Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I have trogan. virus?


  • This topic is locked This topic is locked
31 replies to this topic

#1 angaar

angaar

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 16 March 2016 - 04:55 PM

I am not sure what is going on with my PC. The first thing I noticed is strange sound effect after login on PC. The sound is something worthy of a Star Wars movie. (I have shut off "play windows sounds" thinking that would get rid of it but nope. i have no idea why my PC makes this sound on startup.

  Then I have noticed in my "volume mixer" there is a "name not available" were you can control the sound of your different programs running. Again I have no idea what that is.

 

   here is latest adwcleaner log file. (C:\WINDOWS\SysNative\Tasks\Updater) <--this keeps coming back. what ever it is.

 

 

   # AdwCleaner v5.102 - Logfile created 16/03/2016 at 17:32:20
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Dee - DEXTER
# Running from : C:\Users\Dee\Downloads\adwcleaner_5.102.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\WINDOWS\SysNative\Tasks\Updater

***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1355 bytes] - [14/03/2016 15:56:21]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [1210 bytes] - [14/03/2016 15:59:40]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C3].txt - [1582 bytes] - [16/03/2016 17:27:43]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1227 bytes] - [14/03/2016 15:55:13]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1021 bytes] - [14/03/2016 15:58:18]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S3].txt - [1209 bytes] - [16/03/2016 11:52:46]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S4].txt - [1302 bytes] - [16/03/2016 16:59:06]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S5].txt - [1395 bytes] - [16/03/2016 17:27:11]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S6].txt - [1389 bytes] - [16/03/2016 17:32:20]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S6].txt - [1482 bytes] ##########

 

20fb31d.jpg


Edited by angaar, 16 March 2016 - 05:18 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:46 AM

Posted 16 March 2016 - 08:32 PM

Greetings angaar and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. If FRST.exe is not on your Desktop please move it to that location. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 01:34 AM

Thank you for taking the time to look into this for me.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Dee (administrator) on DEXTER (17-03-2016 02:27:37)
Running from C:\Users\Dee\Desktop
Loaded Profiles: Dee (Available Profiles: User & Dee)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) C:\Program Files\HiPatchService.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774552 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\Run: [Google Update] => C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-06-24] (Google Inc.)
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\Run: [uTorrent] => C:\Users\Dee\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-03-06] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-02-29]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-04-17]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-12-31] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 64.140.114.21 64.140.114.22 64.140.114.23
Tcpip\..\Interfaces\{1e0a3af4-f1e2-4e53-a652-864cb390df8b}: [DhcpNameServer] 64.140.114.21 64.140.114.22 64.140.114.23
Tcpip\..\Interfaces\{91F5B1FA-1858-4342-A313-59A9E5ECB227}: [DhcpNameServer]  

