03 01:51 - 2015-10-03 02:48 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Warframe
2015-10-03 01:51 - 2015-10-03 01:51 - 00000386 _____ C:\Windows\DirectX.log
2015-10-02 14:38 - 2015-10-05 08:51 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-02 13:30 - 2015-10-02 13:44 - 00000000 ____D C:\Users\tillmanj\Documents\Audibooks
2015-10-02 12:14 - 2015-10-02 12:14 - 00000000 ____D C:\ProgramData\Nexon
2015-10-02 11:27 - 2015-10-02 11:31 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\Daybreak Game Company
2015-10-02 11:27 - 2015-10-02 11:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\SCE
2015-10-02 11:27 - 2015-10-02 11:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Daybreak Game Company
2015-10-02 11:14 - 2015-09-13 17:57 - 00574256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-02 11:13 - 2015-09-18 18:08 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 22559352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 18569848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 16646112 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 13666840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 12191856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 02354808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 02105976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01178248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01064056 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01001440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00986416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00945272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00785152 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00632664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00631128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00601240 _____ C:\Windows\system32\nvmcumd.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00387720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00376440 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00339760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00316120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-02 11:11 - 2015-09-28 18:03 - 00109424 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-10-02 09:29 - 2015-10-02 09:29 - 00660960 _____ (Dropbox, Inc.) C:\Users\tillmanj\Downloads\DropboxInstaller.exe
2015-10-02 09:29 - 2015-10-02 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 13:14 - 2015-09-24 20:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-10-01 13:14 - 2015-09-24 20:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-10-01 13:14 - 2015-09-24 20:13 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-10-01 13:14 - 2015-09-24 19:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-01 13:14 - 2015-09-24 19:34 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 13:14 - 2015-09-24 19:24 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-10-01 13:14 - 2015-09-24 19:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:14 - 2015-09-24 19:23 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-01 13:14 - 2015-09-24 19:17 - 02178560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-01 13:14 - 2015-09-24 19:08 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-10-01 13:14 - 2015-09-24 19:07 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-10-01 13:14 - 2015-09-24 19:06 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-10-01 13:14 - 2015-09-24 19:05 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-10-01 13:14 - 2015-09-24 19:01 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-10-01 13:14 - 2015-09-24 19:01 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-10-01 13:14 - 2015-09-24 18:53 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-10-01 13:14 - 2015-09-24 18:43 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-10-01 13:14 - 2015-09-24 18:43 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:14 - 2015-09-24 18:42 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-10-01 13:14 - 2015-09-24 18:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-01 13:14 - 2015-09-24 18:19 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-01 13:14 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-10-01 13:14 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 08020816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-01 13:14 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-01 13:14 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-10-01 13:14 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-10-01 13:14 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-01 13:14 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-01 13:14 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-10-01 13:14 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-10-01 13:14 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-10-01 13:14 - 2015-09-17 02:39 - 00081488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-01 13:14 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-10-01 13:14 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-10-01 13:14 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-10-01 13:14 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-10-01 13:14 - 2015-09-17 02:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-10-01 13:14 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-10-01 13:14 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-10-01 13:14 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-10-01 13:14 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-10-01 13:14 - 2015-09-17 02:12 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-10-01 13:14 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-10-01 13:14 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-10-01 13:14 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-10-01 13:14 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-10-01 13:14 - 2015-09-17 02:07 - 21875712 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-10-01 13:14 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-10-01 13:14 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-10-01 13:14 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-10-01 13:14 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-10-01 13:14 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 24595456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 13:14 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-10-01 13:14 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:14 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-01 13:14 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-10-01 13:14 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 07523328 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-10-01 13:14 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 19325440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-10-01 13:14 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-10-01 13:14 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-10-01 13:14 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 13:14 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:14 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-10-01 13:14 - 2015-09-17 01:37 - 18806272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-10-01 13:14 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-10-01 13:14 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-10-01 13:14 - 2015-09-17 01:33 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 03579904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:14 - 2015-09-17 01:31 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-10-01 13:14 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-10-01 13:14 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-10-01 13:14 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-10-01 13:14 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 13:14 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-10-01 13:14 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-01 13:14 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-10-01 12:51 - 2015-10-01 12:51 - 00007620 _____ C:\Users\tillmanj\Documents\City To City Mileage Log - 2015.xlsx
2015-10-01 12:08 - 2015-10-01 12:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-01 12:08 - 2015-10-01 12:08 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-01 12:07 - 2015-10-01 12:07 - 00534064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-10-01 12:06 - 2015-10-01 12:06 - 18509368 _____ (Adobe Systems Inc.) C:\Users\tillmanj\Downloads\AdobeAIRInstaller.exe
2015-10-01 11:56 - 2015-10-01 11:56 - 00059515 _____ C:\Users\tillmanj\Downloads\DDS.txt
2015-10-01 11:49 - 2015-10-01 11:49 - 00015322 _____ C:\Users\tillmanj\Documents\DDS Attach.txt
2015-10-01 11:48 - 2015-10-01 11:48 - 00059515 _____ C:\Users\tillmanj\Documents\DDS.txt
2015-10-01 11:48 - 2015-10-01 11:48 - 00013607 _____ C:\Users\tillmanj\Documents\hijackthis.log
2015-10-01 11:31 - 2015-10-01 11:31 - 01670656 _____ C:\Users\tillmanj\Downloads\AdwCleaner.exe
2015-10-01 11:29 - 2015-10-01 11:29 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\tillmanj\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-01 11:27 - 2015-10-01 11:27 - 00013607 _____ C:\Users\tillmanj\Downloads\hijackthis.log
2015-10-01 11:24 - 2015-10-01 11:24 - 00059515 _____ C:\Users\tillmanj\Desktop\dds.txt
2015-10-01 11:24 - 2015-10-01 11:24 - 00015322 _____ C:\Users\tillmanj\Desktop\attach.txt
2015-10-01 11:07 - 2015-10-01 11:07 - 00010554 _____ C:\Users\tillmanj\Desktop\charlotte ground.xlsx
2015-09-30 23:18 - 2015-10-01 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-29 16:28 - 2015-09-29 19:59 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-29 15:54 - 2015-09-29 15:54 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2015-09-27 15:17 - 2015-09-27 15:17 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-09-27 15:16 - 2015-09-27 15:16 - 00000000 ____D C:\Program Files\Java
