Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C:\windows\temp\svchost.exe is detected as TR/Coinminer.J


  • This topic is locked This topic is locked
19 replies to this topic

#1 EX0M4K3R

EX0M4K3R

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 15 March 2016 - 03:40 AM

My antivirus is detecting svchost.exe as some type of coin miner but when i remove it , it comes back again , its been more than two weeks it just keeps on coming back, 

i have tried full system scan but still it gets removed and then in 1-2 days its back again, my antivirus real time scan detects it

need help pls



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 15 March 2016 - 07:47 AM

Hello
  •   Welcome to Bleeping Computer.
  •   My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  •   Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  •   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  •   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  •   In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  •   Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.
  • 1.
    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator
    • The tool will start to update the database, please wait a bit.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
    2.
    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 03:37 AM

Thankyou for helping out and i would also like to know that from these logs how will you figure out where is the malware originally creating copies from?

 

This is the report from AdwCleaner[C1].txt

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 13:48:56
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Local]
# Operating system : Windows 10 Home Single Language  (x64)
# Username : HIMANK-EX0M4K3R - ANDROID-77B1247
# Running from : C:\Users\HIMANK-EX0M4K3R\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\HIMANK-EX0M4K3R\AppData\Local\Steam\htmlcache

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\VisualDiscovery
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data Restored : HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Value Deleted : HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3937 bytes] - [16/03/2016 13:48:56]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [4106 bytes] - [16/03/2016 13:46:16]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4123 bytes] ##########

This is the report from FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by HIMANK-EX0M4K3R (administrator) on ANDROID-77B1247 (16-03-2016 14:00:34)
Running from C:\Users\HIMANK-EX0M4K3R\Desktop
Loaded Profiles: HIMANK-EX0M4K3R (Available Profiles: HIMANK-EX0M4K3R)
Platform: Windows 10 Home Single Language Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Droid4X\Droid4X\Droid4XService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Programming\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [StageLightUpdate] => C:\Program Files\Stagelight\StagelightUpdate.exe [1397208 2014-08-30] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-01-27] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2015-01-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [8235848 2015-01-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-02-23] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13877464 2015-05-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-16] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-11] (Valve Corporation)
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [426600 2016-01-11] (CyberGhost S.R.L.)
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\Run: [uTorrent] => C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\MountPoints2: F - "F:\setup.exe" 
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wall Watcher.lnk [2016-02-16]
ShortcutTarget: Wall Watcher.lnk -> C:\Users\HIMANK-EX0M4K3R\Downloads\Compressed\WallWatcher\WallWatcher.exe (No File)
Startup: C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-03-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42a0dedd-d1cd-4d45-9076-981923bbe814}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{699a5a36-5e3b-4ca0-a18d-cb032c2a14ac}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75f1d20f-983b-468f-ad69-f5ca11132ae6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{efb81cdb-8d3e-487f-80bd-c91dcc6073ca}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-509749034-187825214-1460614161-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-14] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-27] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-27] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-13] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-509749034-187825214-1460614161-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HIMANK-EX0M4K3R\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-23] (Unity Technologies ApS)
FF HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\IDM\idmmzcc5 [2016-03-15] [not signed]
FF HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]

Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-13]
CHR Extension: (Google Drive) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-13]
CHR Extension: (YouTube) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-13]
CHR Extension: (Adblock Plus) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-13]
CHR Extension: (Google Search) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-13]
CHR Extension: (Google Docs Offline) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-13]
CHR Extension: (Browsec) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-02-13]
CHR Extension: (Gmail) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-13]
CHR Profile: C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-19]
CHR Extension: (Google Docs) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (YouTube) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-19]
CHR Extension: (Adblock Plus) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Google Search) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Google Sheets) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Space) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hepnfgiockihbakjbhonkinpagbkaobo [2016-02-13]
CHR Extension: (IDM Integration Module) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Browsec) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-02-13]
CHR Extension: (Gmail) - C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-23] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Windows (R) Win 7 DDK provider)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2777840 2016-01-31] (Microsoft Corporation)
R2 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4X\Droid4XService.exe [269312 2015-11-13] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-07-06] (Intel Corporation)
S2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-27] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2016-01-25] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
S4 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-30] (Maxthon)
R2 MySQL; C:\Programming\MySQL\MySQL Server 5.0\my.ini [9243 2016-01-21] () [File not signed]
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-23] (Electronic Arts)
S2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-01-27] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2015-01-27] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2015-01-27] (Lenovo)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2015-06-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2016-02-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2016-02-23] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
S3 cpuz138; C:\Users\HIMANK-EX0M4K3R\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-03-14] (CPUID)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-11] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-16 14:00 - 2016-03-16 14:01 - 00027425 _____ C:\Users\HIMANK-EX0M4K3R\Desktop\FRST.txt
2016-03-16 14:00 - 2016-03-16 14:00 - 00000000 ____D C:\FRST
2016-03-16 13:46 - 2016-03-16 13:48 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-16 13:40 - 2016-03-16 13:40 - 00012856 ____N C:\bootsqm.dat
2016-03-15 22:11 - 2016-03-15 22:11 - 00000000 ___HD C:\OneDriveTemp
2016-03-15 19:58 - 2016-03-15 19:58 - 00000630 _____ C:\Users\HIMANK-EX0M4K3R\Downloads\Turn_Off_Recent_Items_and_Frequent_Places.reg
2016-03-15 19:02 - 2016-03-15 19:03 - 01527296 _____ C:\Users\HIMANK-EX0M4K3R\Desktop\AdwCleaner.exe
2016-03-15 15:12 - 2016-03-15 15:12 - 00003342 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2016-03-15 15:12 - 2016-03-15 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2016-03-15 15:12 - 2016-03-15 15:12 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2016-03-15 15:11 - 2016-03-15 15:11 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-15 15:11 - 2015-05-19 18:12 - 04466392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-03-15 15:11 - 2015-05-19 15:44 - 01745624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-03-15 15:11 - 2015-05-19 15:07 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-03-15 15:11 - 2015-05-18 17:28 - 02049212 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-03-15 15:11 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-03-15 15:11 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-03-15 15:11 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-03-15 15:11 - 2015-04-13 19:14 - 00168816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-03-15 15:11 - 2015-03-11 18:04 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-03-15 15:11 - 2015-03-08 12:22 - 03182104 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-03-15 15:11 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-03-15 15:11 - 2014-12-02 18:42 - 03218800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-03-15 15:11 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-03-15 15:11 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-03-15 15:11 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-03-15 15:11 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-03-15 15:11 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-03-15 15:11 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-03-15 15:11 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-03-15 15:11 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-03-15 15:11 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-03-15 15:11 - 2014-08-14 19:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-03-15 15:11 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-03-15 15:11 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-03-15 15:11 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-03-15 15:11 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-03-15 15:11 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-03-15 15:11 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-03-15 15:11 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-03-15 15:11 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-03-15 15:11 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-03-15 15:11 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-03-15 15:11 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-03-15 15:11 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-03-15 15:11 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-03-15 15:11 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-03-15 15:11 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-03-15 15:11 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-03-15 15:11 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-03-15 15:11 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-03-15 15:11 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-03-15 15:11 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-03-15 15:11 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-03-15 15:11 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-03-15 15:11 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-03-15 15:11 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-03-15 15:11 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-03-15 14:58 - 2016-03-15 15:00 - 06837784 _____ (Piriform Ltd) C:\Users\HIMANK-EX0M4K3R\Downloads\ccsetup515.exe
2016-03-15 13:56 - 2016-03-15 13:56 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Desktop\tdsskiller
2016-03-15 13:52 - 2016-03-15 13:58 - 00380928 _____ C:\Users\HIMANK-EX0M4K3R\Desktop\gmer.exe
2016-03-15 13:52 - 2016-03-15 13:55 - 02374144 _____ (Farbar) C:\Users\HIMANK-EX0M4K3R\Desktop\FRST64.exe
2016-03-15 13:50 - 2016-03-15 13:51 - 22908888 _____ (Malwarebytes ) C:\Users\HIMANK-EX0M4K3R\Desktop\mbam-setup-2.2.0.1024.exe
2016-03-15 13:50 - 2016-03-15 13:50 - 00050477 _____ C:\Users\HIMANK-EX0M4K3R\Desktop\Defogger.exe
2016-03-14 22:52 - 2015-12-09 09:09 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-03-14 22:42 - 2016-03-14 23:13 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\Assassin's Creed Syndicate
2016-03-14 22:42 - 2016-03-14 22:42 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uplay
2016-03-11 11:46 - 2016-03-15 15:05 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-11 00:49 - 2016-03-11 00:49 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\LocalLow\Temp
2016-03-10 11:37 - 2016-03-10 11:37 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-03-09 23:38 - 2016-03-01 11:01 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 23:38 - 2016-03-01 10:52 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 23:38 - 2016-02-24 15:22 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 23:38 - 2016-02-24 15:21 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 23:38 - 2016-02-24 15:18 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 23:38 - 2016-02-24 15:04 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 23:38 - 2016-02-24 14:58 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 23:38 - 2016-02-24 14:45 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 23:38 - 2016-02-24 14:28 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 23:38 - 2016-02-24 14:21 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 23:38 - 2016-02-24 14:20 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 23:38 - 2016-02-24 14:16 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 23:38 - 2016-02-24 14:13 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 23:38 - 2016-02-24 14:09 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 23:38 - 2016-02-24 13:49 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 23:38 - 2016-02-24 13:44 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 23:38 - 2016-02-24 13:41 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 23:38 - 2016-02-24 13:41 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 23:38 - 2016-02-24 13:41 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 23:38 - 2016-02-24 13:41 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 23:38 - 2016-02-24 13:41 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 23:38 - 2016-02-24 13:41 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 23:38 - 2016-02-24 13:40 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 23:38 - 2016-02-24 13:40 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 23:38 - 2016-02-24 13:39 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 23:38 - 2016-02-24 13:36 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 23:38 - 2016-02-24 13:29 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 23:38 - 2016-02-24 13:08 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 23:38 - 2016-02-24 13:05 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 23:38 - 2016-02-24 13:05 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 23:38 - 2016-02-24 13:05 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 23:38 - 2016-02-24 13:03 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 23:38 - 2016-02-24 12:50 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 23:38 - 2016-02-24 12:50 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 23:38 - 2016-02-24 12:45 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 23:38 - 2016-02-24 12:42 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 23:38 - 2016-02-24 12:39 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 23:38 - 2016-02-24 12:32 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 23:38 - 2016-02-24 12:31 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 23:38 - 2016-02-24 12:29 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 23:38 - 2016-02-24 12:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 23:38 - 2016-02-24 12:25 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 23:38 - 2016-02-24 12:25 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 23:38 - 2016-02-24 12:24 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 23:38 - 2016-02-24 12:19 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 23:38 - 2016-02-24 12:14 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 23:38 - 2016-02-24 12:14 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 23:38 - 2016-02-24 12:13 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 23:38 - 2016-02-24 12:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 23:38 - 2016-02-24 12:11 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 23:38 - 2016-02-24 12:11 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 23:38 - 2016-02-24 12:10 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 23:38 - 2016-02-24 12:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 23:38 - 2016-02-24 12:06 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 23:38 - 2016-02-24 12:04 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 23:38 - 2016-02-24 12:04 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 23:38 - 2016-02-24 12:02 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 23:38 - 2016-02-24 12:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 23:38 - 2016-02-24 12:01 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 23:38 - 2016-02-24 11:58 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 23:38 - 2016-02-24 11:55 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 23:38 - 2016-02-24 11:51 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 23:38 - 2016-02-24 11:48 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 23:38 - 2016-02-24 11:48 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 23:38 - 2016-02-24 11:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 23:38 - 2016-02-24 11:43 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 23:38 - 2016-02-24 11:41 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 23:38 - 2016-02-24 11:39 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 23:38 - 2016-02-24 11:39 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 23:38 - 2016-02-24 11:39 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 23:38 - 2016-02-24 11:39 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 23:38 - 2016-02-24 11:37 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 23:38 - 2016-02-24 11:37 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 23:38 - 2016-02-24 11:37 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 23:38 - 2016-02-24 11:34 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 23:38 - 2016-02-24 11:33 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 23:38 - 2016-02-24 11:31 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 23:38 - 2016-02-24 11:30 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 23:38 - 2016-02-24 11:30 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 23:38 - 2016-02-24 11:27 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 23:38 - 2016-02-24 11:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 23:38 - 2016-02-24 11:04 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 23:38 - 2016-02-24 10:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 23:38 - 2016-02-24 10:50 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 23:38 - 2016-02-24 10:48 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 23:38 - 2016-02-24 10:42 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 23:38 - 2016-02-24 10:42 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 23:38 - 2016-02-24 10:40 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 23:38 - 2016-02-24 10:39 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 23:38 - 2016-02-24 10:35 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 23:38 - 2016-02-24 10:33 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 23:38 - 2016-02-24 10:29 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 23:38 - 2016-02-24 10:25 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 23:37 - 2016-02-24 15:17 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 23:37 - 2016-02-24 15:10 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 23:37 - 2016-02-24 14:24 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 23:37 - 2016-02-24 14:09 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 23:37 - 2016-02-24 13:39 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 23:37 - 2016-02-24 13:09 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 23:37 - 2016-02-24 13:09 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 23:37 - 2016-02-24 13:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 23:37 - 2016-02-24 13:07 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 23:37 - 2016-02-24 13:06 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 23:37 - 2016-02-24 13:05 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 23:37 - 2016-02-24 13:03 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 23:37 - 2016-02-24 13:01 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 23:37 - 2016-02-24 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 23:37 - 2016-02-24 12:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 23:37 - 2016-02-24 12:53 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-03-09 23:37 - 2016-02-24 12:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 23:37 - 2016-02-24 12:53 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 23:37 - 2016-02-24 12:52 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 23:37 - 2016-02-24 12:50 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 23:37 - 2016-02-24 12:49 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 23:37 - 2016-02-24 12:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 23:37 - 2016-02-24 12:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 23:37 - 2016-02-24 12:43 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 23:37 - 2016-02-24 12:42 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 23:37 - 2016-02-24 12:40 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 23:37 - 2016-02-24 12:39 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 23:37 - 2016-02-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 23:37 - 2016-02-24 12:35 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 23:37 - 2016-02-24 12:33 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 23:37 - 2016-02-24 12:31 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 23:37 - 2016-02-24 12:31 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 23:37 - 2016-02-24 12:30 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 23:37 - 2016-02-24 12:29 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 23:37 - 2016-02-24 12:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 23:37 - 2016-02-24 12:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 23:37 - 2016-02-24 12:24 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 23:37 - 2016-02-24 12:24 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 23:37 - 2016-02-24 12:24 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 23:37 - 2016-02-24 12:23 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 23:37 - 2016-02-24 12:23 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 23:37 - 2016-02-24 12:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 23:37 - 2016-02-24 12:22 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 23:37 - 2016-02-24 12:21 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 23:37 - 2016-02-24 12:17 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 23:37 - 2016-02-24 12:16 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 23:37 - 2016-02-24 12:14 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 23:37 - 2016-02-24 12:14 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 23:37 - 2016-02-24 12:12 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-09 23:37 - 2016-02-24 12:12 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-03-09 23:37 - 2016-02-24 12:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 23:37 - 2016-02-24 12:10 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 23:37 - 2016-02-24 12:09 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 23:37 - 2016-02-24 12:08 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 23:37 - 2016-02-24 12:02 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 23:37 - 2016-02-24 11:58 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 23:37 - 2016-02-24 11:58 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 23:37 - 2016-02-24 11:53 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 23:37 - 2016-02-24 11:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 23:37 - 2016-02-24 11:51 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 23:37 - 2016-02-24 11:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 23:37 - 2016-02-24 11:46 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 23:37 - 2016-02-24 11:13 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 20:33 - 2016-03-09 20:33 - 28201854 _____ C:\Users\HIMANK-EX0M4K3R\Downloads\How High Can We Build- - YouTube.MKV
2016-03-08 23:23 - 2016-03-08 23:23 - 00081951 _____ C:\Users\HIMANK-EX0M4K3R\Desktop\12th Class subjects Chapter-wise Mark Distribution - 2015-2016 StudyChaCha.html
2016-03-08 23:23 - 2016-03-08 23:23 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Desktop\12th Class subjects Chapter-wise Mark Distribution - 2015-2016 StudyChaCha_files
2016-03-07 20:21 - 2016-03-07 20:21 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EvilLyrics
2016-03-07 20:20 - 2016-03-07 20:25 - 00000000 ____D C:\Program Files (x86)\EvilLyrics
2016-03-07 20:14 - 2016-03-07 20:14 - 00000000 _____ C:\Users\HIMANK-EX0M4K3R\AppData\Local\{B5CC500F-EFC3-4BD9-A6BE-377E6808D0D6}
2016-03-07 13:13 - 2016-03-07 13:14 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-03-07 13:13 - 2016-03-07 13:13 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-03-07 13:13 - 2016-03-07 13:13 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-03-07 13:13 - 2016-03-07 13:13 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-03-07 13:13 - 2016-03-07 13:13 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-03-07 13:13 - 2016-03-07 13:13 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-03-07 13:04 - 2016-03-07 13:05 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\MMFApplications
2016-03-07 12:39 - 2016-03-07 12:39 - 00298533 _____ C:\Users\HIMANK-EX0M4K3R\Downloads\Support.zip
2016-03-05 18:22 - 2016-03-05 18:22 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\StreetFighterV
2016-03-04 12:02 - 2016-03-04 12:02 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\Criterion Games