Internet Explorer:
==================
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/?hl=en&gws_rd=ssl
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-08-23] (Eyeo GmbH)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2015-11-19] (Perfect World Entertainment Inc)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-08-23] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\tfca9pnf.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-03-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-03-09] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-11-19] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3311186725-2389629427-1582189158-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3311186725-2389629427-1582189158-1002: @talk.google.com/O1DPlugin -> C:\Users\Dee\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3311186725-2389629427-1582189158-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-3311186725-2389629427-1582189158-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dee\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dee\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Adblock Plus - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\tfca9pnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-11-19] (Perfect World Entertainment Inc)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1352736 2016-02-24] ()
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-26] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files\HiPatchService.exe [9728 2016-02-02] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3884464 2015-11-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-08-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-27] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-03-07] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 1999-12-31] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-17 02:27 - 2016-03-17 02:27 - 00017025 _____ C:\Users\Dee\Desktop\FRST.txt
2016-03-17 02:27 - 2016-03-17 02:27 - 00000000 ____D C:\FRST
2016-03-17 02:26 - 2016-03-17 02:26 - 02374144 _____ (Farbar) C:\Users\Dee\Desktop\FRST64.exe
2016-03-16 18:11 - 2016-03-16 18:11 - 00000000 ___HD C:\OneDriveTemp
2016-03-14 15:54 - 2016-03-16 17:32 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-14 15:54 - 2016-03-14 15:54 - 01527296 _____ C:\Users\Dee\Downloads\adwcleaner_5.102.exe
2016-03-12 23:10 - 2016-03-12 23:10 - 00000000 ____D C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2016-03-12 00:05 - 2016-03-12 00:05 - 00000222 _____ C:\Users\Dee\Desktop\Heroes & Generals.url
2016-03-11 23:59 - 2016-03-11 23:59 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-03-11 23:50 - 2016-03-11 23:50 - 00000000 ____D C:\Users\Dee\Documents\Diablo II
2016-03-11 00:06 - 2016-03-11 00:06 - 00000219 _____ C:\Users\Dee\Desktop\Counter-Strike Global Offensive.url
2016-03-10 11:29 - 2016-03-10 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-10 11:29 - 2016-03-10 11:29 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-10 11:29 - 2016-03-08 02:05 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-10 11:29 - 2016-02-13 21:47 - 00125720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-10 11:29 - 2016-02-13 21:46 - 00126232 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-03-10 11:29 - 2016-02-13 21:45 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-03-10 11:29 - 2016-02-13 21:45 - 00042264 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-10 11:28 - 2016-03-08 06:27 - 42968120 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 37609528 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 22971960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 21322480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 20863920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 18906048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 17732960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 17368424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 17325400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 17320280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 10547128 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 08657936 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 02613696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 02257344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436451.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436451.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00955328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00885184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00784640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00750016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00692160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00678704 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00571912 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00545632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00346560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-10 11:28 - 2016-03-08 06:27 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-03-10 11:28 - 2016-03-08 06:27 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-03-09 20:46 - 2016-03-09 20:46 - 00000222 _____ C:\Users\Dee\Desktop\Robocraft.url
2016-03-09 10:51 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 10:51 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 10:51 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 10:51 - 2016-02-24 05:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 10:51 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 10:51 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 10:51 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 10:51 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 10:51 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 10:51 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 10:51 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 10:51 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 10:51 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 10:51 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 10:51 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 10:51 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 10:51 - 2016-02-24 04:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 10:51 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 10:51 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 10:51 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 10:51 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 10:51 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 10:51 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 10:51 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 10:51 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 10:51 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 10:51 - 2016-02-24 04:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 10:51 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 10:51 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 10:51 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 10:51 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 10:51 - 2016-02-24 03:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 10:51 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 10:51 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 10:51 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 10:51 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 10:51 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 10:51 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 10:51 - 2016-02-24 03:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 10:51 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 10:51 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 10:51 - 2016-02-24 03:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 10:51 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 10:51 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 10:51 - 2016-02-24 03:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 10:51 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 10:51 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 10:51 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 10:51 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 10:51 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 10:51 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 10:51 - 2016-02-24 03:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 10:51 - 2016-02-24 03:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 10:51 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 10:51 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 10:51 - 2016-02-24 03:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 10:51 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 10:51 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 10:51 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 10:51 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 10:51 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 10:51 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 10:51 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 10:51 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 10:51 - 2016-02-24 03:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 10:51 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 10:51 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 10:51 - 2016-02-24 03:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 10:51 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 10:51 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 10:51 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 10:51 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 10:51 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 10:51 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 10:51 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 10:51 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 10:51 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 10:51 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 10:51 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 10:51 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 10:51 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 10:51 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 10:51 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 10:51 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 10:51 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 10:51 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 10:51 - 2016-02-24 02:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 10:51 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 10:51 - 2016-02-24 02:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 10:51 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 10:51 - 2016-02-24 02:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 10:51 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 10:51 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 10:51 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 10:51 - 2016-02-24 02:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 10:51 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 10:51 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 10:51 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 10:51 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 10:51 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 10:51 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 10:51 - 2016-02-24 02:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 10:51 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 10:51 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 10:51 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 10:51 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 10:51 - 2016-02-24 02:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 10:51 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 10:51 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 10:51 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 10:51 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 10:51 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 10:51 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 10:51 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 10:51 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 10:51 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 10:51 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 10:51 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 10:51 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 10:51 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 10:51 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 10:51 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 10:51 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 10:51 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 10:51 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 10:51 - 2016-02-24 02:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 10:51 - 2016-02-24 02:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 10:51 - 2016-02-24 02:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 10:51 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 10:51 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 10:51 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 10:51 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 10:51 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 10:51 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 10:51 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 10:51 - 2016-02-24 02:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 10:51 - 2016-02-24 02:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 10:51 - 2016-02-24 02:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 10:51 - 2016-02-24 01:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 10:51 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 10:51 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 10:51 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 10:51 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 10:51 - 2016-02-24 01:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 10:51 - 2016-02-24 01:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 10:51 - 2016-02-24 01:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 10:51 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 10:51 - 2016-02-24 01:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 10:51 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 10:51 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 10:51 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 10:51 - 2016-02-24 00:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 10:51 - 2016-02-24 00:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-08 18:08 - 2016-03-08 18:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-08 14:31 - 2016-03-08 14:37 - 00000000 ____D C:\Users\Dee\AppData\LocalLow\uTorrent
2016-03-07 02:13 - 2016-02-23 19:57 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436200.dll
2016-03-07 02:13 - 2016-02-23 19:57 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436200.dll
2016-03-06 17:37 - 2016-03-06 17:37 - 00000000 ____D C:\Users\Dee\AppData\Local\NetworkTiles
2016-03-06 17:25 - 2016-03-06 14:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-06 17:24 - 2016-03-06 17:24 - 00000000 ____D C:\Windows.old
2016-03-06 17:23 - 2016-03-06 17:23 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-03-06 17:23 - 2016-03-06 17:23 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-03-06 17:23 - 2016-03-06 17:23 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-06 17:23 - 2016-03-06 17:23 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-06 17:23 - 2016-03-06 17:23 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-06 17:23 - 2016-03-06 17:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-06 17:23 - 2016-03-06 17:23 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-06 17:23 - 2016-03-06 17:23 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-06 17:23 - 2016-03-06 17:23 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-06 17:23 - 2016-03-06 17:23 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-06 17:23 - 2016-03-06 17:23 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-03-06 17:23 - 2016-03-06 17:23 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-03-06 17:23 - 2016-03-06 17:23 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-03-06 17:23 - 2016-03-06 17:23 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-03-06 17:23 - 2016-03-06 17:23 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-03-06 17:23 - 2016-03-06 17:23 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-06 17:23 - 2016-03-06 17:23 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-03-06 17:21 - 2016-03-06 17:21 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-06 17:20 - 2016-03-06 17:20 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-06 17:20 - 2016-03-06 17:20 - 00000000 ____D C:\Program Files\MSBuild