2015-09-27 11:16 - 2015-09-27 11:16 - 00000000 ____D C:\Program Files\Bignox
2015-09-27 11:08 - 2015-09-27 11:08 - 00000000 ____D C:\Users\tillmanj\Downloads\Fix problem caused by Google official update
2015-09-26 19:44 - 2015-09-26 20:00 - 00000000 ____D C:\LODoutput
2015-09-26 03:08 - 2015-09-29 14:14 - 00000000 ____D C:\Windows\Minidump
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Logishrd
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Users\Public\Documents\LogiShrd
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Program Files\Logitech
2015-09-25 16:24 - 2015-09-25 16:24 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Logitech
2015-09-25 16:22 - 2015-09-25 16:22 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-09-25 16:21 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Logitech
2015-09-25 16:21 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Logishrd
2015-09-25 10:02 - 2015-09-25 10:02 - 00000165 ____H C:\Users\tillmanj\Documents\~$Dragonborn Gallery.xlsx
2015-09-24 14:42 - 2015-09-24 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2015-09-24 14:40 - 2015-09-24 14:40 - 15922552 _____ (Schneider Electric) C:\Users\tillmanj\Downloads\PCPEInstaller.exe
2015-09-24 14:40 - 2015-09-24 14:40 - 13923704 _____ (Schneider Electric) C:\Users\tillmanj\PCPE Setup.exe
2015-09-24 14:40 - 2015-09-24 14:40 - 13338112 _____ C:\Users\tillmanj\PCPE_3.0.1.msi
2015-09-24 14:40 - 2015-09-24 14:40 - 01079808 _____ (Microsoft Corporation) C:\Users\tillmanj\mfc80u.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00626688 _____ (Microsoft Corporation) C:\Users\tillmanj\msvcr80.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021880 _____ (Schneider Electric) C:\Users\tillmanj\grm_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021880 _____ (Schneider Electric) C:\Users\tillmanj\fr_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\pt_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\it_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\es_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\en_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00020856 _____ (Schneider Electric) C:\Users\tillmanj\ru_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00020344 _____ (Schneider Electric) C:\Users\tillmanj\jp_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00019832 _____ (Schneider Electric) C:\Users\tillmanj\zh_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00018808 _____ C:\Users\tillmanj\ResourceReader.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00000550 _____ C:\Users\tillmanj\Microsoft.VC80.MFC.manifest
2015-09-24 14:40 - 2015-09-24 14:40 - 00000522 _____ C:\Users\tillmanj\Microsoft.VC80.CRT.manifest
2015-09-24 14:40 - 2015-09-24 14:40 - 00000027 _____ C:\Users\tillmanj\dotnetfolder.txt
2015-09-23 10:01 - 2015-10-02 15:53 - 00079429 _____ C:\Users\tillmanj\Documents\Dragonborn Gallery.xlsx
2015-09-22 13:22 - 2015-09-22 13:22 - 00000000 ____D C:\Users\tillmanj\Documents\3DMark
2015-09-22 13:19 - 2015-09-22 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-09-22 13:18 - 2015-09-22 13:18 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-09-22 13:14 - 2015-09-22 13:15 - 00000000 ____D C:\Users\tillmanj\Downloads\[Guru3D]-PCMark8
2015-09-22 13:14 - 2015-09-22 13:14 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Futuremark
2015-09-22 11:47 - 2015-09-22 12:19 - 3132852312 _____ C:\Users\tillmanj\Downloads\[Guru3D]-PCMark8.zip
2015-09-22 11:46 - 2015-09-22 11:46 - 00000000 ____D C:\Users\tillmanj\Documents\PCMark 8
2015-09-21 18:29 - 2015-09-23 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-09-21 18:26 - 2015-09-21 18:26 - 00000000 __RHD C:\MSOCache
2015-09-21 13:21 - 2015-09-21 13:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Wireshark
2015-09-21 13:10 - 2015-09-21 13:10 - 00001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\Program Files\Wireshark
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-09-21 11:25 - 2015-09-21 11:25 - 00497874 _____ C:\Users\tillmanj\Downloads\Microsoft.Office.Professional.Plus.2013.x64-iNDiSO.nzb
2015-09-20 14:08 - 2015-09-20 14:08 - 00395050 _____ C:\Users\tillmanj\Downloads\Microsoft.Office.2010.Professional.Plus.x64.READNFO-MO2010.nzb
2015-09-20 13:48 - 2015-09-20 13:48 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2015-09-20 13:48 - 2015-09-20 13:48 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-09-20 13:27 - 2015-09-20 13:27 - 00016148 _____ C:\Windows\system32\OFFICE_Administrator_HistoryPrediction.bin
2015-09-20 13:26 - 2015-09-20 13:26 - 00002406 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ___RD C:\Users\Administrator\OneDrive
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Creative
2015-09-20 13:25 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator
2015-09-20 13:25 - 2015-09-20 13:25 - 00002342 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2015-09-20 13:25 - 2015-09-20 13:25 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-09-20 13:25 - 2015-08-23 22:28 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-20 13:14 - 2015-10-04 10:58 - 00003808 _____ C:\Windows\System32\Tasks\AutoKMS
2015-09-20 13:14 - 2015-09-20 13:22 - 00000000 ____D C:\Windows\AutoKMS
2015-09-20 13:14 - 2015-09-20 12:50 - 51970048 ____R C:\Users\tillmanj\Downloads\Microsoft Toolkit.exe
2015-09-20 13:13 - 2015-09-20 13:13 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-09-19 15:18 - 2015-10-04 10:53 - 00169472 ___SH C:\Users\tillmanj\Desktop\Thumbs.db
2015-09-16 18:25 - 2015-09-16 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital
2015-09-16 18:24 - 2015-09-20 13:12 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Origin
2015-09-16 18:24 - 2015-09-16 18:25 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Origin
2015-09-16 18:23 - 2015-09-20 13:24 - 00000000 ____D C:\ProgramData\Origin
2015-09-16 18:23 - 2015-09-16 18:25 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-09-15 23:29 - 2015-09-15 23:29 - 00253384 _____ (BigNox Corporation) C:\Windows\SysWOW64\Drivers\XQHDrv.sys
2015-09-15 10:42 - 2015-10-04 05:44 - 00000000 ____D C:\Users\tillmanj\AppData\Local\EvernoteNW
2015-09-14 17:33 - 2015-09-14 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-14 12:26 - 2015-09-14 14:55 - 00000080 _____ C:\Users\tillmanj\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-09-14 11:36 - 2015-09-14 11:38 - 00000000 ____D C:\Users\tillmanj\Downloads\3DMGAME-Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5.Fixed-3DM
2015-09-13 13:06 - 2015-09-26 15:19 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Plex Home Theater
2015-09-13 13:06 - 2015-09-13 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Home Theater
2015-09-12 20:33 - 2015-09-12 20:33 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Kodi
2015-09-12 20:13 - 2015-09-12 20:13 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-09-12 11:27 - 2015-09-12 11:27 - 00000000 ____D C:\ProgramData\Creative
2015-09-12 11:26 - 2015-09-12 11:26 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Creative
2015-09-10 17:21 - 2015-09-10 17:21 - 00000000 ____D C:\Users\tillmanj\V21K
2015-09-09 16:03 - 2015-09-27 23:29 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-09 13:00 - 2015-09-09 13:00 - 00000000 ____D C:\Users\tillmanj\Documents\My Cheat Tables
2015-09-08 22:59 - 2015-08-27 02:36 - 03620736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 22:59 - 2015-08-27 02:32 - 00608936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-09-08 22:59 - 2015-08-27 01:59 - 02880032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 22:59 - 2015-08-27 01:54 - 00541248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-09-08 22:59 - 2015-08-27 01:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 22:59 - 2015-08-27 01:51 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 22:59 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 22:59 - 2015-08-27 01:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 22:59 - 2015-08-27 01:47 - 12503552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 22:59 - 2015-08-27 01:43 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 22:59 - 2015-08-27 01:43 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 22:59 - 2015-08-27 01:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 22:59 - 2015-08-27 01:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 22:59 - 2015-08-27 01:16 - 02153472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 22:59 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:59 - 2015-08-27 01:12 - 00650752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 22:59 - 2015-08-27 01:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 22:59 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 22:59 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 22:59 - 2015-08-27 01:09 - 11262464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 22:59 - 2015-08-27 01:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 15:16 - 2015-09-08 15:26 - 00000000 ____D C:\Users\tillmanj\Documents\Assassin's Creed IV Black Flag
2015-09-08 15:16 - 2015-09-08 15:16 - 00000000 ____D C:\ProgramData\Orbit
2015-09-08 12:28 - 2015-09-08 12:28 - 00000843 _____ C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished.lnk
2015-09-07 12:32 - 2015-09-11 12:22 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Arma 3
2015-09-07 12:32 - 2015-09-07 12:33 - 00000000 ____D C:\Users\tillmanj\Documents\Arma 3
2015-09-07 12:32 - 2015-09-07 12:32 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-09-07 12:21 - 2015-09-07 12:21 - 00000417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arma 3.lnk
2015-09-07 11:01 - 2015-09-07 11:01 - 00000000 ____D C:\Users\tillmanj\Documents\Banished