2016-03-02 17:05 - 2016-02-23 16:02 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:05 - 2016-02-23 15:51 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 17:05 - 2016-02-23 15:08 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:04 - 2016-02-23 16:57 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 17:04 - 2016-02-23 16:55 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 17:04 - 2016-02-23 16:04 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 17:04 - 2016-02-23 16:04 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 17:04 - 2016-02-23 16:03 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 17:04 - 2016-02-23 16:02 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 17:04 - 2016-02-23 16:02 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 17:04 - 2016-02-23 16:02 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 17:04 - 2016-02-23 16:02 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 17:04 - 2016-02-23 16:01 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 17:04 - 2016-02-23 16:01 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 17:04 - 2016-02-23 16:01 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 17:04 - 2016-02-23 15:55 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 17:04 - 2016-02-23 15:15 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 17:04 - 2016-02-23 15:08 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 17:04 - 2016-02-23 15:08 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 17:04 - 2016-02-23 15:07 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 17:04 - 2016-02-23 15:00 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 17:04 - 2016-02-23 14:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 17:04 - 2016-02-23 14:50 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 17:04 - 2016-02-23 14:26 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 17:04 - 2016-02-23 13:58 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 17:04 - 2016-02-23 13:49 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 17:04 - 2016-02-23 13:44 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 17:04 - 2016-02-23 13:42 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 17:04 - 2016-02-23 13:40 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 17:04 - 2016-02-23 13:39 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 17:04 - 2016-02-23 13:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 17:04 - 2016-02-23 13:32 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 17:04 - 2016-02-23 13:30 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 17:04 - 2016-02-23 13:00 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 17:04 - 2016-02-23 13:00 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 17:04 - 2016-02-23 12:54 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 17:04 - 2016-02-23 12:47 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 17:04 - 2016-02-23 12:41 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 17:04 - 2016-02-23 12:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 17:04 - 2016-02-23 12:25 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 17:04 - 2016-02-23 12:25 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 17:04 - 2016-02-23 12:23 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 17:04 - 2016-02-23 12:22 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 17:04 - 2016-02-23 12:20 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 17:04 - 2016-02-23 12:12 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 17:04 - 2016-02-23 12:11 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 17:04 - 2016-02-23 12:09 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 17:04 - 2016-02-23 12:09 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 17:04 - 2016-02-23 12:06 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 17:04 - 2016-02-23 12:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 17:04 - 2016-02-23 12:05 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 17:04 - 2016-02-23 12:03 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 17:04 - 2016-02-23 12:02 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 17:04 - 2016-02-23 12:00 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 17:04 - 2016-02-23 11:58 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 17:04 - 2016-02-09 08:54 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 17:04 - 2016-02-09 08:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 17:04 - 2016-02-09 08:34 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 17:03 - 2016-02-23 16:59 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 17:03 - 2016-02-23 16:59 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 17:03 - 2016-02-23 16:57 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 17:03 - 2016-02-23 16:57 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 17:03 - 2016-02-23 16:55 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 17:03 - 2016-02-23 16:55 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 17:03 - 2016-02-23 16:45 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 17:03 - 2016-02-23 16:38 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 17:03 - 2016-02-23 16:03 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 17:03 - 2016-02-23 16:02 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 17:03 - 2016-02-23 16:01 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 17:03 - 2016-02-23 16:01 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 17:03 - 2016-02-23 15:52 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 17:03 - 2016-02-23 15:47 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 17:03 - 2016-02-23 15:10 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 17:03 - 2016-02-23 15:09 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 17:03 - 2016-02-23 15:08 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 17:03 - 2016-02-23 15:08 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 17:03 - 2016-02-23 15:08 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 17:03 - 2016-02-23 15:08 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 17:03 - 2016-02-23 15:02 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 17:03 - 2016-02-23 14:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 17:03 - 2016-02-23 14:55 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 17:03 - 2016-02-23 14:50 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 17:03 - 2016-02-23 14:49 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 17:03 - 2016-02-23 14:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 17:03 - 2016-02-23 14:42 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 17:03 - 2016-02-23 14:40 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 17:03 - 2016-02-23 14:37 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 17:03 - 2016-02-23 14:37 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 17:03 - 2016-02-23 14:36 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 17:03 - 2016-02-23 14:31 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 17:03 - 2016-02-23 14:30 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 17:03 - 2016-02-23 14:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 17:03 - 2016-02-23 14:28 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 17:03 - 2016-02-23 14:28 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 17:03 - 2016-02-23 14:28 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 17:03 - 2016-02-23 14:27 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 17:03 - 2016-02-23 14:25 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 17:03 - 2016-02-23 14:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 17:03 - 2016-02-23 14:23 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 17:03 - 2016-02-23 14:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 17:03 - 2016-02-23 14:21 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-03-02 17:03 - 2016-02-23 14:20 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 17:03 - 2016-02-23 14:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 17:03 - 2016-02-23 14:18 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 17:03 - 2016-02-23 14:10 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 17:03 - 2016-02-23 14:09 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 17:03 - 2016-02-23 14:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 17:03 - 2016-02-23 14:08 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 17:03 - 2016-02-23 14:07 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 17:03 - 2016-02-23 14:07 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 17:03 - 2016-02-23 14:07 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 17:03 - 2016-02-23 14:06 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 17:03 - 2016-02-23 14:04 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 17:03 - 2016-02-23 14:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 17:03 - 2016-02-23 14:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 17:03 - 2016-02-23 14:02 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 17:03 - 2016-02-23 14:01 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 17:03 - 2016-02-23 13:59 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 17:03 - 2016-02-23 13:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 17:03 - 2016-02-23 13:56 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 17:03 - 2016-02-23 13:53 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 17:03 - 2016-02-23 13:52 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 17:03 - 2016-02-23 13:50 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 17:03 - 2016-02-23 13:50 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 17:03 - 2016-02-23 13:50 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 17:03 - 2016-02-23 13:50 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:03 - 2016-02-23 13:49 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 17:03 - 2016-02-23 13:48 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 17:03 - 2016-02-23 13:44 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 17:03 - 2016-02-23 13:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 17:03 - 2016-02-23 13:40 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 17:03 - 2016-02-23 13:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 17:03 - 2016-02-23 13:36 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 17:03 - 2016-02-23 13:36 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 17:03 - 2016-02-23 13:36 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 17:03 - 2016-02-23 13:35 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 17:03 - 2016-02-23 13:34 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 17:03 - 2016-02-23 13:34 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 17:03 - 2016-02-23 13:34 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 17:03 - 2016-02-23 13:32 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 17:03 - 2016-02-23 13:32 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 17:03 - 2016-02-23 13:28 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 17:03 - 2016-02-23 13:28 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 17:03 - 2016-02-23 13:28 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 17:03 - 2016-02-23 13:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 17:03 - 2016-02-23 13:27 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 17:03 - 2016-02-23 13:22 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 17:03 - 2016-02-23 13:20 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 17:03 - 2016-02-23 13:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 17:03 - 2016-02-23 13:18 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 17:03 - 2016-02-23 13:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 17:03 - 2016-02-23 13:08 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 17:03 - 2016-02-23 13:07 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 17:03 - 2016-02-23 13:07 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 17:03 - 2016-02-23 13:06 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 17:03 - 2016-02-23 13:06 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 17:03 - 2016-02-23 13:06 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:03 - 2016-02-23 13:05 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 17:03 - 2016-02-23 13:01 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 17:03 - 2016-02-23 12:59 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 17:03 - 2016-02-23 12:58 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 17:03 - 2016-02-23 12:58 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 17:03 - 2016-02-23 12:54 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 17:03 - 2016-02-23 12:54 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 17:03 - 2016-02-23 12:54 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 17:03 - 2016-02-23 12:52 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 17:03 - 2016-02-23 12:51 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 17:03 - 2016-02-23 12:51 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 17:03 - 2016-02-23 12:50 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 17:03 - 2016-02-23 12:44 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 17:03 - 2016-02-23 12:35 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 17:03 - 2016-02-23 12:31 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 17:03 - 2016-02-23 12:28 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 17:03 - 2016-02-23 12:26 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 17:03 - 2016-02-23 12:21 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 17:03 - 2016-02-09 09:58 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 17:03 - 2016-02-09 09:43 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 17:03 - 2016-02-09 08:48 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 17:03 - 2016-02-09 08:48 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 17:03 - 2016-02-09 08:37 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 12:16 - 2016-03-02 12:16 - 00002217 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-03-02 12:15 - 2016-02-24 01:29 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-02 12:12 - 2016-02-24 05:27 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 31120952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 20742072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 17224472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 17175056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 17117128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436200.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436200.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00880576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00747064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-02 12:12 - 2016-02-24 05:27 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-29 14:18 - 2016-02-29 14:18 - 00002777 _____ C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-02-28 23:24 - 2016-02-28 23:36 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\Project CARS
2016-02-28 23:23 - 2016-02-28 23:23 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\wmd_symbol_cache
2016-02-28 01:35 - 2016-02-28 01:35 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\LocalLow\SUPERHOT_Team
2016-02-28 01:35 - 2016-02-28 01:35 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\SUPERHOT_Sp_z_o.o
2016-02-27 23:49 - 2016-02-27 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com]
2016-02-27 23:47 - 2016-02-27 23:47 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\LocalLow\SUPERHOT Team
2016-02-27 21:29 - 2016-03-15 15:07 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent
2016-02-27 21:26 - 2016-02-27 21:26 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-02-27 21:18 - 2016-02-27 21:18 - 00000000 ____D C:\ProgramData\IDM
2016-02-26 14:43 - 2016-02-26 14:43 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2016-02-26 14:43 - 2016-02-26 14:43 - 00256968 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2016-02-24 21:26 - 2016-02-24 21:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-24 11:21 - 2016-03-15 15:07 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\TS3Client
2016-02-24 11:21 - 2016-02-24 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-02-24 11:21 - 2016-02-24 11:21 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-02-24 06:25 - 2016-03-15 15:05 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-24 06:22 - 2016-02-24 06:22 - 00000000 ____D C:\Windows.old
2016-02-24 06:21 - 2016-02-24 06:21 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-24 06:19 - 2016-02-24 06:19 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-24 06:19 - 2016-02-24 06:19 - 00000000 ____D C:\Program Files\MSBuild
2016-02-24 06:19 - 2016-02-24 06:19 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-24 06:19 - 2016-02-24 06:19 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-24 06:18 - 2015-10-24 07:17 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-02-24 06:18 - 2015-10-24 07:17 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-24 06:18 - 2015-10-24 07:17 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-02-24 06:18 - 2015-10-24 07:16 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-02-24 06:18 - 2015-10-24 07:16 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-02-24 06:18 - 2015-10-24 07:15 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-23 23:30 - 2016-03-16 02:40 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\Sound recordings
2016-02-23 22:49 - 2016-03-11 00:37 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-23 22:49 - 2016-03-10 19:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-23 22:48 - 2016-01-29 12:27 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-23 22:48 - 2016-01-29 12:03 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-23 22:48 - 2016-01-27 11:29 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-23 22:48 - 2016-01-27 11:27 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-23 22:48 - 2016-01-27 11:27 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-23 22:48 - 2016-01-27 11:25 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-23 22:48 - 2016-01-27 11:16 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-23 22:48 - 2016-01-27 11:16 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-23 22:48 - 2016-01-27 11:14 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-23 22:48 - 2016-01-27 11:14 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-23 22:48 - 2016-01-27 10:51 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-23 22:48 - 2016-01-27 10:45 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-23 22:48 - 2016-01-27 10:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-23 22:48 - 2016-01-27 10:40 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-23 22:48 - 2016-01-27 10:38 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-23 22:48 - 2016-01-27 10:38 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-23 22:48 - 2016-01-27 10:37 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-23 22:48 - 2016-01-27 10:34 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-23 22:48 - 2016-01-27 10:32 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-23 22:48 - 2016-01-27 10:31 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-23 22:48 - 2016-01-27 10:29 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-23 22:48 - 2016-01-27 10:22 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-23 22:48 - 2016-01-27 10:20 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-23 22:48 - 2016-01-27 10:14 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-23 22:48 - 2016-01-27 10:12 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-23 22:48 - 2016-01-27 10:02 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-23 22:48 - 2016-01-27 10:01 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-23 22:48 - 2016-01-16 12:07 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-02-23 22:48 - 2016-01-16 11:54 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-02-23 22:48 - 2016-01-16 11:53 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-02-23 22:48 - 2016-01-16 11:51 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-02-23 22:48 - 2016-01-16 11:50 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-02-23 22:48 - 2016-01-16 11:50 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-02-23 22:48 - 2016-01-16 11:50 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-02-23 22:48 - 2016-01-16 11:49 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-02-23 22:48 - 2016-01-16 11:42 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-23 22:48 - 2016-01-16 11:39 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-02-23 22:48 - 2016-01-16 11:38 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-23 22:48 - 2016-01-16 11:38 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-02-23 22:48 - 2016-01-16 11:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-02-23 22:48 - 2016-01-16 11:15 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-02-23 22:48 - 2016-01-16 11:14 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-02-23 22:48 - 2016-01-16 11:14 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-02-23 22:48 - 2016-01-16 11:14 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-02-23 22:48 - 2016-01-16 11:13 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-02-23 22:48 - 2016-01-16 11:12 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-02-23 22:48 - 2016-01-16 11:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-02-23 22:48 - 2016-01-16 11:11 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-02-23 22:48 - 2016-01-16 11:10 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-02-23 22:48 - 2016-01-16 11:10 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-02-23 22:48 - 2016-01-16 11:10 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-02-23 22:48 - 2016-01-16 11:09 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-02-23 22:48 - 2016-01-16 11:08 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-02-23 22:48 - 2016-01-16 11:08 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-02-23 22:48 - 2016-01-16 11:08 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-02-23 22:48 - 2016-01-16 11:08 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-02-23 22:48 - 2016-01-16 11:07 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-02-23 22:48 - 2016-01-16 11:06 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-02-23 22:48 - 2016-01-16 11:06 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-23 22:48 - 2016-01-16 11:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-02-23 22:48 - 2016-01-16 11:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-02-23 22:48 - 2016-01-16 11:05 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-02-23 22:48 - 2016-01-16 11:05 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-23 22:48 - 2016-01-16 11:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-02-23 22:48 - 2016-01-16 11:04 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-02-23 22:48 - 2016-01-16 11:04 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-02-23 22:48 - 2016-01-16 11:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-02-23 22:48 - 2016-01-16 11:03 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-02-23 22:48 - 2016-01-16 11:03 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-02-23 22:48 - 2016-01-16 11:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-02-23 22:48 - 2016-01-16 11:02 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-02-23 22:48 - 2016-01-16 11:02 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-02-23 22:48 - 2016-01-16 11:01 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-02-23 22:48 - 2016-01-16 11:01 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-02-23 22:48 - 2016-01-16 11:01 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-02-23 22:48 - 2016-01-16 11:01 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-02-23 22:48 - 2016-01-16 11:01 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-02-23 22:48 - 2016-01-16 11:00 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-23 22:48 - 2016-01-16 11:00 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-23 22:48 - 2016-01-16 11:00 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-02-23 22:48 - 2016-01-16 11:00 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-02-23 22:48 - 2016-01-16 10:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-02-23 22:48 - 2016-01-16 10:58 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-02-23 22:48 - 2016-01-16 10:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-02-23 22:48 - 2016-01-16 10:57 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-23 22:48 - 2016-01-16 10:56 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-02-23 22:48 - 2016-01-16 10:56 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-02-23 22:48 - 2016-01-16 10:55 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-02-23 22:48 - 2016-01-16 10:55 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-02-23 22:48 - 2016-01-16 10:54 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-02-23 22:48 - 2016-01-16 10:54 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-02-23 22:48 - 2016-01-16 10:54 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-02-23 22:48 - 2016-01-16 10:54 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-02-23 22:48 - 2016-01-16 10:53 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-23 22:48 - 2016-01-16 10:53 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-23 22:48 - 2016-01-16 10:51 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-02-23 22:48 - 2016-01-16 10:50 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-02-23 22:48 - 2016-01-16 10:50 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-02-23 22:48 - 2016-01-16 10:50 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-02-23 22:48 - 2016-01-16 10:49 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-02-23 22:48 - 2016-01-16 10:49 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-02-23 22:48 - 2016-01-16 10:48 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-02-23 22:48 - 2016-01-16 10:47 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-02-23 22:48 - 2016-01-16 10:46 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-02-23 22:48 - 2016-01-16 10:46 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-02-23 22:48 - 2016-01-16 10:45 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-02-23 22:48 - 2016-01-16 10:41 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-02-23 22:48 - 2016-01-05 08:20 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-02-23 22:48 - 2016-01-05 08:18 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-02-23 22:48 - 2016-01-05 08:15 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-02-23 22:48 - 2016-01-05 08:12 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-02-23 22:48 - 2016-01-05 08:07 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-02-23 22:48 - 2016-01-05 08:07 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-02-23 22:48 - 2016-01-05 08:07 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-02-23 22:48 - 2016-01-05 08:07 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-02-23 22:48 - 2016-01-05 08:03 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-02-23 22:48 - 2016-01-05 08:03 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-02-23 22:48 - 2016-01-05 08:03 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-02-23 22:48 - 2016-01-05 08:03 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-02-23 22:48 - 2016-01-05 07:57 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-02-23 22:48 - 2016-01-05 07:53 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-02-23 22:48 - 2016-01-05 07:53 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-23 22:48 - 2016-01-05 07:53 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:53 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:51 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-02-23 22:48 - 2016-01-05 07:47 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:46 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:27 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-02-23 22:48 - 2016-01-05 07:27 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-02-23 22:48 - 2016-01-05 07:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-02-23 22:48 - 2016-01-05 07:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-02-23 22:48 - 2016-01-05 07:23 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-02-23 22:48 - 2016-01-05 07:22 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-02-23 22:48 - 2016-01-05 07:21 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-02-23 22:48 - 2016-01-05 07:21 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-02-23 22:48 - 2016-01-05 07:20 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-02-23 22:48 - 2016-01-05 07:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-02-23 22:48 - 2016-01-05 07:19 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-02-23 22:48 - 2016-01-05 07:19 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-02-23 22:48 - 2016-01-05 07:19 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-02-23 22:48 - 2016-01-05 07:18 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-02-23 22:48 - 2016-01-05 07:18 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-02-23 22:48 - 2016-01-05 07:17 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-02-23 22:48 - 2016-01-05 07:17 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-02-23 22:48 - 2016-01-05 07:17 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-02-23 22:48 - 2016-01-05 07:15 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-02-23 22:48 - 2016-01-05 07:15 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-02-23 22:48 - 2016-01-05 07:14 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-02-23 22:48 - 2016-01-05 07:13 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-02-23 22:48 - 2016-01-05 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-23 22:48 - 2016-01-05 07:13 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-02-23 22:48 - 2016-01-05 07:12 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-02-23 22:48 - 2016-01-05 07:11 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-02-23 22:48 - 2016-01-05 07:11 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-02-23 22:48 - 2016-01-05 07:10 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-02-23 22:48 - 2016-01-05 07:10 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-02-23 22:48 - 2016-01-05 07:09 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-02-23 22:48 - 2016-01-05 07:09 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-02-23 22:48 - 2016-01-05 07:09 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-02-23 22:48 - 2016-01-05 07:08 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-02-23 22:48 - 2016-01-05 07:06 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-02-23 22:48 - 2016-01-05 07:06 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-23 22:48 - 2015-12-07 10:27 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-02-23 22:48 - 2015-12-07 10:25 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-02-23 22:48 - 2015-12-07 10:19 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-02-23 22:48 - 2015-12-07 10:18 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-02-23 22:48 - 2015-12-07 10:18 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-02-23 22:48 - 2015-12-07 10:17 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-02-23 22:48 - 2015-12-07 10:15 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-02-23 22:48 - 2015-12-07 09:45 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-02-23 22:48 - 2015-12-07 09:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-02-23 22:48 - 2015-12-07 09:40 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-02-23 22:48 - 2015-12-07 09:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-02-23 22:48 - 2015-12-07 09:39 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-02-23 22:48 - 2015-12-07 09:37 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-02-23 22:48 - 2015-12-07 09:37 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-02-23 22:48 - 2015-12-07 09:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-02-23 22:48 - 2015-12-07 09:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-02-23 22:48 - 2015-12-07 09:35 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-02-23 22:48 - 2015-12-07 09:35 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-02-23 22:48 - 2015-12-07 09:34 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-02-23 22:48 - 2015-12-07 09:34 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-02-23 22:48 - 2015-12-07 09:32 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-02-23 22:48 - 2015-12-07 09:31 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-02-23 22:48 - 2015-12-07 09:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-02-23 22:48 - 2015-12-07 09:30 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-02-23 22:48 - 2015-12-07 09:29 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-02-23 22:48 - 2015-12-07 09:29 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-02-23 22:48 - 2015-12-07 09:29 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-02-23 22:48 - 2015-12-07 09:28 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-02-23 22:48 - 2015-12-07 09:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-02-23 22:48 - 2015-12-07 09:25 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-02-23 22:48 - 2015-12-07 09:21 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-02-23 22:48 - 2015-12-07 09:15 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-02-23 22:48 - 2015-12-07 09:15 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-02-23 22:48 - 2015-12-07 09:13 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-02-23 22:48 - 2015-12-07 09:09 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-02-23 22:48 - 2015-12-07 09:08 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-02-23 22:48 - 2015-12-07 09:02 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-02-23 22:48 - 2015-11-24 15:56 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-02-23 22:48 - 2015-11-24 15:31 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-02-23 22:48 - 2015-11-24 15:24 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-02-23 22:48 - 2015-11-24 15:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-23 22:48 - 2015-11-24 15:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-02-23 22:48 - 2015-11-24 15:07 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-02-23 22:48 - 2015-11-24 14:56 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-02-23 22:48 - 2015-11-24 14:49 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-02-23 22:48 - 2015-11-24 14:42 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-02-23 22:48 - 2015-11-24 14:24 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-02-23 22:48 - 2015-11-24 14:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-02-23 22:48 - 2015-11-24 14:19 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-02-23 22:48 - 2015-11-24 13:44 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-02-23 22:48 - 2015-11-24 13:29 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-02-23 22:48 - 2015-11-24 13:27 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-02-23 22:48 - 2015-11-24 12:59 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-23 22:48 - 2015-11-24 12:34 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-23 22:48 - 2015-11-22 16:11 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-23 22:48 - 2015-11-22 16:04 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-02-23 22:48 - 2015-11-22 16:03 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-02-23 22:48 - 2015-11-22 16:03 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-02-23 22:48 - 2015-11-22 16:03 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-02-23 22:48 - 2015-11-22 16:00 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-23 22:48 - 2015-11-22 15:55 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-02-23 22:48 - 2015-11-22 15:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-02-23 22:48 - 2015-11-22 15:30 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-02-23 22:48 - 2015-11-22 15:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-02-23 22:48 - 2015-11-22 15:27 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-02-23 22:48 - 2015-11-22 15:27 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-02-23 22:48 - 2015-11-22 15:27 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-02-23 22:48 - 2015-11-22 15:26 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-02-23 22:48 - 2015-11-22 15:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-02-23 22:48 - 2015-11-22 15:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-02-23 22:48 - 2015-11-22 15:26 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-02-23 22:48 - 2015-11-22 15:25 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-02-23 22:48 - 2015-11-22 15:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-02-23 22:48 - 2015-11-22 15:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-02-23 22:48 - 2015-11-22 15:24 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-02-23 22:48 - 2015-11-22 15:22 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-02-23 22:48 - 2015-11-22 15:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-02-23 22:48 - 2015-11-22 15:21 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-02-23 22:48 - 2015-11-22 15:21 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-02-23 22:48 - 2015-11-22 15:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-02-23 22:48 - 2015-11-22 15:21 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-02-23 22:48 - 2015-11-22 15:20 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-02-23 22:48 - 2015-11-22 15:19 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-02-23 22:48 - 2015-11-22 15:19 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-02-23 22:48 - 2015-11-22 15:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-02-23 22:48 - 2015-11-22 15:15 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-02-23 22:48 - 2015-11-22 15:14 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-02-23 22:48 - 2015-11-22 15:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-02-23 22:48 - 2015-11-22 15:13 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-02-23 22:48 - 2015-11-22 15:13 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-02-23 22:48 - 2015-11-22 15:13 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-02-23 22:48 - 2015-11-22 15:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-02-23 22:48 - 2015-11-22 15:12 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-02-23 22:48 - 2015-11-22 15:12 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-02-23 22:48 - 2015-11-22 15:12 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-02-23 22:48 - 2015-11-22 15:12 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-02-23 22:48 - 2015-11-22 15:11 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-02-23 22:48 - 2015-11-22 15:10 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-02-23 22:48 - 2015-11-22 15:10 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-02-23 22:48 - 2015-11-22 15:10 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-02-23 22:48 - 2015-11-22 15:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-02-23 22:48 - 2015-11-22 15:09 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-02-23 22:48 - 2015-11-22 15:09 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-02-23 22:48 - 2015-11-22 15:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-02-23 22:48 - 2015-11-22 15:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-02-23 22:48 - 2015-11-22 15:08 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-02-23 22:48 - 2015-11-22 15:07 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-02-23 22:48 - 2015-11-22 15:07 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-02-23 22:48 - 2015-11-22 15:06 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-02-23 22:48 - 2015-11-22 15:04 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-02-23 22:48 - 2015-11-22 15:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-02-23 22:48 - 2015-11-22 15:03 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-02-23 22:48 - 2015-11-22 15:02 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-02-23 22:48 - 2015-11-22 15:01 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-02-23 22:48 - 2015-11-22 15:01 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-02-23 22:48 - 2015-11-22 14:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-02-23 22:48 - 2015-11-22 14:58 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-02-23 22:48 - 2015-11-22 14:58 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-02-23 22:48 - 2015-11-22 14:58 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-02-23 22:48 - 2015-11-22 14:57 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-02-23 22:48 - 2015-11-22 14:57 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-02-23 22:48 - 2015-11-22 14:57 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-02-23 22:48 - 2015-11-22 14:57 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-02-23 22:48 - 2015-11-22 14:56 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-02-23 22:48 - 2015-11-22 14:56 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-02-23 22:48 - 2015-11-22 14:56 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-02-23 22:48 - 2015-11-22 14:56 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-02-23 22:48 - 2015-11-22 14:54 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-02-23 22:48 - 2015-11-22 14:50 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-02-23 22:48 - 2015-11-22 14:48 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-02-23 22:48 - 2015-11-22 14:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-02-23 22:48 - 2015-11-22 14:47 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-02-23 22:48 - 2015-11-22 14:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-02-23 22:48 - 2015-11-21 11:14 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-02-23 22:48 - 2015-11-13 12:25 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-02-23 22:48 - 2015-11-13 12:21 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-02-23 22:48 - 2015-11-13 12:21 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-02-23 22:48 - 2015-11-13 12:21 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-02-23 22:48 - 2015-11-13 12:13 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-02-23 22:48 - 2015-11-13 12:13 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-02-23 22:48 - 2015-11-13 12:13 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-02-23 22:48 - 2015-11-13 12:12 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-02-23 22:48 - 2015-11-13 12:12 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-02-23 22:48 - 2015-11-13 12:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-02-23 22:48 - 2015-11-13 12:03 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-02-23 22:48 - 2015-11-13 12:03 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-23 22:48 - 2015-11-13 12:02 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-02-23 22:48 - 2015-11-13 11:51 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-02-23 22:48 - 2015-11-13 11:51 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-02-23 22:48 - 2015-11-13 11:51 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-02-23 22:48 - 2015-11-13 11:51 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-02-23 22:48 - 2015-11-13 11:39 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-02-23 22:48 - 2015-11-13 11:37 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-02-23 22:48 - 2015-11-13 11:36 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-02-23 22:48 - 2015-11-13 11:35 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-02-23 22:48 - 2015-11-13 11:35 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-02-23 22:48 - 2015-11-13 11:35 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-02-23 22:48 - 2015-11-13 11:35 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-02-23 22:48 - 2015-11-13 11:34 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-02-23 22:48 - 2015-11-13 11:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-02-23 22:48 - 2015-11-13 11:33 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-02-23 22:48 - 2015-11-13 11:30 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-02-23 22:48 - 2015-11-13 11:28 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-02-23 22:48 - 2015-11-13 11:27 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-02-23 22:48 - 2015-11-13 11:26 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-02-23 22:48 - 2015-11-13 11:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-02-23 22:48 - 2015-11-13 11:09 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-02-23 22:48 - 2015-11-13 11:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-02-23 22:48 - 2015-11-13 11:00 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-02-23 22:48 - 2015-11-13 10:49 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-02-23 22:48 - 2015-11-05 17:35 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-02-23 22:48 - 2015-11-05 15:55 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-02-23 22:48 - 2015-11-05 15:38 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-02-23 22:48 - 2015-11-05 15:38 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-02-23 22:48 - 2015-11-05 14:40 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-23 22:48 - 2015-11-05 14:33 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-02-23 22:48 - 2015-11-05 14:32 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-02-23 22:48 - 2015-11-05 13:45 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-23 22:20 - 2016-02-23 22:20 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Avira
2016-02-23 22:18 - 2016-02-23 23:32 - 00146704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-02-23 22:18 - 2016-02-23 23:32 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-02-23 22:18 - 2016-02-23 23:32 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-02-23 22:18 - 2016-02-23 23:32 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-02-23 22:18 - 2016-02-23 22:18 - 00000000 ____D C:\ProgramData\Avira
2016-02-23 21:01 - 2016-03-13 22:31 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\KeyLemon
2016-02-23 21:00 - 2016-03-13 22:31 - 00000000 ____D C:\ProgramData\KeyLemon
2016-02-23 20:28 - 2016-03-08 18:35 - 00000000 ___RD C:\Users\HIMANK-EX0M4K3R\3D Objects
2016-02-23 20:26 - 2016-02-23 20:26 - 00002021 _____ C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project VR.dll.lnk
2016-02-23 20:17 - 2016-02-23 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-23 20:17 - 2016-02-17 12:10 - 01903344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-02-23 20:17 - 2016-02-17 12:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-02-23 20:17 - 2016-02-17 12:10 - 01571624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-02-23 20:17 - 2016-02-17 12:10 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-02-23 20:17 - 2016-02-17 12:10 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-02-23 20:17 - 2015-12-18 11:41 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-02-23 20:17 - 2015-12-18 11:40 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-02-23 20:17 - 2015-12-18 11:40 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-02-23 19:49 - 2016-02-23 19:49 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\LSC
2016-02-23 19:34 - 2016-02-23 19:34 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-02-23 19:32 - 2015-07-06 16:22 - 00395368 _____ C:\WINDOWS\system32\igfxTray.exe
2016-02-23 19:32 - 2015-07-06 16:22 - 00355328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-02-23 19:32 - 2015-07-06 16:22 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-02-23 19:32 - 2015-07-06 16:22 - 00282216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-02-23 19:32 - 2015-07-06 16:22 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-02-23 19:32 - 2015-07-06 16:22 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-02-23 19:20 - 2016-02-25 06:34 - 12479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-23 19:20 - 2016-02-24 05:27 - 19779456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-23 19:20 - 2016-02-24 05:27 - 03649760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-23 19:20 - 2016-02-24 05:27 - 03231360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-23 19:20 - 2016-02-24 05:27 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-23 19:20 - 2016-02-09 13:55 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-23 19:20 - 2016-02-09 13:55 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-23 19:15 - 2001-08-23 13:00 - 00034871 _____ C:\WINDOWS\system32\gpedit.msc
2016-02-23 19:13 - 2016-02-23 19:13 - 00707354 _____ C:\WINDOWS\unins000.exe
2016-02-23 19:13 - 2016-02-23 19:13 - 00001548 _____ C:\WINDOWS\unins000.dat
2016-02-23 19:13 - 2016-02-23 19:13 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2016-02-23 19:13 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2016-02-23 19:13 - 2001-08-23 13:00 - 00034871 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2016-02-23 19:06 - 2016-02-23 19:06 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Intel
2016-02-23 18:56 - 2016-02-23 18:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-02-23 18:45 - 2016-02-23 18:45 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\.QtWebEngineProcess
2016-02-23 18:45 - 2016-02-23 18:45 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\.LSC
2016-02-23 18:34 - 2016-02-23 18:34 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\SHAREit
2016-02-23 18:34 - 2016-02-23 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2016-02-23 18:34 - 2016-02-23 18:34 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-02-23 18:34 - 2015-08-29 07:01 - 00766136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2016-02-23 18:34 - 2015-08-29 07:01 - 00270520 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2016-02-23 18:34 - 2015-06-19 03:19 - 00246952 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll
2016-02-23 18:30 - 2015-06-28 19:55 - 00094861 ____N C:\WINDOWS\system32\athw10x.cat
2016-02-23 18:30 - 2015-06-16 02:29 - 04316784 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athw10x.sys
2016-02-23 18:30 - 2015-06-16 02:29 - 04316784 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys
2016-02-23 18:26 - 2015-06-23 10:37 - 00895256 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-02-23 18:26 - 2015-06-23 10:37 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-02-23 18:18 - 2016-02-23 19:34 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-02-23 18:18 - 2016-02-23 18:18 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\LocalLow\Lenovo
2016-02-23 18:17 - 2016-02-23 18:17 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Downloaded Installations
2016-02-23 18:16 - 2015-07-06 16:22 - 06242312 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 04798264 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2016-02-23 18:16 - 2015-07-06 16:22 - 02028032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 01767992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 01765408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 01565696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 01156096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 01007208 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00721920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00624128 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00518248 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00414312 _____ C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2016-02-23 18:16 - 2015-07-06 16:22 - 00386048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00350312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00348672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00331832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00326760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00313888 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-02-23 18:16 - 2015-07-06 16:22 - 00248424 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00243200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00218216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-02-23 18:16 - 2015-07-06 16:22 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4240.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00163776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00162240 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00143904 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00140056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00140056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00090112 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00082944 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00064000 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00011264 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-02-23 18:16 - 2015-07-06 16:22 - 00004594 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-02-23 18:16 - 2015-07-06 16:22 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2016-02-23 18:16 - 2015-07-06 16:21 - 36603096 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 35690528 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 30319072 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 29530104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 20495872 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 15272960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 12880160 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 11174400 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 11155912 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 10526600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 09625368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 08494592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 06741482 _____ C:\WINDOWS\system32\igdclbif.bin
2016-02-23 18:16 - 2015-07-06 16:21 - 06079928 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-02-23 18:16 - 2015-07-06 16:21 - 05467648 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 05103120 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 05084080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 04284928 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 03801600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 03730432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 01825672 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 01428592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 01216000 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00970752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00925288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00921704 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2016-02-23 18:16 - 2015-07-06 16:21 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2016-02-23 18:16 - 2015-07-06 16:21 - 00462096 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2016-02-23 18:16 - 2015-07-06 16:21 - 00448104 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00425472 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2016-02-23 18:16 - 2015-07-06 16:21 - 00373248 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00269848 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00254392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00213608 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00213096 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00200344 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00172032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00160144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00156264 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-02-23 18:16 - 2015-07-06 16:21 - 00153600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-02-23 18:16 - 2015-07-06 16:21 - 00000935 _____ C:\WINDOWS\system32\Gfxv4_0.exe.config
2016-02-23 18:16 - 2015-07-06 16:21 - 00000935 _____ C:\WINDOWS\system32\DPTopologyApp.exe.config
2016-02-23 18:16 - 2015-07-06 16:21 - 00000895 _____ C:\WINDOWS\system32\Gfxv2_0.exe.config
2016-02-23 18:16 - 2015-07-06 16:21 - 00000895 _____ C:\WINDOWS\system32\DPTopologyAppv2_0.exe.config
2016-02-23 18:15 - 2016-02-23 18:15 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Intel
2016-02-23 18:06 - 2016-02-23 18:06 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2016-02-23 18:06 - 2015-05-11 15:31 - 09890832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-02-23 18:06 - 2015-05-11 15:31 - 00083984 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-02-23 17:53 - 2016-02-23 17:53 - 00001058 _____ C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-02-23 17:47 - 2016-02-23 17:47 - 00002450 _____ C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-23 17:45 - 2016-02-23 17:48 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\MicrosoftEdge
2016-02-23 17:45 - 2016-02-23 17:45 - 00000000 ____D C:\ProgramData\USOShared
2016-02-23 17:41 - 2016-02-23 17:41 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Publishers
2016-02-23 17:40 - 2016-02-23 17:40 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\ActiveSync
2016-02-23 17:39 - 2016-02-23 17:39 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Comms
2016-02-23 17:38 - 2016-02-23 17:38 - 00000020 ___SH C:\Users\HIMANK-EX0M4K3R\ntuser.ini
2016-02-23 17:38 - 2016-02-23 17:38 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\TileDataLayer
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-23 17:31 - 2016-02-23 17:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-23 17:26 - 2016-03-12 19:22 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-23 17:23 - 2016-03-16 13:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-23 17:23 - 2016-02-23 17:23 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-02-23 17:14 - 2016-02-23 17:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-23 17:14 - 2016-02-23 17:14 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2016-02-23 17:14 - 2016-02-23 17:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2016-02-23 17:08 - 2016-02-23 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-02-23 17:06 - 2016-03-16 13:49 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R
2016-02-23 17:06 - 2016-02-23 17:06 - 00000000 _SHDL C:\Users\HIMANK-EX0M4K3R\My Documents
2016-02-23 17:06 - 2016-02-23 17:06 - 00000000 _SHDL C:\Users\HIMANK-EX0M4K3R\Documents\My Videos
2016-02-23 17:06 - 2016-02-23 17:06 - 00000000 _SHDL C:\Users\HIMANK-EX0M4K3R\Documents\My Pictures
2016-02-23 17:06 - 2016-02-23 17:06 - 00000000 _SHDL C:\Users\HIMANK-EX0M4K3R\Documents\My Music
2016-02-23 17:01 - 2016-02-23 17:01 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2016-02-23 17:01 - 2016-02-23 17:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-02-23 17:01 - 2016-02-23 17:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-02-23 17:01 - 2016-02-23 17:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-02-23 17:01 - 2016-02-23 17:01 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-02-23 17:01 - 2016-02-23 17:01 - 00000000 ____D C:\Program Files\Realtek
2016-02-23 17:00 - 2016-02-23 17:00 - 00000000 ____D C:\Program Files\Synaptics
2016-02-23 17:00 - 2015-10-30 12:47 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-23 16:56 - 2016-03-16 13:41 - 05247136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-23 16:30 - 2016-02-23 17:31 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-02-23 16:30 - 2016-02-23 17:31 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-02-16 22:20 - 2016-02-16 22:20 - 00001102 _____ C:\Users\HIMANK-EX0M4K3R\Documents\VideoCopilot.lnk
2016-02-16 18:36 - 2016-02-23 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WallWatcher
2016-02-16 16:18 - 2016-02-16 16:18 - 00000000 ____D C:\ProgramData\Paessler
2016-02-16 16:16 - 2016-02-16 16:24 - 00000000 ____D C:\Program Files (x86)\PRTG Network Monitor
2016-02-16 14:50 - 2016-02-16 14:50 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Apple Computer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-16 14:01 - 2015-11-17 16:16 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7E2BCF0-8122-4976-B484-7FB6090E9B62}
2016-03-16 13:54 - 2015-11-29 14:41 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-16 13:54 - 2015-11-18 18:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-16 13:54 - 2015-11-18 18:14 - 00000000 __SHD C:\Users\HIMANK-EX0M4K3R\IntelGraphicsProfiles
2016-03-16 13:51 - 2015-12-27 13:59 - 00000000 _____ C:\hsrv.txt
2016-03-16 13:50 - 2015-10-30 11:58 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-16 13:50 - 2015-01-27 14:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-16 13:49 - 2015-11-25 13:55 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Steam
2016-03-16 13:15 - 2015-11-29 14:41 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-16 06:09 - 2015-11-17 16:04 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\vlc
2016-03-16 02:00 - 2015-11-18 15:34 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Adobe
2016-03-16 00:01 - 2015-12-27 14:00 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Droid4X
2016-03-15 23:53 - 2015-12-27 14:00 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\.VirtualBox
2016-03-15 22:29 - 2015-11-17 16:16 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\DMCache
2016-03-15 22:24 - 2015-11-19 19:17 - 00000000 ___RD C:\Users\HIMANK-EX0M4K3R\OneDrive
2016-03-15 21:56 - 2015-11-25 00:35 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-15 19:54 - 2015-11-17 16:16 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Downloads\Compressed
2016-03-15 19:49 - 2015-11-20 14:19 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\CrashDumps
2016-03-15 19:02 - 2015-11-17 16:16 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\IDM
2016-03-15 18:38 - 2015-11-18 18:14 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Packages
2016-03-15 18:38 - 2015-10-30 12:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 18:38 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-15 15:15 - 2015-12-08 14:43 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Nitro PDF
2016-03-15 15:12 - 2015-01-27 15:07 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-03-15 15:11 - 2015-10-30 12:51 - 00000000 ____D C:\WINDOWS\INF
2016-03-15 15:11 - 2015-01-27 15:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-03-15 15:07 - 2015-11-24 14:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-15 13:16 - 2015-11-29 14:55 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 22:26 - 2016-02-02 21:15 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Downloads\Video
2016-03-12 21:40 - 2015-11-29 14:39 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Might & Magic Heroes Online
2016-03-12 20:14 - 2015-11-25 14:09 - 00000000 ____D C:\ProgramData\Origin
2016-03-12 04:05 - 2015-10-30 12:41 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-11 06:00 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-11 00:57 - 2015-12-11 14:54 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\Documents\My Games
2016-03-11 00:34 - 2015-01-27 15:30 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-03-10 19:42 - 2015-11-17 17:12 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\ElevatedDiagnostics
2016-03-10 11:39 - 2015-12-16 15:11 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Ubisoft Game Launcher
2016-03-10 10:16 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 10:16 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 10:16 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 10:16 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 18:38 - 2016-01-21 00:57 - 00000075 _____ C:\Users\HIMANK-EX0M4K3R\Documents\bittt.txt
2016-03-08 12:42 - 2015-10-30 12:56 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 12:42 - 2015-10-30 12:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 03:07 - 2015-01-27 15:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-04 20:00 - 2015-11-25 12:47 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\UnrealEngine
2016-03-04 12:02 - 2015-11-25 14:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-03-04 01:30 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-04 01:03 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 09:32 - 2015-11-18 18:09 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 09:26 - 2015-11-17 16:16 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-03-03 03:37 - 2015-10-30 14:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 03:37 - 2015-10-30 11:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 03:37 - 2015-10-30 11:58 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-02 20:49 - 2015-11-18 18:15 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\NVIDIA Corporation
2016-03-02 12:16 - 2015-01-27 14:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-02 12:12 - 2015-11-17 16:16 - 00000000 __SHD C:\Users\HIMANK-EX0M4K3R\AppData\Local\EmieUserList
2016-03-02 12:12 - 2015-11-17 16:16 - 00000000 __SHD C:\Users\HIMANK-EX0M4K3R\AppData\Local\EmieSiteList
2016-03-01 19:46 - 2016-01-18 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-03-01 19:46 - 2016-01-18 21:24 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-02-29 16:03 - 2015-12-16 19:24 - 00000000 ____D C:\Program Files (x86)\HxVPN-HSS
2016-02-27 20:52 - 2015-11-17 15:31 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Lenovo
2016-02-27 20:52 - 2015-01-27 15:30 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-26 14:44 - 2015-01-27 15:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-02-24 06:25 - 2015-10-30 12:54 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-24 04:12 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-24 01:58 - 2015-01-27 14:58 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-24 01:58 - 2015-01-27 14:58 - 02993720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-24 01:58 - 2015-01-27 14:58 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 00121792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-24 01:58 - 2015-01-27 14:58 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-23 23:39 - 2015-10-30 12:54 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-23 23:39 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-23 23:39 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-23 23:39 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-23 23:34 - 2015-11-17 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-23 22:18 - 2015-11-17 16:02 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-23 21:38 - 2016-02-13 14:41 - 00000018 _____ C:\WINDOWS\SysWOW64\taskSchedularLog.txt
2016-02-23 21:12 - 2015-11-25 16:34 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\Origin
2016-02-23 21:04 - 2015-11-25 14:09 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-23 20:28 - 2015-11-28 23:22 - 00001759 _____ C:\Users\HIMANK-EX0M4K3R\Documents\Project VR.dll.lnk
2016-02-23 20:18 - 2015-11-18 18:14 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\NVIDIA
2016-02-23 20:17 - 2015-01-27 14:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-23 20:17 - 2015-01-27 14:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-23 19:40 - 2015-10-30 11:58 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-23 19:38 - 2015-01-27 14:57 - 00018896 _____ C:\WINDOWS\system32\results.xml
2016-02-23 19:34 - 2015-01-27 14:50 - 00000000 ____D C:\Program Files (x86)\Intel
2016-02-23 19:33 - 2015-01-27 14:53 - 00000000 ___HD C:\Intel
2016-02-23 19:19 - 2013-08-22 21:06 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-23 19:16 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-23 19:06 - 2015-01-27 14:52 - 00000000 ____D C:\ProgramData\Intel
2016-02-23 18:45 - 2015-12-13 12:14 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Lenovo
2016-02-23 18:35 - 2015-01-27 15:35 - 00000000 ____D C:\Program Files\Lenovo
2016-02-23 18:35 - 2015-01-27 15:34 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-02-23 18:34 - 2015-11-30 19:11 - 00000000 ____D C:\ProgramData\Synaptics
2016-02-23 18:31 - 2015-01-27 14:52 - 00000000 ____D C:\Program Files\Intel
2016-02-23 18:30 - 2015-01-27 15:09 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2016-02-23 18:17 - 2015-01-27 14:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-23 18:06 - 2015-01-27 15:01 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-02-23 18:06 - 2015-01-27 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-02-23 17:59 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-23 17:54 - 2015-10-30 14:33 - 00000000 ____D C:\WINDOWS\OCR
2016-02-23 17:45 - 2015-10-30 12:54 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-23 17:41 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-23 17:41 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-23 17:31 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-23 17:29 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\Registration
2016-02-23 17:24 - 2015-11-17 15:19 - 00002808 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-509749034-187825214-1460614161-1001
2016-02-23 17:24 - 2015-01-27 15:35 - 00002564 _____ C:\WINDOWS\System32\Tasks\Maxthon Update
2016-02-23 17:23 - 2015-12-23 18:45 - 00002122 _____ C:\WINDOWS\System32\Tasks\Origin
2016-02-23 17:23 - 2015-11-30 19:17 - 00002048 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2016-02-23 17:23 - 2015-11-29 14:41 - 00003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-23 17:23 - 2015-11-29 14:41 - 00003066 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-23 17:23 - 2015-11-18 15:43 - 00002594 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Himank-PC-HIMANK-EX0M4K3R
2016-02-23 17:23 - 2015-01-27 15:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2016-02-23 17:23 - 2015-01-27 14:53 - 00003086 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2016-02-23 17:23 - 2015-01-27 14:53 - 00002708 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2016-02-23 17:23 - 2015-01-27 14:37 - 00002316 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-509749034-187825214-1460614161-500
2016-02-23 17:22 - 2015-10-30 12:54 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-23 17:16 - 2016-02-13 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-02-23 17:16 - 2016-01-31 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
2016-02-23 17:16 - 2016-01-21 02:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQLyog
2016-02-23 17:16 - 2015-12-27 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
2016-02-23 17:16 - 2015-12-26 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-02-23 17:16 - 2015-12-26 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-23 17:16 - 2015-12-26 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-02-23 17:16 - 2015-12-24 14:00 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-23 17:16 - 2015-12-23 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2016-02-23 17:16 - 2015-12-19 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-02-23 17:16 - 2015-12-12 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Particular v2
2016-02-23 17:16 - 2015-11-28 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-02-23 17:16 - 2015-11-26 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda3D 1.8.1
2016-02-23 17:16 - 2015-11-25 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-02-23 17:16 - 2015-11-24 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-23 17:16 - 2015-11-18 15:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-23 17:16 - 2015-11-17 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-02-23 17:16 - 2015-11-17 16:16 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-23 17:16 - 2015-11-17 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-23 17:16 - 2015-11-17 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2016-02-23 17:16 - 2015-11-17 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-02-23 17:16 - 2015-11-17 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-23 17:16 - 2015-11-17 16:03 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-23 17:16 - 2015-11-17 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-23 17:16 - 2015-10-30 12:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 17:16 - 2015-01-27 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2016-02-23 17:16 - 2015-01-27 15:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2016-02-23 17:16 - 2015-01-27 15:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-02-23 17:16 - 2015-01-27 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stagelight
2016-02-23 17:16 - 2015-01-27 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2016-02-23 17:16 - 2015-01-27 15:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2016-02-23 17:16 - 2015-01-27 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-23 17:16 - 2015-01-27 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-02-23 17:14 - 2013-08-22 19:06 - 00000000 ____D C:\Users\Default.migrated
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-02-23 17:11 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-02-23 17:11 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-02-23 17:11 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-02-23 17:10 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\InputMethod
2016-02-23 17:10 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-02-23 17:09 - 2016-01-21 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-02-23 17:09 - 2015-12-13 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-02-23 17:09 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\Help
2016-02-23 17:09 - 2015-01-27 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-23 17:09 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\ADFS
2016-02-23 17:08 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-23 17:07 - 2016-01-31 12:36 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
2016-02-23 17:07 - 2016-01-21 02:19 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SQLyog
2016-02-23 17:07 - 2015-12-19 22:26 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-02-23 17:07 - 2015-11-26 19:18 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda3D 1.8.1
2016-02-23 17:07 - 2015-11-25 20:38 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-23 17:07 - 2015-11-18 18:15 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-23 17:05 - 2015-10-30 11:58 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-23 16:56 - 2015-10-30 14:41 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-23 16:37 - 2015-01-27 15:36 - 00027136 _____ C:\WINDOWS\system32\VfService.trf
2016-02-23 16:31 - 2015-10-30 14:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-17 12:17 - 2016-01-18 21:24 - 00000000 ____D C:\Users\HIMANK-EX0M4K3R\AppData\Local\CyberGhost
2016-02-16 16:17 - 2015-01-27 15:32 - 00000000 ____D C:\ProgramData\Temp

==================== Files in the root of some directories =======

2009-03-30 12:22 - 2009-03-30 12:22 - 0061440 _____ () C:\Program Files (x86)\RGSGrowBounds.aex
2015-12-12 18:32 - 2015-12-12 18:32 - 0071264 _____ () C:\Program Files (x86)\trapcodeparticularv2.log
2015-12-26 18:22 - 2016-03-11 21:02 - 0001005 _____ () C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\droid4xinstaller.log
2015-11-19 19:54 - 2016-02-11 22:22 - 0007634 _____ () C:\Users\HIMANK-EX0M4K3R\AppData\Local\Resmon.ResmonCfg
2015-12-23 21:27 - 2015-12-23 21:27 - 0061516 _____ () C:\Users\HIMANK-EX0M4K3R\AppData\Local\temp023423.vbe
2016-03-07 20:14 - 2016-03-07 20:14 - 0000000 _____ () C:\Users\HIMANK-EX0M4K3R\AppData\Local\{B5CC500F-EFC3-4BD9-A6BE-377E6808D0D6}
2016-02-23 17:01 - 2016-02-23 17:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\HIMANK-EX0M4K3R\AppData\Local\Temp\avgnt.exe
C:\Users\HIMANK-EX0M4K3R\AppData\Local\Temp\sqlite3.dll
C:\Users\HIMANK-EX0M4K3R\AppData\Local\Temp\unins000.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-07 03:50

==================== End of FRST.txt ============================



#4 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 03:39 AM

this log is from addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by HIMANK-EX0M4K3R (2016-03-16 14:01:54)
Running from C:\Users\HIMANK-EX0M4K3R\Desktop
Windows 10 Home Single Language Version 1511 (X64) (2016-02-23 12:07:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-509749034-187825214-1460614161-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-509749034-187825214-1460614161-503 - Limited - Disabled)
Guest (S-1-5-21-509749034-187825214-1460614161-501 - Limited - Disabled)
HIMANK-EX0M4K3R (S-1-5-21-509749034-187825214-1460614161-1001 - Administrator - Enabled) => C:\Users\HIMANK-EX0M4K3R

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Syndicate (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0081}) (Version: 6.0 - Black Box)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version:  - Double Action Factory)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.8.7 - Haiyu Dongxiang Co.,Ltd.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo)
Energy Manager (x32 Version: 1.5.0.23 - Lenovo) Hidden
Epic Games Launcher (HKLM-x32\...\{54ABDB2C-47AC-4D03-AEE2-D03953AD6D09}) (Version: 1.1.45.0 - Epic Games, Inc.)
EvilLyrics (HKLM-x32\...\EvilLyrics) (Version:  - )
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HxVPN-HSS Hotspot Shield (HKLM-x32\...\HxVPN-HSS Hotspot Shield) (Version: Hotspot Shield - HxVPN)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4240 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo BatteryGauge (HKLM\...\{CBEDEC16-C4F5-4255-99E4-5884EFEDD1BC}) (Version: 1.0.023.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MySQL Server 5.0 (HKLM-x32\...\{63990C33-0F65-4E83-97D6-3835A976A1E2}) (Version: 5.0.24 - MySQL AB)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.2.189 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.7.1.854 - Native Instruments)
Need For Speed Rivals (HKLM-x32\...\{0657F865-25B6-4391-A3B5-9917CF291AB3}) (Version: 6.0 - Black Box)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
NVIDIA 3D Vision Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.00 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.2.4863 - Electronic Arts, Inc.)
Panda3D 1.8.1 (HKLM-x32\...\Panda3D 1.8.1) (Version:  - )
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.0 - Power Software Ltd)
Python 2.7 cx_Freeze-4.3.4 (HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\cx_Freeze-py2.7) (Version:  - )
Python 2.7 py2exe-0.6.9 (HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\py2exe-py2.7) (Version:  - )
Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21275 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
SQLyog 5.17 (HKLM-x32\...\SQLyog) (Version: 5.17 - Webyog Softworks Pvt. Ltd.)
Stagelight (HKLM\...\Stagelight) (Version: 2.0.0.5015 - Open Labs, LLC.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Trapcode Particular (HKLM-x32\...\InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}) (Version: 2.1.0 - Red Giant Software)
Trapcode Particular (Version: 2.1.0 - Red Giant Software) Hidden
Trapcode Particular v2 (HKLM-x32\...\Trapcode Particular v2) (Version:  - )
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.12.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-509749034-187825214-1460614161-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\HIMANK-EX0M4K3R\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0512F4CA-9E98-460D-992C-F0C10EC32586} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-11] (Microsoft Corporation)
Task: {0D80F81E-681A-488A-8911-130B77AA7955} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-25] (Lenovo)
Task: {108DEF4E-CCCA-4EC8-A6D1-17D15D494110} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {116DFD10-B3CC-48F8-9582-6B9575C7DE30} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {15BB0B28-AA60-4D5F-A266-2E075F38934F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {26DDFC61-4DFE-4547-9FF9-340119088ED9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3D360533-BF47-4858-851D-8E76C4D59E86} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-12-23] () <==== ATTENTION
Task: {4971AC15-B9C1-4D4D-B94B-93B677D116EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4D037894-9E0C-4FDE-BB33-7B97DC51425B} - System32\Tasks\AdobeAAMUpdater-1.0-Himank-PC-HIMANK-EX0M4K3R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {5551D8C9-ACA6-43BE-8822-917C471434C6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {559D1C25-BC88-4150-9B9D-B01F4352391A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.)
Task: {584D8FDE-B937-418D-913F-37BE044E64BF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {589B0F24-76B2-4347-858D-047670D15DAA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {63321F61-D223-447A-A8DF-66BF58F98DAD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-29] (Synaptics Incorporated)
Task: {657E3236-37AA-4389-87B9-245DA7111A07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {6DF7B814-9370-478C-8469-94E98DD1D980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {75FA33BD-391C-49A0-B395-A19587E876E1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8115CA22-CE55-44B9-94D6-848038EBC479} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {841D2647-B16C-4811-AC64-B613B4C821AD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {856FC561-54C8-43DC-AF12-92832399FD9C} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {887FDB1A-EA7E-4E7E-85D7-4B1D2B6497A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {936CD8DF-B292-4D95-93C5-8368D362E89A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-25] (Lenovo)
Task: {9402A93C-C010-4538-8661-7DA672C770F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-29] (Google Inc.)
Task: {99B4C933-B4B3-4474-B549-143824F47E85} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Weekly => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {9C9A775B-CA5A-465E-912B-F6A804A1721D} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {A927F160-B1F2-495A-B1F0-B5FC976DBFB9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128
Task: {A9E4CDFC-463A-434E-B4A6-8713B8A6B1E1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-25] (Lenovo)
Task: {AD2D33A7-1A19-4017-8377-89FB516B45C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AEC3CD11-6E6D-46D0-8053-E8EF2E4AF60D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-01-25] (Lenovo)
Task: {CEE6F961-DCC7-4FBA-973A-BB5C8A6F7606} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-11] (Microsoft Corporation)
Task: {DE6F7C7A-1E2B-46A3-A30A-53A6A9707E72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-31] (Microsoft Corporation)
Task: {F002280A-C090-4BF4-83FB-3132BD8D740E} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-10-27] (Maxthon International ltd.)
Task: {FD92B8C3-0A4F-44F8-92DC-A96CB39C5F8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-31] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 12:48 - 2015-10-30 12:48 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-01-27 14:58 - 2016-02-24 01:58 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-13 07:58 - 2015-11-13 07:58 - 00269312 _____ () C:\Program Files (x86)\Droid4X\Droid4X\Droid4XService.exe
2016-02-23 20:17 - 2016-02-17 12:26 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-23 20:17 - 2016-02-17 12:26 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-23 20:17 - 2016-02-17 12:26 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2006-07-28 13:05 - 2006-07-28 13:05 - 04444160 _____ () C:\Programming\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
2015-01-27 15:39 - 2012-04-24 16:13 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-12-04 21:11 - 2016-01-31 05:54 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-03-02 17:04 - 2016-02-23 16:57 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-24 17:40 - 2016-02-24 17:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-02 17:04 - 2016-02-23 16:57 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-28 16:15 - 2016-01-28 16:15 - 08913088 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-02-23 22:48 - 2015-12-07 09:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 17:03 - 2016-02-23 14:06 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-23 22:48 - 2016-01-05 06:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-23 22:48 - 2016-01-05 06:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-23 22:48 - 2016-01-16 10:40 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-23 22:48 - 2016-01-16 10:43 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-27 02:20 - 2015-01-27 15:45 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2016-03-15 15:11 - 2015-02-09 11:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-02-23 20:17 - 2016-02-17 12:31 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2016-02-23 20:17 - 2016-02-17 12:32 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2016-02-24 17:40 - 2016-02-24 17:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-24 17:40 - 2016-02-24 17:42 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-02-24 17:40 - 2016-02-24 17:42 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-02-24 17:40 - 2016-02-24 17:42 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-02-24 17:40 - 2016-02-24 17:44 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-17 16:15 - 2016-02-17 12:32 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-02-26 06:12 - 2014-02-26 06:12 - 02689800 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2016-03-15 13:16 - 2016-03-08 08:18 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 13:16 - 2016-03-08 08:18 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-03-10 11:18 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\HIMANK-EX0M4K3R\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:9A870F8B [110]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-11-20 19:55 - 2015-11-20 19:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-509749034-187825214-1460614161-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Wall Watcher.lnk"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "StageLightUpdate"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "KeyLemon Updater"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_712B05738B84AAAEDE3AACF614A26511"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-509749034-187825214-1460614161-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D6B28E41-879C-45A1-8E9E-1FE705DB5A3E}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B4C9275C-8955-429B-BEA1-4AA1EAF7C8EE}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1E258C44-2723-4D4C-8C6A-45C2E22412B8}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{767CE5EB-F07F-41E3-9EA7-B77A73DF26A6}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{7834D4AB-8DA3-408F-9138-D61BF23EAC14}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X\Droid4X.exe
FirewallRules: [TCP Query User{D5A4598D-F4DB-419A-A6A0-B6D3D8439DF0}C:\users\himank-ex0m4k3r\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\himank-ex0m4k3r\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{9BAC9E3A-3E42-4F58-872F-84DCD2FB7D4D}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{C02E55A2-7A3D-407A-B355-89BF970E1970}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [{E14B38C9-186D-4288-ACC5-8BEFC4223316}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2705400E-1003-4C3C-9959-C358B7285359}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{7E9758EC-5ED8-4BAA-8B27-9D76BE428655}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{389E57DE-DDC9-4408-9380-0101F255D2B4}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [UDP Query User{99032647-8ADA-4122-B660-6CC12C895EAC}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\counter-strike 1.6\hl.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{97E745DE-0598-4594-AB70-954C6CC9BE77}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\counter-strike 1.6\hl.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\counter-strike 1.6\hl.exe
FirewallRules: [{78AD69E0-715C-41FC-9740-1A5E613D34FE}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{78DF7056-A1EA-4038-B55C-5DD49A598F00}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [UDP Query User{305C9012-C62A-4C03-A12D-8504A9066031}C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe] => (Block) C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe
FirewallRules: [TCP Query User{7258348C-B8D7-4A2F-9A04-2CD02D214F71}C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe] => (Block) C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe
FirewallRules: [UDP Query User{BDE1DA3A-35EB-46F9-81F7-3C4FB671FCE2}C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe] => (Allow) C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe
FirewallRules: [TCP Query User{304E61D2-D679-416F-A304-6C02552F6EFF}C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe] => (Allow) C:\program files (x86)\hxvpn-hss\data\bin\hxvpn.exe
FirewallRules: [{052A07F6-80D2-4CAD-9A1B-6FFBA9E53B38}] => (Allow) C:\Program Files\Lenovo\Magic Transfer\MagicTransfer.exe
FirewallRules: [{6F789E21-AC34-48FF-BA1B-DF5D5B184A84}] => (Allow) C:\Program Files\Lenovo\Magic Transfer\MagicTransfer.exe
FirewallRules: [{305586A9-7E73-496A-91CD-440866326D85}] => (Allow) LPort=16990
FirewallRules: [{17A920C5-1E87-4592-9FA6-AF481F442E4C}] => (Allow) LPort=16990
FirewallRules: [UDP Query User{6D4763EC-A0F8-4A4F-AD75-71D0AFF9AF6C}C:\program files\lenovo\magic transfer\magictransfer.exe] => (Allow) C:\program files\lenovo\magic transfer\magictransfer.exe
FirewallRules: [TCP Query User{C4EA4F72-0519-4161-BD4E-71CFC08F8C4A}C:\program files\lenovo\magic transfer\magictransfer.exe] => (Allow) C:\program files\lenovo\magic transfer\magictransfer.exe
FirewallRules: [UDP Query User{31ABF0A7-5B76-4072-A386-789B4F2BB9DA}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\call of duty- modern warfare 3\iw5mp.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\call of duty- modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{078659EA-4A2B-4E05-BF1C-D91E07BCBFF7}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\call of duty- modern warfare 3\iw5mp.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\call of duty- modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{67B384EF-2AD6-4B79-A28C-BCDFBF40A159}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\outlast\binaries\win64\olgame.exe] => (Block) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{59A57B34-EACE-4A5B-8266-46C856921378}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\outlast\binaries\win64\olgame.exe] => (Block) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\outlast\binaries\win64\olgame.exe
FirewallRules: [{DC06F346-F3F2-47C4-88C5-BD24BCF59260}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A9AE77C2-DA2A-4A4E-8CB4-9E939C587788}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9D762D3-8836-4BA9-8FE6-09E29DA9823F}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{79B94137-0B28-4219-8F18-02869717DE9C}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\blur(tm)\blur.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\blur(tm)\blur.exe
FirewallRules: [TCP Query User{C3E737CE-9809-4EF6-9B55-00C6A1B1F31D}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\blur(tm)\blur.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\blur(tm)\blur.exe
FirewallRules: [{C8BACBB4-91A9-44EA-92CE-82254F0DD163}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\Blur(TM)\Blur.exe
FirewallRules: [{3E25986C-B70D-41F6-8A50-A7DF1371CE53}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\Blur(TM)\Blur.exe
FirewallRules: [UDP Query User{61A78A4A-6859-48B4-8DB2-F429F612AE94}C:\users\himank-ex0m4k3r\documents\unreal projects\fps1\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\himank-ex0m4k3r\documents\unreal projects\fps1\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [TCP Query User{3AD464AE-45E8-461C-8319-86FA1400104F}C:\users\himank-ex0m4k3r\documents\unreal projects\fps1\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Allow) C:\users\himank-ex0m4k3r\documents\unreal projects\fps1\saved\stagedbuilds\windowsnoeditor\engine\binaries\win64\ue4game.exe
FirewallRules: [UDP Query User{2203648B-F0DA-4770-BCDF-127739F091BA}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{EE6807E3-2997-451D-BFEE-9700517DE286}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [{F8A6D261-DA66-4DC4-98E4-A8B8C46FBEC3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F734CAB7-6960-4562-A9F4-BEBFF5CCF939}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6507E8B-4988-4656-BE30-BB30D65BE41C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A7F49876-E5EC-4998-8C8B-5114E7E48D39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A482B6B9-B552-4C5B-8EA0-A61534945B3E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{24584E7C-17EF-4D7A-821E-048088805163}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{4434E76D-93C2-4F73-A55C-AE34DB8C7F4A}] => (Allow) LPort=55100
FirewallRules: [{D209C634-A399-43AA-AD7E-2B54DAB9FE9D}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{01D89068-04AE-42B6-AC35-74A099E7B8B8}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B43D2953-DC97-47AA-8B6A-8B759DAB0E5D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{226DA357-072E-4166-B7D8-06A84F9D48D9}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{08FE96AF-2B94-4F23-8CA0-0F4B57F1E6A0}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{F3576ECB-57A1-499C-9610-C3060371E2F3}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{48B862D6-0798-4300-A85A-613F0D3459D9}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{901CB8CD-2582-4505-8686-40938927F622}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3529316A-BB9D-4670-80D6-E47B23F6FCC5}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{8CCF772C-BF37-4FA2-99F0-FC3CBDF8DAD2}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{7635C1E2-6FF7-4475-8F6C-016E9EF1EACD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FF68EFDF-EB00-4192-8DA2-AE7105A8F212}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FA93C560-181B-405E-A2AD-D6A0014828B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{086603E7-32D0-4FE9-B4C7-CDC3C335945E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{19CA095A-2696-4C9D-B8C4-B87C076A697B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{10C8D58E-EC4F-4C18-AA31-BE02BF41D085}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{533AFDF9-D770-4A27-BE44-B8671F134ED7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ED431F38-6A94-4D54-974D-390804DF40AC}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{525A24E1-FAB6-454F-9498-A7C2A64E0FF9}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{3E1D8051-076E-4F16-A90B-D0C0DF6CEE0A}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ADCBE0E3-EC1C-494B-A2B8-A97D8E31ED21}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9470B3F8-CFB2-4E50-B80C-DFCFF0E582F4}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E2A96248-DDDC-476A-81B5-112B3E9C6684}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EAC1EB6-6F79-419B-8474-EB052C7B69F1}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8616A47-834C-43EC-B447-B5E6E74BED35}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8C9D605-B667-43D1-8A60-2FEAB24DE05D}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{183DBB1B-2F45-4AD8-B0D0-DB9C7EF7E998}] => (Allow) C:\Users\HIMANK-EX0M4K3R\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AB34FD1B-8854-48BD-B06F-6F552D8F8978}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{9E4B9B1A-0CC8-4F30-9D5B-49E6ABFF55F8}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{70F1ACEE-67F9-45D7-82BC-8F5D33DDFA04}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1656FFA4-BC60-45FE-BE4E-95749E2B1601}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{B883EE30-037C-4470-B0AA-E4C17C0FC143}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{CBCED2CD-CAE1-46C0-8DB5-16567D4357A1}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Double Action\hl2.exe
FirewallRules: [{D8A6FAD4-3202-413F-A31B-788A4353CC7E}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{C6FC4ECD-055C-4D7B-8FA8-8069901026B0}] => (Allow) D:\Softwares\Adobe After Effects CC 2015 v13.5\Adobe After Effects CC 2015\packages\Games\SteamLibrary\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{5676EA6E-DFE9-4966-BB80-1DD6CC159856}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{DD5CF476-806C-4F46-8002-67F3C79C5813}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{5F1AA413-AE50-4529-88DF-1C358BCCE5DE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{63E38159-EDFC-495C-A4AE-A1559F0BFABC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{8EA3C93B-6C3C-4B9C-BB61-978475C95411}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\steamlibrary\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\steamlibrary\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{D02E75CE-B7A1-4B3D-AD76-C744AD1A37E7}D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\steamlibrary\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\softwares\adobe after effects cc 2015 v13.5\adobe after effects cc 2015\packages\games\steamlibrary\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [{A13D6F9C-37A8-4977-B511-E9A12DF941BB}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X\MultiMgr.exe
FirewallRules: [{1145F8A5-880A-41EF-8734-1AEB1E3E9513}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1E730A9B-83D4-4D4C-976F-54C4370552EF}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe
FirewallRules: [UDP Query User{4104EEAD-D329-4F29-B322-5AAD349F128B}C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2015\support files\afterfx.exe