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\Documents\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Steam
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\.mono
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\ProgramData\.mono
2015-09-07 10:24 - 2015-09-07 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2015-09-05 22:12 - 2015-09-27 17:42 - 00000000 ____D C:\Users\tillmanj\Documents\BeerSmith2
2015-09-05 22:12 - 2015-09-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeerSmith 2
2015-09-05 14:26 - 2015-09-05 14:26 - 00593693 _____ C:\Users\tillmanj\Downloads\Autoruns.zip
2015-09-05 14:08 - 2015-09-05 14:08 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\Adobe
2015-09-05 14:07 - 2015-10-01 12:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-05 14:07 - 2015-09-20 13:34 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 09:26 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\sru
2015-10-05 09:24 - 2015-08-22 21:06 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\LastPass
2015-10-05 09:21 - 2015-08-22 21:03 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 09:18 - 2015-08-26 12:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-05 08:44 - 2015-09-03 10:16 - 00001046 _____ C:\Windows\Tasks\dgIfwn1qOE28IRKWQBtFlEdZ.job
2015-10-05 08:43 - 2015-09-03 10:15 - 00001050 _____ C:\Windows\Tasks\KDNwADtpnpzORGC5tKgUb3kv9L.job
2015-10-05 08:34 - 2015-08-23 16:04 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-05 08:29 - 2015-09-04 12:17 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001UA.job
2015-10-05 07:28 - 2015-09-03 10:16 - 00001044 _____ C:\Windows\Tasks\aqA4aSo3aOQQjZuOOWMLdXS.job
2015-10-05 05:43 - 2015-09-03 09:45 - 00001034 _____ C:\Windows\Tasks\MA6crr4lG941o6zb9H.job
2015-10-05 02:45 - 2015-09-03 09:45 - 00001042 _____ C:\Windows\Tasks\Z65XngsuUVWsaaBdHSuwRM.job
2015-10-05 00:21 - 2015-08-22 21:03 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-04 21:54 - 2015-09-03 10:15 - 00001020 _____ C:\Windows\Tasks\XNXrIEPWBim.job
2015-10-04 20:12 - 2015-08-26 18:13 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\MediaMonkey
2015-10-04 11:25 - 2015-08-22 21:03 - 00000000 ___RD C:\Users\tillmanj\Google Drive
2015-10-04 11:25 - 2015-08-22 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-04 10:59 - 2015-08-22 17:51 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-04 10:56 - 2015-08-29 17:17 - 00052270 _____ C:\Windows\system32\lvcoinst.log
2015-10-04 10:54 - 2015-08-23 16:05 - 00000000 ___RD C:\Users\tillmanj\Dropbox
2015-10-04 10:54 - 2015-08-23 16:04 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Dropbox
2015-10-04 10:54 - 2015-08-23 11:18 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-04 10:54 - 2015-08-22 22:04 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Wunderlist
2015-10-04 10:54 - 2015-08-22 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-04 10:53 - 2015-08-23 16:04 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-04 10:53 - 2015-08-22 20:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-04 10:53 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj
2015-10-04 10:53 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-04 10:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2015-10-04 05:53 - 2015-07-10 05:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-04 05:45 - 2015-09-02 10:09 - 00000000 ____D C:\Users\tillmanj\.BigNox
2015-10-04 03:55 - 2015-09-02 10:09 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Nox
2015-10-03 16:29 - 2015-09-04 12:17 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001Core.job
2015-10-03 07:58 - 2015-08-27 11:32 - 00000000 ____D C:\Users\tillmanj\AppData\Local\CrashDumps
2015-10-02 11:14 - 2015-08-22 20:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-02 11:11 - 2015-08-22 20:23 - 00000000 ____D C:\Users\tillmanj\AppData\Local\NVIDIA Corporation
2015-10-02 11:11 - 2015-08-22 20:21 - 00000000 ____D C:\Users\tillmanj\AppData\Local\NVIDIA
2015-10-02 11:10 - 2015-08-22 20:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-02 09:29 - 2015-08-23 16:04 - 00003986 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-02 09:29 - 2015-08-23 16:04 - 00003754 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-02 09:29 - 2015-08-23 16:04 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 13:51 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2015-10-01 12:08 - 2015-08-28 15:02 - 00000000 ____D C:\ProgramData\Adobe
2015-10-01 12:08 - 2015-08-26 12:32 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Adobe
2015-10-01 12:08 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Adobe
2015-10-01 11:26 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Local\VirtualStore
2015-10-01 11:08 - 2015-08-22 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-01 11:05 - 2015-09-03 14:23 - 00000000 ____D C:\AdwCleaner
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Local\SquirrelTemp
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Local\slack
2015-09-28 18:04 - 2015-08-22 20:23 - 01480984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-09-28 18:04 - 2015-08-22 20:23 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-09-28 18:03 - 2015-08-22 20:23 - 01793480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-09-28 18:03 - 2015-08-22 20:23 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-09-27 17:01 - 2015-08-23 16:35 - 00000000 ____D C:\Users\tillmanj\AppData\Local\LOOT
2015-09-27 15:17 - 2015-08-22 20:32 - 00000000 ____D C:\Users\tillmanj\.oracle_jre_usage
2015-09-27 15:17 - 2015-08-22 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-27 11:16 - 2015-09-02 10:08 - 00000000 ____D C:\Program Files\DIFX
2015-09-26 10:59 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\LiveKernelReports
2015-09-25 16:27 - 2015-08-29 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-09-25 16:27 - 2015-08-29 17:41 - 00000000 ____D C:\ProgramData\LogiShrd
2015-09-25 16:27 - 2015-08-29 17:17 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-09-25 16:22 - 2015-08-22 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-24 13:08 - 2015-08-23 21:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-23 13:24 - 2015-07-10 07:04 - 00000167 _____ C:\Windows\win.ini
2015-09-23 09:14 - 2015-07-10 08:20 - 00340616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-22 16:45 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-22 16:44 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-22 05:18 - 2015-08-26 12:33 - 00003816 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 18:55 - 2015-08-22 20:15 - 11198080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-21 18:28 - 2015-08-23 21:57 - 00000000 ____D C:\Program Files\Microsoft Office
2015-09-21 18:27 - 2015-07-10 09:14 - 00000000 ____D C:\Windows\ShellNew
2015-09-21 13:07 - 2015-08-22 20:47 - 00000000 ____D C:\Program Files (x86)\Gigabyte
2015-09-21 13:07 - 2015-08-22 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-21 13:05 - 2015-08-23 20:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\uTorrent
2015-09-20 14:31 - 2015-08-31 09:43 - 00000000 ____D C:\TES5LODGenOutput
2015-09-20 13:22 - 2015-08-22 20:47 - 00026192 ____N (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-09-20 12:56 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-18 18:08 - 2015-08-22 20:15 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-09-18 18:08 - 2015-08-22 20:15 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-16 17:50 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Packages
2015-09-16 16:24 - 2015-09-04 12:17 - 00004056 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001UA
2015-09-16 16:24 - 2015-09-04 12:17 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001Core
2015-09-16 12:44 - 2015-08-25 17:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\vlc
2015-09-16 02:07 - 2015-09-02 10:08 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-09-15 23:29 - 2015-09-02 10:08 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2015-09-15 12:12 - 2015-07-10 07:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 12:12 - 2015-07-10 07:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 10:39 - 2015-08-26 16:00 - 00024064 ___SH C:\Users\tillmanj\Downloads\Thumbs.db
2015-09-15 00:16 - 2015-08-22 21:03 - 00003978 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 00:16 - 2015-08-22 21:03 - 00003746 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 14:55 - 2015-08-24 15:59 - 00000000 ____D C:\Program Files\Rockstar Games
2015-09-14 14:55 - 2015-08-24 15:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-14 11:43 - 2015-08-24 15:29 - 00000000 ____D C:\Users\tillmanj\Documents\Rockstar Games
2015-09-13 20:24 - 2015-08-22 20:26 - 15631128 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-13 20:24 - 2015-08-22 20:26 - 14945040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-13 20:24 - 2015-08-22 20:26 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 17934400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 15336024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 12611632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 03484216 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 03077544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00034098 _____ C:\Windows\system32\nvinfo.pb
2015-09-13 18:04 - 2015-08-22 20:08 - 06885168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 03496056 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-09-13 18:04 - 2015-08-22 20:08 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-09-11 16:41 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Slack
2015-09-11 08:17 - 2015-08-22 20:08 - 05231082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-09 10:41 - 2015-08-22 22:58 - 00000000 ____D C:\Windows\system32\MRT
2015-09-07 10:53 - 2015-08-23 10:28 - 00000000 ____D C:\Games

==================== Files in the root of some directories =======

2015-08-22 21:06 - 2015-08-22 21:06 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\aqA4aSo3aOQQjZuOOWMLdXS
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\dgIfwn1qOE28IRKWQBtFlEdZ
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\KDNwADtpnpzORGC5tKgUb3kv9L
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\MA6crr4lG941o6zb9H
2015-08-27 13:59 - 2015-08-27 13:59 - 0000600 _____ () C:\Users\tillmanj\AppData\Roaming\winscp.rnd
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\XNXrIEPWBim
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\Z65XngsuUVWsaaBdHSuwRM
2015-08-26 16:09 - 2015-08-27 12:49 - 0000600 _____ () C:\Users\tillmanj\AppData\Local\PUTTY.RND
2015-09-03 09:57 - 2015-09-03 09:57 - 0001014 _____ () C:\ProgramData\JunkCleaner.lnk

Files to move or delete:
====================
C:\Users\tillmanj\en_res.dll
C:\Users\tillmanj\es_res.dll
C:\Users\tillmanj\fr_res.dll
C:\Users\tillmanj\grm_res.dll
C:\Users\tillmanj\it_res.dll
C:\Users\tillmanj\jp_res.dll
C:\Users\tillmanj\mfc80u.dll
C:\Users\tillmanj\msvcr80.dll
C:\Users\tillmanj\PCPE Setup.exe
C:\Users\tillmanj\pt_res.dll
C:\Users\tillmanj\ResourceReader.dll
C:\Users\tillmanj\ru_res.dll
C:\Users\tillmanj\zh_res.dll


Some files in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpij_r9j.dll
C:\Users\tillmanj\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuf1nvh.dll
C:\Users\tillmanj\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\tillmanj\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-07-10 07:00] - [2015-09-03 09:41] - 0680256 ____A (Microsoft Corporation) D72F00D038CAF288009C8A7FC3BA2B11

C:\Windows\SysWOW64\dnsapi.dll
[2015-10-01 12:07] - [2015-10-01 12:07] - 0534064 ____A (Microsoft Corporation) 4111492514CD8085E67C844E9C9FD74D

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-04 11:04

==================== End of FRST.txt ============================

Attached Files



#4 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 05 October 2015 - 01:13 PM

Hi,

There's a lot of malicious activity going on here. Let's start cleaning up. First I'll give you some advices:

===================================== WARNINGS =====================================


An important WARNING to all individuals reading this topic:
All advice in this topic was given specifically for this user and this computer!! Performing instructions given by me in this topic on other computers may harm your computer's infrastructure and can cause serious damage to them!!
Please don't perform the steps given by me or other Helpers in this topic when you are not the original Topic Starter, but start your own topic with a question for help. You will get help from a trained and qualified Helper to clean up your computer from any present malware when you do so.



WARNING: No Anti-Virus program installed !!
I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
Three good antivirus programs free for non-commercial home use are Avast!, Antivir and Microsoft Security Essentials
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.


WARNING: Peer-to-Peer software installed !!
Going over your logs I noticed that you have µTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.


WARNING: Active cracks/warez !!
Going over your logs I've mentioned that you're using cracks or warez on this computer, using the "AutoKMS" utility. This tool is mostly used to install illegal versions of Microsoft Windows or Office. Malware often comes installed through cracked software and I've seen multiple users in the past getting infected after using tools like AutoKMS. I'd really advise you to not use cracked software anymore because of this.


================================== MALWARE REMOVAL =================================


Now, let's start cleaning up your PC.

1. Please download to your Desktop.
  • Please make sure to put fixlist.txt in the same location as where FRST.exe/FRST64.exe is located!
2. Download RKill and save it to your Desktop.
  • Right-click RKill.exe and select Run as Administrator....
  • If a Windows Security prompt shows up, please allow the program to start.
  • The program will start immediately with it's tasks. When the program has finished, a logfile will appear.
    Please copy the contents of this logfile in your next reply.
3. Start Farbar Recovery Scan Tool by right-clicking it and selecting Run as Administrator.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called fixlog.txt. Please include this logfile in your next reply.
4. Please remove fixlist.txt from your PC.

5. Download AdwCleaner and save it to your Desktop.
  • When the program has started, click the Scan button and wait untill the scan has finished.
  • Make sure everything (on all tabs) is selected, and click the Clean button.
  • It's possible that AdwCleaner asks you to restart the system. It's important that you agree with this.
  • After restart a logfile will appear. Please post the contents of that logfile in your next reply.
6. Please reboot your PC.

7. Start Farbar Recovery Scan Tool
  • If asked, click Yes at the Disclaimer window.
  • Click Scan once the program has opened.
  • It will create a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
8. Please go to VirusTotal.com
Upload this file: C:\Windows\Explorer.exe
Allow the website to scan this file and copy/paste all results into your next reply.

9. Please give me an update on your PC problems. Also please include the results from the following tools in your next reply:
  • RKill
  • Farbar Recovery Scan Tool - using fixlist.txt
  • AdwCleaner
  • Farbar Recovery Scan Tool - regular scan
  • VirusTotal's results

Edited by Black_Bird, 05 October 2015 - 01:14 PM.

Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#5 tillmanj

tillmanj
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 05 October 2015 - 02:16 PM

FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by tillmanj (administrator) on OFFICE (05-10-2015 14:41:15)
Running from C:\Users\tillmanj\Downloads
Loaded Profiles: tillmanj (Available Profiles: tillmanj & Administrator)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Scarlet.Crush Productions) C:\Games\ScpServer\bin\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\mainserv.exe
(Buffalo Inc.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\dataserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\tillmanj\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\OSC\nvosc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Buffalo Inc.) C:\Program Files\BUFFALO\Device server\Connect.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Schneider Electric) D:\APC\PowerChute Personal Edition\apcsystray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2730616 2015-09-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-08-22] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15003256 2015-09-19] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112512 2015-06-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Display] => D:\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-05] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568208 2015-09-11] (Google)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [Google Update] => C:\Users\tillmanj\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc.)
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\Run: [ACDSeeCommanderUltimate8] => C:\Program Files\ACD Systems\ACDSee Ultimate\8.0\ACDSeeCommanderUltimate8.exe [2054664 2015-05-06] ()
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\...\MountPoints2: {aaf0152c-49c4-11e5-9bcc-806e6f6e6963} - "N:\VerizonWirelessUpgradeAssistantSetup.exe" -a
HKU\S-1-5-21-2396539890-642297927-1385516461-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-09-11] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-05] (AVAST Software)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\tillmanj\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-08-26] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-09-24]
ShortcutTarget: APC UPS Status.lnk -> D:\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Client Manager V.lnk [2015-08-27]
ShortcutTarget: Client Manager V.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (Buffalo Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-08-22]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-08-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mega2 - Shortcut.lnk [2015-09-05]
ShortcutTarget: mega2 - Shortcut.lnk -> D:\NZBMegasearcH\mega2.exe ()
Startup: C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Network-USB Navigator.lnk [2015-08-27]
ShortcutTarget: Network-USB Navigator.lnk -> C:\Program Files\BUFFALO\Device server\Connect.exe (Buffalo Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
Tcpip\..\Interfaces\{1de17765-4c3a-4254-b4c1-f321eb89e0e9}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{4985968c-bdf5-4b9a-8079-8f1196a042f0}: [DhcpNameServer] 71.10.216.1 71.10.216.2