==================== Restore Points =========================

13-03-2016 21:34:47 Scheduled Checkpoint
15-03-2016 14:51:32 Removed Realtek High Definition Audio Driver

==================== Faulty Device Manager Devices =============

Name: TAP-Win32 Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2016 06:10:09 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume D:\ are not active. 

Context: Windows Application

Details:
	The volume change journal is not active.  (HRESULT : 0x8007049b) (0x8007049b)

Error: (03/15/2016 07:49:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.10586.104, time stamp: 0x56aaffa0
Faulting module name: SHELL32.dll, version: 10.0.10586.122, time stamp: 0x56cbff3d
Exception code: 0xc000041d
Fault offset: 0x000000000008792b
Faulting process id: 0x1540
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (03/15/2016 07:48:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.10586.104, time stamp: 0x56aaffa0
Faulting module name: SHELL32.dll, version: 10.0.10586.122, time stamp: 0x56cbff3d
Exception code: 0xc0000005
Fault offset: 0x000000000008792b
Faulting process id: 0x1540
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (03/15/2016 03:25:55 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume D:\ are not active. 

Context: Windows Application

Details:
	The volume change journal is not active.  (HRESULT : 0x8007049b) (0x8007049b)

Error: (03/15/2016 03:15:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lenovo.Modern.ImController.exe, version: 1.0.72.0, time stamp: 0x56aaf765
Faulting module name: KERNELBASE.dll, version: 10.0.10586.162, time stamp: 0x56cd55ab
Exception code: 0xe0434352
Fault offset: 0x000bdad8
Faulting process id: 0x10f0
Faulting application start time: 0xLenovo.Modern.ImController.exe0
Faulting application path: Lenovo.Modern.ImController.exe1
Faulting module path: Lenovo.Modern.ImController.exe2
Report Id: Lenovo.Modern.ImController.exe3
Faulting package full name: Lenovo.Modern.ImController.exe4
Faulting package-relative application ID: Lenovo.Modern.ImController.exe5

Error: (03/15/2016 03:14:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Lenovo.Modern.ImController.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Lenovo.Modern.ImController.ImClient.Services.Umdf.DeviceDriverMissingException
   at Lenovo.Modern.ImController.ImClient.Services.Umdf.DeviceDriverAgent.LazyOpenDriver()
   at Lenovo.Modern.ImController.ImClient.Services.Umdf.DeviceDriverAgent.MakeIoControlCall(UInt32, IntPtr, UInt32, IntPtr, UInt32, UInt32 ByRef, IntPtr, System.Threading.CancellationToken)
   at Lenovo.Modern.ImController.ImClient.Services.Umdf.DeviceDriverAgent+<WaitForNextRequestAsync>d__1.MoveNext()

Exception Info: System.AggregateException
   at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean)
   at System.Threading.Tasks.Task`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].GetResultCore(Boolean)
   at System.Threading.Tasks.Task`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Result()
   at Lenovo.Modern.ImController.ImClient.Services.BrokerResponseAgent.WaitForRequestThread()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (03/15/2016 02:51:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/13/2016 09:34:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/13/2016 09:25:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/12/2016 01:05:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Droid4X.exe, version: 0.0.0.0, time stamp: 0x56af2fc1
Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f7ce6
Exception code: 0xc0000409
Fault offset: 0x000a7666
Faulting process id: 0x1188
Faulting application start time: 0xDroid4X.exe0
Faulting application path: Droid4X.exe1
Faulting module path: Droid4X.exe2
Report Id: Droid4X.exe3
Faulting package full name: Droid4X.exe4
Faulting package-relative application ID: Droid4X.exe5


System errors:
=============
Error: (03/16/2016 01:52:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CGVPNCliService service failed to start due to the following error: 
%%1053

Error: (03/16/2016 01:52:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the CGVPNCliService service to connect.

Error: (03/16/2016 01:52:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PGService service failed to start due to the following error: 
%%1053

Error: (03/16/2016 01:52:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PGService service to connect.

Error: (03/16/2016 01:52:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ImControllerService service failed to start due to the following error: 
%%1053

Error: (03/16/2016 01:52:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ImControllerService service to connect.

Error: (03/16/2016 01:49:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_3279d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/16/2016 01:49:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_3279d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/16/2016 01:49:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_3279d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/16/2016 01:49:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3279d service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-03-14 15:03:38.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-13 03:05:50.201
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 11:45:29.369
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 20:49:05.226
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 19:56:20.200
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 11:01:34.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-07 21:39:25.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 18:01:31.081
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-03 09:29:32.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-01 19:47:55.900
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 32%
Total physical RAM: 8104.27 MB
Available physical RAM: 5473.39 MB
Total Virtual: 8616.27 MB
Available Virtual: 5700.28 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:205.23 GB) (Free:32.57 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Himank) (Fixed) (Total:542.62 GB) (Free:106.15 GB) NTFS
Drive e: (AFX) (Fixed) (Total:166.32 GB) (Free:66.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3DAE7B7F)

Partition: GPT.

==================== End of Addition.txt ============================

i was not able to post all logs in one reply it said post_too_long :P
thankyou once again



#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 16 March 2016 - 07:18 AM

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

[attachment=178031:fixlist.txt]

2.