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-05] (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-27] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-05] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-22] (Oracle Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default
FF DefaultSearchEngine.US: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-27] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-22] (LastPass)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-22] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-22] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2396539890-642297927-1385516461-1001: @tools.google.com/Google Update;version=3 -> C:\Users\tillmanj\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2396539890-642297927-1385516461-1001: @tools.google.com/Google Update;version=9 -> C:\Users\tillmanj\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: LastPass - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\support@lastpass.com [2015-09-25]
FF Extension: Garmin Communicator - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-08-27]
FF Extension: FT DeepDark - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-08-26]
FF Extension: HttpRequester - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-08-27]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-08-26]
FF Extension: F.B. Purity - Cleans Up Facebook - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\fbp@fbpurity.com.xpi [2015-08-26]
FF Extension: Add to Wunderlist - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-3gu11JeYBiIuJA@jetpack.xpi [2015-08-22]
FF Extension: Reddit Enhancement Suite - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-08-24]
FF Extension: No Youtube Comments - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\jid1-YMBCq41qvDdqcA@jetpack.xpi [2015-08-26]
FF Extension: NoScript - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-26]
FF Extension: ReloadEvery - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-09-27]
FF Extension: Adblock Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-22]
FF Extension: Tab Mix Plus - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-08-22]
FF Extension: DownThemAll! - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-08-22]
FF Extension: Evernote Web Clipper - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-08-25]
FF Extension: Greasemonkey - C:\Users\tillmanj\AppData\Roaming\Mozilla\Firefox\Profiles\kvpvm2q9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-05]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> lp
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 8.0.600.27) - C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U60) - C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tillmanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2396539890-642297927-1385516461-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tillmanj\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-03]
CHR HKU\S-1-5-21-2396539890-642297927-1385516461-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-05]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; D:\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-05] (AVAST Software)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [139568 2015-07-06] (Buffalo Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-08-22] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-08-22] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-23] (Dropbox, Inc.)
R2 Ds3Service; C:\Games\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-09-28] (NVIDIA Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-19] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-09-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568632 2015-09-28] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2057736 2015-09-16] (Electronic Arts)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2015-08-22] () [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-05] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-05] (AVAST Software)
S3 Bufeap; C:\Windows\system32\DRIVERS\bufeap64.sys [18944 2015-03-12] (BUFFALO INC.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-08-23] (REALiX™)
R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-22] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-09-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [302592 2015-08-27] (silex technology, Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 14:40 - 2015-10-05 14:40 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\AVAST Software
2015-10-05 14:39 - 2015-10-05 14:39 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-05 14:39 - 2015-10-05 14:39 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-05 14:39 - 2015-10-05 14:39 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-05 14:39 - 2015-10-05 14:39 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-05 14:39 - 2015-10-05 14:39 - 00001977 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-05 14:39 - 2015-10-05 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-05 14:38 - 2015-10-05 14:38 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-05 14:37 - 2015-10-05 14:37 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-05 14:36 - 2015-10-05 14:36 - 00016148 _____ C:\Windows\system32\OFFICE_tillmanj_HistoryPrediction.bin
2015-10-05 14:31 - 2015-10-05 14:34 - 01681920 _____ C:\Users\tillmanj\Downloads\adwcleaner_5.010.exe
2015-10-05 14:27 - 2015-10-05 14:34 - 00002088 _____ C:\Users\tillmanj\Desktop\Rkill.txt
2015-10-05 14:26 - 2015-10-05 14:27 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\tillmanj\Downloads\rkill.exe
2015-10-05 14:25 - 2015-10-05 14:37 - 05481336 _____ (Avast Software s.r.o.) C:\Users\tillmanj\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-10-05 10:02 - 2015-10-05 10:02 - 00000000 ____D C:\Users\tillmanj\Downloads\testdisk-6.14-WIP.win
2015-10-05 09:59 - 2015-10-05 09:59 - 00000839 _____ C:\Users\Public\Desktop\NTFS Undelete.lnk
2015-10-05 09:27 - 2015-10-05 14:41 - 00032465 _____ C:\Users\tillmanj\Downloads\FRST.txt
2015-10-05 09:27 - 2015-10-05 14:41 - 00000000 ____D C:\FRST
2015-10-05 09:27 - 2015-10-05 09:31 - 00067691 _____ C:\Users\tillmanj\Downloads\Addition.txt
2015-10-05 09:26 - 2015-10-05 09:27 - 02193920 _____ (Farbar) C:\Users\tillmanj\Downloads\FRST64.exe
2015-10-04 10:54 - 2015-10-04 10:54 - 00002144 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-04 10:53 - 2015-10-04 10:53 - 00005848 _____ C:\Windows\PFRO.log
2015-10-04 02:57 - 2015-10-04 02:57 - 00000000 ____D C:\Users\tillmanj\.android
2015-10-03 11:45 - 2015-10-03 11:45 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-03 11:45 - 2015-10-03 11:45 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Ubisoft Game Launcher
2015-10-03 01:51 - 2015-10-03 02:48 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Warframe
2015-10-03 01:51 - 2015-10-03 01:51 - 00000386 _____ C:\Windows\DirectX.log
2015-10-02 14:38 - 2015-10-05 14:36 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-02 13:30 - 2015-10-02 13:44 - 00000000 ____D C:\Users\tillmanj\Documents\Audibooks
2015-10-02 12:14 - 2015-10-02 12:14 - 00000000 ____D C:\ProgramData\Nexon
2015-10-02 11:27 - 2015-10-02 11:31 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\Daybreak Game Company
2015-10-02 11:27 - 2015-10-02 11:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\SCE
2015-10-02 11:27 - 2015-10-02 11:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Daybreak Game Company
2015-10-02 11:14 - 2015-09-13 17:57 - 00574256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-02 11:13 - 2015-09-18 18:08 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 22559352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 18569848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 16646112 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 13666840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 12191856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 02354808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 02105976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01178248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01064056 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 01001440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00986416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00945272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00785152 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00632664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00631128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00601240 _____ C:\Windows\system32\nvmcumd.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00387720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00376440 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00339760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00316120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-02 11:13 - 2015-09-13 20:24 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-02 11:11 - 2015-09-28 18:03 - 00109424 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-10-02 09:29 - 2015-10-02 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 13:14 - 2015-09-24 20:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-10-01 13:14 - 2015-09-24 20:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-10-01 13:14 - 2015-09-24 20:13 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-10-01 13:14 - 2015-09-24 19:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-01 13:14 - 2015-09-24 19:34 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 13:14 - 2015-09-24 19:24 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-10-01 13:14 - 2015-09-24 19:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:14 - 2015-09-24 19:23 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-01 13:14 - 2015-09-24 19:17 - 02178560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-01 13:14 - 2015-09-24 19:08 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-10-01 13:14 - 2015-09-24 19:07 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-10-01 13:14 - 2015-09-24 19:06 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-10-01 13:14 - 2015-09-24 19:05 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-10-01 13:14 - 2015-09-24 19:01 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-10-01 13:14 - 2015-09-24 19:01 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-10-01 13:14 - 2015-09-24 19:00 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-10-01 13:14 - 2015-09-24 18:53 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-10-01 13:14 - 2015-09-24 18:43 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-10-01 13:14 - 2015-09-24 18:43 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:14 - 2015-09-24 18:42 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-10-01 13:14 - 2015-09-24 18:25 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-10-01 13:14 - 2015-09-24 18:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-01 13:14 - 2015-09-24 18:19 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-01 13:14 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-10-01 13:14 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-10-01 13:14 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 08020816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-01 13:14 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-10-01 13:14 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-01 13:14 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-10-01 13:14 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-10-01 13:14 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-10-01 13:14 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-01 13:14 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-10-01 13:14 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-01 13:14 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-10-01 13:14 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-10-01 13:14 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-10-01 13:14 - 2015-09-17 02:39 - 00081488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-01 13:14 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-10-01 13:14 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-10-01 13:14 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-10-01 13:14 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-01 13:14 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-10-01 13:14 - 2015-09-17 02:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-10-01 13:14 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-10-01 13:14 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-10-01 13:14 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-10-01 13:14 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-10-01 13:14 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-10-01 13:14 - 2015-09-17 02:12 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-10-01 13:14 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-10-01 13:14 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-10-01 13:14 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-10-01 13:14 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-10-01 13:14 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-10-01 13:14 - 2015-09-17 02:07 - 21875712 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-10-01 13:14 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-10-01 13:14 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-10-01 13:14 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-10-01 13:14 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-10-01 13:14 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-10-01 13:14 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-10-01 13:14 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-10-01 13:14 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 24595456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-10-01 13:14 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 13:14 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-10-01 13:14 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-10-01 13:14 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-10-01 13:14 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-10-01 13:14 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-10-01 13:14 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:14 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-10-01 13:14 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-10-01 13:14 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-01 13:14 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-10-01 13:14 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-10-01 13:14 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-10-01 13:14 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-10-01 13:14 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 07523328 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 13:14 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-10-01 13:14 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-10-01 13:14 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 19325440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 04791296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-10-01 13:14 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-10-01 13:14 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-10-01 13:14 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-10-01 13:14 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-10-01 13:14 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-10-01 13:14 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-10-01 13:14 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 13:14 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:14 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-10-01 13:14 - 2015-09-17 01:37 - 18806272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-10-01 13:14 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-10-01 13:14 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-10-01 13:14 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 13:14 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-10-01 13:14 - 2015-09-17 01:33 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 03579904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-10-01 13:14 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:14 - 2015-09-17 01:31 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-10-01 13:14 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-10-01 13:14 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-10-01 13:14 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-10-01 13:14 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-10-01 13:14 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 13:14 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-10-01 13:14 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-01 13:14 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-10-01 12:51 - 2015-10-01 12:51 - 00007620 _____ C:\Users\tillmanj\Documents\City To City Mileage Log - 2015.xlsx
2015-10-01 12:08 - 2015-10-01 12:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-01 12:08 - 2015-10-01 12:08 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-01 12:07 - 2015-07-10 07:00 - 00534064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-10-01 11:56 - 2015-10-01 11:56 - 00059515 _____ C:\Users\tillmanj\Downloads\DDS.txt
2015-10-01 11:49 - 2015-10-01 11:49 - 00015322 _____ C:\Users\tillmanj\Documents\DDS Attach.txt
2015-10-01 11:48 - 2015-10-01 11:48 - 00059515 _____ C:\Users\tillmanj\Documents\DDS.txt
2015-10-01 11:48 - 2015-10-01 11:48 - 00013607 _____ C:\Users\tillmanj\Documents\hijackthis.log
2015-10-01 11:27 - 2015-10-01 11:27 - 00013607 _____ C:\Users\tillmanj\Downloads\hijackthis.log
2015-10-01 11:24 - 2015-10-01 11:24 - 00059515 _____ C:\Users\tillmanj\Desktop\dds.txt
2015-10-01 11:24 - 2015-10-01 11:24 - 00015322 _____ C:\Users\tillmanj\Desktop\attach.txt
2015-10-01 11:07 - 2015-10-01 11:07 - 00010554 _____ C:\Users\tillmanj\Desktop\charlotte ground.xlsx
2015-09-30 23:18 - 2015-10-01 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-29 16:28 - 2015-09-29 19:59 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-29 15:54 - 2015-09-29 15:54 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2015-09-27 15:17 - 2015-09-27 15:17 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-09-27 15:16 - 2015-09-27 15:16 - 00000000 ____D C:\Program Files\Java
2015-09-27 11:16 - 2015-09-27 11:16 - 00000000 ____D C:\Program Files\Bignox
2015-09-27 11:08 - 2015-09-27 11:08 - 00000000 ____D C:\Users\tillmanj\Downloads\Fix problem caused by Google official update
2015-09-26 19:44 - 2015-09-26 20:00 - 00000000 ____D C:\LODoutput
2015-09-26 03:08 - 2015-09-29 14:14 - 00000000 ____D C:\Windows\Minidump
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Logishrd
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Users\Public\Documents\LogiShrd
2015-09-25 16:27 - 2015-09-25 16:27 - 00000000 ____D C:\Program Files\Logitech
2015-09-25 16:24 - 2015-09-25 16:24 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Logitech
2015-09-25 16:22 - 2015-09-25 16:22 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-09-25 16:21 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Logitech
2015-09-25 16:21 - 2015-09-25 16:27 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Logishrd
2015-09-25 10:02 - 2015-09-25 10:02 - 00000165 ____H C:\Users\tillmanj\Documents\~$Dragonborn Gallery.xlsx
2015-09-24 14:42 - 2015-09-24 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2015-09-24 14:40 - 2015-09-24 14:40 - 15922552 _____ (Schneider Electric) C:\Users\tillmanj\Downloads\PCPEInstaller.exe
2015-09-24 14:40 - 2015-09-24 14:40 - 13923704 _____ (Schneider Electric) C:\Users\tillmanj\PCPE Setup.exe
2015-09-24 14:40 - 2015-09-24 14:40 - 13338112 _____ C:\Users\tillmanj\PCPE_3.0.1.msi
2015-09-24 14:40 - 2015-09-24 14:40 - 01079808 _____ (Microsoft Corporation) C:\Users\tillmanj\mfc80u.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00626688 _____ (Microsoft Corporation) C:\Users\tillmanj\msvcr80.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021880 _____ (Schneider Electric) C:\Users\tillmanj\grm_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021880 _____ (Schneider Electric) C:\Users\tillmanj\fr_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\pt_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\it_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\es_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00021368 _____ (Schneider Electric) C:\Users\tillmanj\en_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00020856 _____ (Schneider Electric) C:\Users\tillmanj\ru_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00020344 _____ (Schneider Electric) C:\Users\tillmanj\jp_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00019832 _____ (Schneider Electric) C:\Users\tillmanj\zh_res.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00018808 _____ C:\Users\tillmanj\ResourceReader.dll
2015-09-24 14:40 - 2015-09-24 14:40 - 00000550 _____ C:\Users\tillmanj\Microsoft.VC80.MFC.manifest
2015-09-24 14:40 - 2015-09-24 14:40 - 00000522 _____ C:\Users\tillmanj\Microsoft.VC80.CRT.manifest
2015-09-24 14:40 - 2015-09-24 14:40 - 00000027 _____ C:\Users\tillmanj\dotnetfolder.txt
2015-09-23 10:01 - 2015-10-05 14:24 - 00079442 _____ C:\Users\tillmanj\Documents\Dragonborn Gallery.xlsx
2015-09-22 13:22 - 2015-09-22 13:22 - 00000000 ____D C:\Users\tillmanj\Documents\3DMark
2015-09-22 13:19 - 2015-09-22 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-09-22 13:18 - 2015-09-22 13:18 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-09-22 13:14 - 2015-09-22 13:15 - 00000000 ____D C:\Users\tillmanj\Downloads\[Guru3D]-PCMark8
2015-09-22 13:14 - 2015-09-22 13:14 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Futuremark
2015-09-22 11:47 - 2015-09-22 12:19 - 3132852312 _____ C:\Users\tillmanj\Downloads\[Guru3D]-PCMark8.zip
2015-09-22 11:46 - 2015-09-22 11:46 - 00000000 ____D C:\Users\tillmanj\Documents\PCMark 8
2015-09-21 18:29 - 2015-09-23 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-09-21 18:28 - 2015-09-21 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-21 18:27 - 2015-09-21 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-09-21 18:26 - 2015-09-21 18:26 - 00000000 __RHD C:\MSOCache
2015-09-21 13:21 - 2015-09-21 13:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Wireshark
2015-09-21 13:10 - 2015-09-21 13:10 - 00001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\Program Files\Wireshark
2015-09-21 13:10 - 2015-09-21 13:10 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-09-20 13:48 - 2015-09-20 13:48 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2015-09-20 13:48 - 2015-09-20 13:48 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-09-20 13:27 - 2015-09-20 13:27 - 00016148 _____ C:\Windows\system32\OFFICE_Administrator_HistoryPrediction.bin
2015-09-20 13:26 - 2015-09-20 13:26 - 00002406 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ___RD C:\Users\Administrator\OneDrive
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2015-09-20 13:26 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator\AppData\Local\Creative
2015-09-20 13:25 - 2015-09-20 13:26 - 00000000 ____D C:\Users\Administrator
2015-09-20 13:25 - 2015-09-20 13:25 - 00002342 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2015-09-20 13:25 - 2015-09-20 13:25 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-09-20 13:25 - 2015-08-23 22:28 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-20 13:25 - 2015-07-10 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-20 13:14 - 2015-10-05 14:39 - 00003808 _____ C:\Windows\System32\Tasks\AutoKMS
2015-09-20 13:14 - 2015-09-20 13:22 - 00000000 ____D C:\Windows\AutoKMS
2015-09-20 13:14 - 2015-09-20 12:50 - 51970048 ____R C:\Users\tillmanj\Downloads\Microsoft Toolkit.exe
2015-09-20 13:13 - 2015-09-20 13:13 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-09-19 15:18 - 2015-10-05 14:31 - 00183808 ___SH C:\Users\tillmanj\Desktop\Thumbs.db
2015-09-16 18:25 - 2015-09-16 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital
2015-09-16 18:24 - 2015-09-20 13:12 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Origin
2015-09-16 18:24 - 2015-09-16 18:25 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Origin
2015-09-16 18:23 - 2015-09-20 13:24 - 00000000 ____D C:\ProgramData\Origin
2015-09-16 18:23 - 2015-09-16 18:25 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-09-15 23:29 - 2015-09-15 23:29 - 00253384 _____ (BigNox Corporation) C:\Windows\SysWOW64\Drivers\XQHDrv.sys
2015-09-15 10:42 - 2015-10-05 14:28 - 00000000 ____D C:\Users\tillmanj\AppData\Local\EvernoteNW
2015-09-14 17:33 - 2015-09-14 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-09-14 12:26 - 2015-09-14 14:55 - 00000080 _____ C:\Users\tillmanj\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-09-14 11:36 - 2015-09-14 11:38 - 00000000 ____D C:\Users\tillmanj\Downloads\3DMGAME-Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5.Fixed-3DM
2015-09-13 13:06 - 2015-09-26 15:19 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Plex Home Theater