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
  • If no threats were found, click View detailed log.
    • Click Export and save the log as a .txt file on your Desktop or another location.
  • If the scan detected any threats, click Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes.
    • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
    • Check the box next to Scan Log. Choose the most current scan and click View.
    • Click Export and save the log as a .txt file on your Desktop or another location.
Providing the MalwareBytes' Anti-Malware log file
  • Attach the log file you just saved to your next reply for further review.
How is your computer running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 08:02 AM

here is the fixlog, my antivirus blocked something called hosts so FRST wasnt able to make changes their

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by HIMANK-EX0M4K3R (2016-03-16 18:16:51) Run:1
Running from C:\Users\HIMANK-EX0M4K3R\Desktop
Loaded Profiles: HIMANK-EX0M4K3R (Available Profiles: HIMANK-EX0M4K3R)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {108DEF4E-CCCA-4EC8-A6D1-17D15D494110} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {26DDFC61-4DFE-4547-9FF9-340119088ED9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3D360533-BF47-4858-851D-8E76C4D59E86} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-12-23] () <==== ATTENTION
Task: {4971AC15-B9C1-4D4D-B94B-93B677D116EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {584D8FDE-B937-418D-913F-37BE044E64BF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {589B0F24-76B2-4347-858D-047670D15DAA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6DF7B814-9370-478C-8469-94E98DD1D980} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {75FA33BD-391C-49A0-B395-A19587E876E1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8115CA22-CE55-44B9-94D6-848038EBC479} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {887FDB1A-EA7E-4E7E-85D7-4B1D2B6497A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AD2D33A7-1A19-4017-8377-89FB516B45C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:9A870F8B [110]
emptytemp:
hosts:
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{108DEF4E-CCCA-4EC8-A6D1-17D15D494110}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{108DEF4E-CCCA-4EC8-A6D1-17D15D494110}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26DDFC61-4DFE-4547-9FF9-340119088ED9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26DDFC61-4DFE-4547-9FF9-340119088ED9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D360533-BF47-4858-851D-8E76C4D59E86}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D360533-BF47-4858-851D-8E76C4D59E86}" => key removed successfully
C:\WINDOWS\System32\Tasks\Origin => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4971AC15-B9C1-4D4D-B94B-93B677D116EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4971AC15-B9C1-4D4D-B94B-93B677D116EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{584D8FDE-B937-418D-913F-37BE044E64BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{584D8FDE-B937-418D-913F-37BE044E64BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{589B0F24-76B2-4347-858D-047670D15DAA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{589B0F24-76B2-4347-858D-047670D15DAA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DF7B814-9370-478C-8469-94E98DD1D980}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DF7B814-9370-478C-8469-94E98DD1D980}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75FA33BD-391C-49A0-B395-A19587E876E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75FA33BD-391C-49A0-B395-A19587E876E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8115CA22-CE55-44B9-94D6-848038EBC479}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8115CA22-CE55-44B9-94D6-848038EBC479}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{887FDB1A-EA7E-4E7E-85D7-4B1D2B6497A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{887FDB1A-EA7E-4E7E-85D7-4B1D2B6497A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD2D33A7-1A19-4017-8377-89FB516B45C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD2D33A7-1A19-4017-8377-89FB516B45C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\Temp => ":9A870F8B" ADS removed successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.
BTATH_BUS => service removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater" => key removed successfully
EmptyTemp: => 316.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 18:17:30 ====

Edited by EX0M4K3R, 16 March 2016 - 08:03 AM.


#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 16 March 2016 - 08:20 AM

The MAlwarebytes Scan results?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 08:31 AM

yea scan just completed, here:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16-03-2016
Scan Time: 18:30
Logfile: mb.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.16.03
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: HIMANK-EX0M4K3R

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362631
Time Elapsed: 24 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 22
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\AchievementCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\AchievementCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CustomBoxartCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CustomBoxartCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\DownloadCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\EntitlementCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\EntitlementCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Battlefield 3, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Need for Speed(TM) Most Wanted, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Plants vs Zombies Garden Warfare, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Ultima 8, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\NonOriginContentCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\NonOriginContentCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\SelfUpdate, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Subscription, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Subscription\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Telemetry, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 

Files: 254
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\update.vbe, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\33e896417ee9c5a001f81d634ade5d2c.olc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\7749b8eeccc7009fb71cebe36246cb29.olc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\local.xml, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Origin_Activation.ini, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\production.wad, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\AchievementCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD\a.dat, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA225064100.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA231812900.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA234138200.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA234138300.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA234138400.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\DRQuarantinedA234138500.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000447.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000448.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000488.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000503.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000504.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000505.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000506.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000507.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000530.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000531.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000532.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000533.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000534.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000909.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000910.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000911.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001094.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001161.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001162.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001163.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001164.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0001165.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109552444.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109552449.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109552645.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA39471.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA41331.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA46851.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48215.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48573.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48574.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48575.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48576.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48577.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48578.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48579.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48641.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48642.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48643.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA48644.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541473.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109552153.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA49753.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000032.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000446.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA1000017.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541466.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541467.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541468.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541470.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541471.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541472.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000031.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA50400.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA50401.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA50500.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA50631.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51039.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51040.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51041.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51079.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51080.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51082.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51195.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA51196.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA52651.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA52690.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA55171.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA55172.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA55621.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA56985.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA58267.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA58268.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA60531.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA60868.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA62223.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA68186.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000033.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000034.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000035.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000036.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000037.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000038.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000039.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000182.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000355.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000359.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000360.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000363.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000364.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000366.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000392.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\Origin.OFR.50.0000440.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541474.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109541475.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109546437.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548103.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548104.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548106.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548130.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548131.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548132.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548133.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548134.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548145.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548147.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109548694.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550761.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550762.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550763.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550764.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550765.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109550823.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\CatalogCache\OFB-EASTQuarantinedA109551006.cdef, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\EntitlementCache\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD\sdkeEE2F52FC966485B2F5CD1054FE5BF95DBE36DD5B.dat, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_1CD311E2D75719510E49C4B5EF17F277_AE7E64BA5093FB5393A670A995254E5C.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_05F252FA4C91897E119F70578ED9C719_16570287AA171BC4A037D36AFB3DE453.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_05F252FA4C91897E119F70578ED9C719_BAEFEFB04D7F9A554C029FBA52A02BB8.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_15D8FAFFB7DEABBCCCC38364614C325E_AE7E64BA5093FB5393A670A995254E5C.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_15D8FAFFB7DEABBCCCC38364614C325E_C012CE3AB0120D01C75EDBB869AC463E.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_9B8267484885048980B5502ADF97338E_2C01D8EA2B0FA834597FCD96AAAE4F52.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX10_E027FBCA3541D343C0C9A941EC1B2A11_59EAFAE3A34B4925990A2E679CA91C5B.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_10020730E0E51555A58C20D361F233A9_16570287AA171BC4A037D36AFB3DE453.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_8E5C2B32EE4166A3084B133183A00F2A_59EAFAE3A34B4925990A2E679CA91C5B.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_BA534FF9E78CDD1D3643D721A240FF6F_16570287AA171BC4A037D36AFB3DE453.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_EBD19D0E20C113468631504BFE56FB3F_AE7E64BA5093FB5393A670A995254E5C.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX12_09FE77C1FC40781D07D70DF4B31731AA_16570287AA171BC4A037D36AFB3DE453.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX12_09FE77C1FC40781D07D70DF4B31731AA_BAEFEFB04D7F9A554C029FBA52A02BB8.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX12_4D11FEE45D614408FAD20BFEF23E9E91_AE7E64BA5093FB5393A670A995254E5C.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX12_4D11FEE45D614408FAD20BFEF23E9E91_C012CE3AB0120D01C75EDBB869AC463E.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX8_86F7D07FB783988F3641C5CE41A74052.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX9_6842BEE591A23720E628E475FD918AB1.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX9_9D8BC943F18912A09C5724F35691B765.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_50007CDB0F9801A7186F3E81D3377D12_16570287AA171BC4A037D36AFB3DE453.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_50007CDB0F9801A7186F3E81D3377D12_BAEFEFB04D7F9A554C029FBA52A02BB8.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_67D2296474FB0F3B858E1758FFA3AC79_2C01D8EA2B0FA834597FCD96AAAE4F52.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_6DFDAD2B0EA3385069276DF547F4CAC8_AE7E64BA5093FB5393A670A995254E5C.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\IGOCache\DX11_6DFDAD2B0EA3385069276DF547F4CAC8_C012CE3AB0120D01C75EDBB869AC463E.igo, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Battlefield 3\map.crc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Need for Speed(TM) Most Wanted\map.crc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Need for Speed(TM) Most Wanted\OFB-EAST46851.dat, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Need for Speed(TM) Most Wanted\OFB-EAST46851.mfst, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Need for Speed(TM) Most Wanted\OFB-EAST46851.pkg, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Plants vs Zombies Garden Warfare\map.crc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\LocalContent\Ultima 8\map.crc, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\71628-71530-71744-71726-71743-71725-71742-71724-1009368_ltdtrial_OnlineActivation_Log.html, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\Bootstrapper_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\Client_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\dserrors.data, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_11276_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_15656_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_4652_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_5052_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_548_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_6012_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_6492_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX9_6708_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_10060_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_1060_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_13804_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_16844_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_2644_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_2784_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_6548_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX10_7796_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_11632_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_17340_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_18244_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_208_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_11292_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_17576_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_6820_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_6876_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_7724_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_9468_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_9904_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.NFS13_11536.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.NFS13_2120.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.NFS13_6748.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.NFS13_7660.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_14000.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_4048_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_5352_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_6968_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_8356_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_9464_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_1776_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_3788_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_5248_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_6012_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_7744_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_7844_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_8360_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX11_868_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_10072_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_11080_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_15080_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_244_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_3292_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_5744_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_6352_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX10_2496_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy64_DX12_8064_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_5052_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_6112_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_4152.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_5236_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_5552_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX11_916_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_15368_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_16272_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_3588_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_5404_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_7316_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_7368_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_7548_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX12_7620_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_10048_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_10196_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_1112_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_2540_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_2552_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_2852_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_5240_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX8_6928_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_10832_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGOProxy_DX9_10892_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_548.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_5836.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_6976.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_6980.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_7020.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_7152.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\IGO_Log.Origin_8892.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\OriginClientService_InstallTool_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\OriginClientService_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Logs\UpdateTool_Log.txt, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Subscription\BC3B55DCB5C034CE39E58B12C0DDEC1B533AE4BD\s.dat, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Telemetry\data, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Telemetry\HWSWCache, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 
PUP.Optional.BitCoinMiner, C:\ProgramData\Origin\Telemetry\mh, Quarantined, [88ebc4c41a7f55e13c58df1b57ac0ff1], 

Physical Sectors: 0
(No malicious items detected)


(end)

Edited by EX0M4K3R, 16 March 2016 - 08:38 AM.


#9 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 08:32 AM

why is malware trying to delete my origin files they're just games not malware?

i think it was false positive result.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 16 March 2016 - 08:42 AM

 

why is malware trying to delete my origin files they're just games not malware?

i think it was false positive result.

Did you download this from a legit site? How is the computer running now/


Edited by fireman4it, 16 March 2016 - 08:43 AM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 09:47 AM

 

 

why is malware trying to delete my origin files they're just games not malware?

i think it was false positive result.

Did you download this from a legit site? How is the computer running now/

 

yea from the official site
i cant really tell right now because that virus comes after 1-2 days of removal



#12 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 09:52 AM

i also had to tell you about one thing there is this file ntoskrnl.exe call system and compressed memory, located at C:\Windows\System32 it is consuming too much disk sometimes it hangs my system
i want to know what is that process doing?



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 16 March 2016 - 12:42 PM

 

i also had to tell you about one thing there is this file ntoskrnl.exe call system and compressed memory, located at C:\Windows\System32 it is consuming too much disk sometimes it hangs my system
i want to know what is that process doing?

This is what it is:

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&uact=8&ved=0ahUKEwjzqsH13sXLAhWrvYMKHaMVCQUQFggkMAE&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FNtoskrnl&usg=AFQjCNEqM5owQH4WBE2mBI9OfQb6-Zdlew

 

Might want to have a read here also:

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=0ahUKEwjzqsH13sXLAhWrvYMKHaMVCQUQtwIILzAC&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DuXKc10v3Wok&usg=AFQjCNEo70OF0hvVsQEpsNRKm2nA8gGC-g

 

 

C:\windows\temp\svchost.exe is detected as TR/Coinminer.J

Are you still getting this? Notice the TR/Coinminer and what ORGIN was Detected as BItcoinminer.


Edited by fireman4it, 16 March 2016 - 12:43 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 EX0M4K3R

EX0M4K3R
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  

Posted 16 March 2016 - 01:08 PM

well currently it is not there but maybe it will come after a couple of restarts because alwayswhen i delete  it comes back after a couple of restarts.

i will wait till tomorrow and then i will confirm that the miner is returning or not.

 

i also wanted to ask that why i have to install a new software like MalwareByte, i always thought that antivirus protected computers from all types of threats including trojans,malwares,spywares,worms

or else you could suggest me some other antivirus which i should use  which will pack a punch

Currently i m using Antivir Avira



#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:05 AM

Posted 16 March 2016 - 01:20 PM

 

also wanted to ask that why i have to install a new software like MalwareByte, i always thought that antivirus protected computers from all types of threats including trojans,malwares,spywares,worms

or else you could suggest me some other antivirus which i should use  which will pack a punch

Currently i m using Antivir Avira

This is an excellent READ:

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users