2015-09-13 13:06 - 2015-09-13 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Home Theater
2015-09-12 20:33 - 2015-09-12 20:33 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Kodi
2015-09-12 20:13 - 2015-09-12 20:13 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-09-12 11:27 - 2015-09-12 11:27 - 00000000 ____D C:\ProgramData\Creative
2015-09-12 11:26 - 2015-09-12 11:26 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Creative
2015-09-10 17:21 - 2015-09-10 17:21 - 00000000 ____D C:\Users\tillmanj\V21K
2015-09-09 16:03 - 2015-09-27 23:29 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-09 13:00 - 2015-09-09 13:00 - 00000000 ____D C:\Users\tillmanj\Documents\My Cheat Tables
2015-09-08 22:59 - 2015-08-27 02:36 - 03620736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 22:59 - 2015-08-27 02:32 - 00608936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-09-08 22:59 - 2015-08-27 01:59 - 02880032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 22:59 - 2015-08-27 01:54 - 00541248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-09-08 22:59 - 2015-08-27 01:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 22:59 - 2015-08-27 01:51 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 22:59 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 22:59 - 2015-08-27 01:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 22:59 - 2015-08-27 01:47 - 12503552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 22:59 - 2015-08-27 01:43 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 22:59 - 2015-08-27 01:43 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:59 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 22:59 - 2015-08-27 01:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 22:59 - 2015-08-27 01:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 22:59 - 2015-08-27 01:16 - 02153472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 22:59 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:59 - 2015-08-27 01:12 - 00650752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 22:59 - 2015-08-27 01:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 22:59 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 22:59 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 22:59 - 2015-08-27 01:09 - 11262464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 22:59 - 2015-08-27 01:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 15:16 - 2015-09-08 15:26 - 00000000 ____D C:\Users\tillmanj\Documents\Assassin's Creed IV Black Flag
2015-09-08 15:16 - 2015-09-08 15:16 - 00000000 ____D C:\ProgramData\Orbit
2015-09-08 12:28 - 2015-09-08 12:28 - 00000843 _____ C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished.lnk
2015-09-07 12:32 - 2015-09-11 12:22 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Arma 3
2015-09-07 12:32 - 2015-09-07 12:33 - 00000000 ____D C:\Users\tillmanj\Documents\Arma 3
2015-09-07 12:32 - 2015-09-07 12:32 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-09-07 12:21 - 2015-09-07 12:21 - 00000417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arma 3.lnk
2015-09-07 11:01 - 2015-09-07 11:01 - 00000000 ____D C:\Users\tillmanj\Documents\Banished
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\Documents\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Steam
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\.mono
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Colossal Order
2015-09-07 10:25 - 2015-09-07 10:25 - 00000000 ____D C:\ProgramData\.mono
2015-09-07 10:24 - 2015-09-07 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2015-09-05 22:12 - 2015-09-27 17:42 - 00000000 ____D C:\Users\tillmanj\Documents\BeerSmith2
2015-09-05 22:12 - 2015-09-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeerSmith 2
2015-09-05 14:08 - 2015-09-05 14:08 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\Adobe
2015-09-05 14:07 - 2015-10-01 12:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-05 14:07 - 2015-09-20 13:34 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 14:37 - 2015-08-23 16:05 - 00000000 ___RD C:\Users\tillmanj\Dropbox
2015-10-05 14:37 - 2015-08-23 16:04 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Dropbox
2015-10-05 14:37 - 2015-08-23 11:18 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-05 14:37 - 2015-08-22 21:06 - 00000000 ____D C:\Users\tillmanj\AppData\LocalLow\LastPass
2015-10-05 14:37 - 2015-08-22 21:03 - 00000000 ___RD C:\Users\tillmanj\Google Drive
2015-10-05 14:36 - 2015-08-23 16:04 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-05 14:36 - 2015-08-22 21:03 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 14:36 - 2015-08-22 20:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-05 14:36 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-05 14:36 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\sru
2015-10-05 14:36 - 2015-07-10 05:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-05 14:35 - 2015-09-03 14:23 - 00000000 ____D C:\AdwCleaner
2015-10-05 14:35 - 2015-08-27 11:32 - 00000000 ____D C:\Users\tillmanj\AppData\Local\CrashDumps
2015-10-05 14:35 - 2015-08-22 17:51 - 00875126 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 14:34 - 2015-08-23 16:04 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-05 14:27 - 2015-08-22 22:04 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Wunderlist
2015-10-05 14:21 - 2015-08-22 21:03 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 14:18 - 2015-08-26 12:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-05 13:29 - 2015-09-04 12:17 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001UA.job
2015-10-05 12:03 - 2015-08-29 17:17 - 00052900 _____ C:\Windows\system32\lvcoinst.log
2015-10-05 09:41 - 2015-08-26 18:13 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\MediaMonkey
2015-10-04 11:25 - 2015-08-22 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-04 10:54 - 2015-08-22 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-04 10:53 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj
2015-10-04 10:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2015-10-04 05:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2015-10-04 05:45 - 2015-09-02 10:09 - 00000000 ____D C:\Users\tillmanj\.BigNox
2015-10-04 03:55 - 2015-09-02 10:09 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Nox
2015-10-03 16:29 - 2015-09-04 12:17 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001Core.job
2015-10-02 11:14 - 2015-08-22 20:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-02 11:11 - 2015-08-22 20:23 - 00000000 ____D C:\Users\tillmanj\AppData\Local\NVIDIA Corporation
2015-10-02 11:11 - 2015-08-22 20:21 - 00000000 ____D C:\Users\tillmanj\AppData\Local\NVIDIA
2015-10-02 11:10 - 2015-08-22 20:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-02 09:29 - 2015-08-23 16:04 - 00003986 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-02 09:29 - 2015-08-23 16:04 - 00003754 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-02 09:29 - 2015-08-23 16:04 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 13:51 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2015-10-01 12:08 - 2015-08-28 15:02 - 00000000 ____D C:\ProgramData\Adobe
2015-10-01 12:08 - 2015-08-26 12:32 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Adobe
2015-10-01 12:08 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Adobe
2015-10-01 11:26 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Local\VirtualStore
2015-10-01 11:08 - 2015-08-22 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Local\SquirrelTemp
2015-09-28 18:16 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Local\slack
2015-09-28 18:04 - 2015-08-22 20:23 - 01480984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-09-28 18:04 - 2015-08-22 20:23 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-09-28 18:03 - 2015-08-22 20:23 - 01793480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-09-28 18:03 - 2015-08-22 20:23 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-09-27 17:01 - 2015-08-23 16:35 - 00000000 ____D C:\Users\tillmanj\AppData\Local\LOOT
2015-09-27 15:17 - 2015-08-22 20:32 - 00000000 ____D C:\Users\tillmanj\.oracle_jre_usage
2015-09-27 15:17 - 2015-08-22 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-27 11:16 - 2015-09-02 10:08 - 00000000 ____D C:\Program Files\DIFX
2015-09-26 10:59 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\LiveKernelReports
2015-09-25 16:27 - 2015-08-29 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-09-25 16:27 - 2015-08-29 17:41 - 00000000 ____D C:\ProgramData\LogiShrd
2015-09-25 16:27 - 2015-08-29 17:17 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-09-25 16:22 - 2015-08-22 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-24 13:08 - 2015-08-23 21:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-23 13:24 - 2015-07-10 07:04 - 00000167 _____ C:\Windows\win.ini
2015-09-23 09:14 - 2015-07-10 08:20 - 00340616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-22 16:45 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-22 16:44 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-22 05:18 - 2015-08-26 12:33 - 00003816 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 18:55 - 2015-08-22 20:15 - 11198080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-21 18:28 - 2015-08-23 21:57 - 00000000 ____D C:\Program Files\Microsoft Office
2015-09-21 18:27 - 2015-07-10 09:14 - 00000000 ____D C:\Windows\ShellNew
2015-09-21 13:07 - 2015-08-22 20:47 - 00000000 ____D C:\Program Files (x86)\Gigabyte
2015-09-21 13:07 - 2015-08-22 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-21 13:05 - 2015-08-23 20:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\uTorrent
2015-09-20 14:31 - 2015-08-31 09:43 - 00000000 ____D C:\TES5LODGenOutput
2015-09-20 13:22 - 2015-08-22 20:47 - 00026192 ____N (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-09-20 12:56 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-18 18:08 - 2015-08-22 20:15 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-09-18 18:08 - 2015-08-22 20:15 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-16 17:50 - 2015-08-22 17:57 - 00000000 ____D C:\Users\tillmanj\AppData\Local\Packages
2015-09-16 16:24 - 2015-09-04 12:17 - 00004056 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001UA
2015-09-16 16:24 - 2015-09-04 12:17 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2396539890-642297927-1385516461-1001Core
2015-09-16 12:44 - 2015-08-25 17:21 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\vlc
2015-09-16 02:07 - 2015-09-02 10:08 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-09-15 23:29 - 2015-09-02 10:08 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2015-09-15 12:12 - 2015-07-10 07:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 12:12 - 2015-07-10 07:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 10:39 - 2015-08-26 16:00 - 00024064 ___SH C:\Users\tillmanj\Downloads\Thumbs.db
2015-09-15 00:16 - 2015-08-22 21:03 - 00003978 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 00:16 - 2015-08-22 21:03 - 00003746 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 14:55 - 2015-08-24 15:59 - 00000000 ____D C:\Program Files\Rockstar Games
2015-09-14 14:55 - 2015-08-24 15:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-14 11:43 - 2015-08-24 15:29 - 00000000 ____D C:\Users\tillmanj\Documents\Rockstar Games
2015-09-13 20:24 - 2015-08-22 20:26 - 15631128 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-13 20:24 - 2015-08-22 20:26 - 14945040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-13 20:24 - 2015-08-22 20:26 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 17934400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 15336024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 12611632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 03484216 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-09-13 20:24 - 2015-08-22 20:15 - 03077544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-13 20:24 - 2015-08-22 20:07 - 00034098 _____ C:\Windows\system32\nvinfo.pb
2015-09-13 18:04 - 2015-08-22 20:08 - 06885168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 03496056 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-09-13 18:04 - 2015-08-22 20:08 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-09-13 18:04 - 2015-08-22 20:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-09-11 16:41 - 2015-08-22 21:56 - 00000000 ____D C:\Users\tillmanj\AppData\Roaming\Slack
2015-09-11 08:17 - 2015-08-22 20:08 - 05231082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-09 10:41 - 2015-08-22 22:58 - 00000000 ____D C:\Windows\system32\MRT
2015-09-07 10:53 - 2015-08-23 10:28 - 00000000 ____D C:\Games

==================== Files in the root of some directories =======

2015-08-22 21:06 - 2015-08-22 21:06 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\aqA4aSo3aOQQjZuOOWMLdXS
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\dgIfwn1qOE28IRKWQBtFlEdZ
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\KDNwADtpnpzORGC5tKgUb3kv9L
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\MA6crr4lG941o6zb9H
2015-08-27 13:59 - 2015-08-27 13:59 - 0000600 _____ () C:\Users\tillmanj\AppData\Roaming\winscp.rnd
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\tillmanj\AppData\Roaming\XNXrIEPWBim
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\tillmanj\AppData\Roaming\Z65XngsuUVWsaaBdHSuwRM
2015-08-26 16:09 - 2015-08-27 12:49 - 0000600 _____ () C:\Users\tillmanj\AppData\Local\PUTTY.RND
2015-09-03 09:57 - 2015-09-03 09:57 - 0001014 _____ () C:\ProgramData\JunkCleaner.lnk

Files to move or delete:
====================
C:\Users\tillmanj\en_res.dll
C:\Users\tillmanj\es_res.dll
C:\Users\tillmanj\fr_res.dll
C:\Users\tillmanj\grm_res.dll
C:\Users\tillmanj\it_res.dll
C:\Users\tillmanj\jp_res.dll
C:\Users\tillmanj\mfc80u.dll
C:\Users\tillmanj\msvcr80.dll
C:\Users\tillmanj\PCPE Setup.exe
C:\Users\tillmanj\pt_res.dll
C:\Users\tillmanj\ResourceReader.dll
C:\Users\tillmanj\ru_res.dll
C:\Users\tillmanj\zh_res.dll


Some files in TEMP:
====================
C:\Users\tillmanj\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxfq2tc.dll
C:\Users\tillmanj\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-04 11:04

==================== End of FRST.txt ============================

 

VirusTotal:

 

SHA256: 57f795f20f6686516c611f58683126004692297f1e65d80d9c6ebb4a87f472e9 File name: explorer.exe Detection ratio: 0 / 57 Analysis date: 2015-10-04 20:34:41 UTC ( 22 hours, 7 minutes ago )

 
7
 
0
 
Probably harmless! There are strong indicators suggesting that this file is safe to use.

Antivirus Result Update ALYac   20151004 AVG   20151004 AVware   20151004 Ad-Aware   20151004 AegisLab   20151004 Agnitum   20151004 AhnLab-V3   20151004 Alibaba   20150927 Antiy-AVL   20151004 Arcabit   20151004 Avast   20151004 Avira   20151004 Baidu-International   20151004 BitDefender   20151004 Bkav   20151003 ByteHero   20151004 CAT-QuickHeal   20151003 CMC   20151002 ClamAV   20151002 Comodo   20151004 Cyren   20151004 DrWeb   20151004 ESET-NOD32   20151004 Emsisoft   20151004 F-Prot   20150929 F-Secure   20151003 Fortinet   20151004 GData   20151004 Ikarus   20151004 Jiangmin   20151003 K7AntiVirus   20151004 K7GW   20151004 Kaspersky   20151004 Kingsoft   20151004 Malwarebytes   20151004 McAfee   20151004 McAfee-GW-Edition   20151004 MicroWorld-eScan   20151004 Microsoft   20151004 NANO-Antivirus   20151004 Panda   20151004 Qihoo-360   20151004 Rising   20151004 SUPERAntiSpyware   20151003 Sophos   20151004 Symantec   20151004 Tencent   20151004 TheHacker   20151002 TotalDefense   20151004 TrendMicro   20151004 TrendMicro-HouseCall   20151004 VBA32   20151003 VIPRE   20151004 ViRobot   20151004 Zillya   20151004 Zoner   20151004 nProtect   20151002

 

* No ADWcleaner log because I ran a second scan pass and the program does not save an external log and overwrites internal log even on no item found

Attached Files



#6 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 05 October 2015 - 02:35 PM

Hi,

ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you can't use Internet Explorer for this scan, please stop here and let me know!
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.
  • Click this link to open ESET OnlineScan.
  • Place a checkmark next to "Yes, I accept the Terms of Use", then click the greenstart.png button.
  • When prompted allow the Add-On/Active X to install.
  • In the new window that opens, tic the radio button next to Enable detection of potentially unwanted applications.
  • Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Then click the shieldstart.png button and ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Found Threats (only if anything is found).
  • Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click back.png, then click finish.png to exit ESET Online Scanner.
Don't forget to re-enable your antivirus when finished!


Also please give me an update on your current PC problems. You forgot to do this in your previous reply.
Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#7 tillmanj

tillmanj
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:32 PM

Posted 05 October 2015 - 02:51 PM

ESET Online scanner doesn't work with IE on Win 10, it seems.

 

Attached File  eset IE Win 10.PNG   31.39KB   0 downloads



#8 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 05 October 2015 - 03:07 PM

Hi,

Please use BitDefender online scanner instead. Post all results into your next reply and give me an update on your PC problems.
Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#9 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 07 October 2015 - 11:10 PM

Hi there,

 

It has been 3 days since your last reply. Do you still need help on this one? Please let me know. :)


Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.


#10 Black_Bird

Black_Bird

  • Malware Response Team
  • 228 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:32 AM

Posted 30 May 2016 - 06:22 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Kind regards,
Black_Bird
 

What to do when your computer is infected? Read here!

The Bleeping Computer Board Rules - The Moderating Team


If I am directly helping you on a topic and I've not replied within 24 hours please send me a Private Message with a link to your topic.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users