2016-03-06 17:20 - 2016-03-06 17:20 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-06 17:20 - 2016-03-06 17:20 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-06 17:20 - 2015-10-23 21:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-03-06 17:20 - 2015-10-23 21:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 17:20 - 2015-10-23 21:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-03-06 17:20 - 2015-10-23 21:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-03-06 17:20 - 2015-10-23 21:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-03-06 17:20 - 2015-10-23 21:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 15:01 - 2016-03-11 23:21 - 00295160 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-03-06 14:37 - 2016-03-11 14:55 - 00002397 _____ C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-06 14:37 - 2016-03-06 14:37 - 00000000 ____D C:\Users\Dee\AppData\Local\ActiveSync
2016-03-06 14:37 - 2016-03-06 14:37 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-03-06 14:36 - 2016-03-16 17:35 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-06 14:35 - 2016-03-06 14:35 - 00000020 ___SH C:\Users\Dee\ntuser.ini
2016-03-06 14:35 - 2016-03-06 14:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-06 14:35 - 2016-03-06 14:35 - 00000000 ____D C:\Users\Dee\AppData\Local\TileDataLayer
2016-03-06 14:35 - 2016-03-06 14:35 - 00000000 ____D C:\Users\Dee\AppData\Local\Publishers
2016-03-06 14:35 - 2016-03-06 14:35 - 00000000 ____D C:\Users\Dee\AppData\Local\Comms
2016-03-06 14:32 - 2016-03-06 14:32 - 00000000 ____D C:\ProgramData\USOShared
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default\My Documents
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-03-06 14:31 - 2016-03-06 14:31 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-03-06 14:30 - 2016-03-16 17:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-06 14:30 - 2016-03-06 14:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-03-06 14:29 - 2016-03-06 14:29 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-03-06 14:29 - 2016-03-06 14:29 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-03-06 14:28 - 2016-03-06 14:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-06 14:28 - 2016-03-06 14:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-03-06 14:28 - 2015-10-30 03:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-03-06 14:27 - 2016-03-17 01:02 - 00000000 ____D C:\Users\Dee
2016-03-06 14:27 - 2016-03-16 17:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-06 14:27 - 2016-03-10 11:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-06 14:27 - 2016-03-08 02:42 - 06371384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-03-06 14:27 - 2016-03-08 02:42 - 02992576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-03-06 14:27 - 2016-03-08 02:42 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-03-06 14:27 - 2016-03-08 02:42 - 01264064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-03-06 14:27 - 2016-03-08 02:42 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-03-06 14:27 - 2016-03-08 02:42 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-03-06 14:27 - 2016-03-07 02:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-06 14:27 - 2016-03-07 00:22 - 06203411 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-03-06 14:27 - 2016-03-06 14:29 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2016-03-06 14:27 - 2016-03-06 14:28 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2016-03-06 14:27 - 2016-03-06 14:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\User\My Documents
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\User\Documents\My Videos
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\User\Documents\My Pictures
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\User\Documents\My Music
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\Dee\My Documents
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\Dee\Documents\My Videos
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\Dee\Documents\My Pictures
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 _SHDL C:\Users\Dee\Documents\My Music
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2016-03-06 14:27 - 2016-03-06 14:27 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-03-06 14:26 - 2016-03-16 17:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-06 14:26 - 2016-03-06 14:28 - 00000000 ____D C:\Program Files\Intel
2016-03-06 14:26 - 2016-03-06 14:26 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-06 14:26 - 2016-03-06 14:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-03-06 14:26 - 2016-03-06 14:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-03-06 14:26 - 2016-03-06 14:26 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-06 14:26 - 2016-03-06 14:26 - 00000000 ____D C:\Program Files\Synaptics
2016-03-06 14:26 - 2016-03-06 14:26 - 00000000 ____D C:\Program Files\Realtek
2016-03-06 14:26 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-03-06 14:26 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-03-06 14:25 - 2016-03-11 10:16 - 00206624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-06 14:16 - 2016-03-06 14:31 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2016-03-06 14:16 - 2016-03-06 14:31 - 00013338 _____ C:\WINDOWS\diagerr.xml
2016-03-06 11:43 - 2016-03-06 12:01 - 2033816095 _____ C:\Users\Dee\Downloads\UFC.196.McGregor.vs.Diaz.PPV.WEBRip.x264-jkkk(musicbolt.com).mp4
2016-03-06 11:41 - 2016-03-06 11:41 - 00000893 _____ C:\Users\Dee\Desktop\µTorrent.lnk
2016-03-06 11:39 - 2016-03-08 14:37 - 00000000 ____D C:\Users\Dee\AppData\Roaming\uTorrent
2016-03-06 11:39 - 2016-03-06 11:39 - 02094080 _____ (BitTorrent Inc.) C:\Users\Dee\Downloads\uTorrent.exe
2016-03-01 17:41 - 2016-02-23 19:58 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-03-01 17:41 - 2016-02-23 19:58 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-03-01 17:41 - 2016-02-23 19:58 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-02-29 21:20 - 2016-02-29 21:44 - 00000000 ____D C:\Users\Dee\Downloads\Soul.Axiom-CODEX
2016-02-29 19:53 - 2016-03-09 01:50 - 00000000 ____D C:\Program Files\hireztemp
2016-02-29 19:53 - 2016-03-06 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-02-29 19:53 - 2016-02-29 20:01 - 00000000 ____D C:\Program Files\HiRezGames
2016-02-29 19:53 - 2016-02-29 19:53 - 00001631 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2016-02-29 19:53 - 2016-02-29 19:53 - 00001624 _____ C:\Users\Public\Desktop\Paladins.lnk
2016-02-29 19:53 - 2016-02-29 19:53 - 00000096 _____ C:\Program Files\HiPatchService.config
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\Program Files\Skins
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\Program Files\platforms
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\Program Files\locales
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\Program Files\imageformats
2016-02-29 19:53 - 2016-02-29 19:53 - 00000000 ____D C:\Program Files\audio
2016-02-29 19:53 - 2016-02-02 11:52 - 02422216 _____ () C:\Program Files\HirezLauncherUI.exe
2016-02-29 19:53 - 2016-02-02 11:52 - 00674760 _____ (Microsoft) C:\Program Files\PatcherEngine.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 00653256 _____ (Hewlett-Packard Company) C:\Program Files\HiRezGamesDiagAndSupport.exe
2016-02-29 19:53 - 2016-02-02 11:52 - 00086472 _____ (Microsoft) C:\Program Files\PatcherMisc.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 00067072 _____ (Microsoft) C:\Program Files\HiManagedPatchClient.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 00072704 _____ C:\Program Files\HiManagedBridge.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 00034304 _____ (Microsoft) C:\Program Files\HiPatchSelfUpdateWindow.exe
2016-02-29 19:53 - 2016-02-02 11:49 - 00032768 _____ (Microsoft) C:\Program Files\PatcherData.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 00013824 _____ (Microsoft) C:\Program Files\HiPatchInstHelper.exe
2016-02-29 19:53 - 2016-02-02 11:49 - 00009728 _____ (Hi-Rez Studios) C:\Program Files\HiPatchService.exe
2016-02-29 19:53 - 2016-02-02 11:49 - 00008192 _____ C:\Program Files\VideoCardCompatibility.exe
2016-02-29 19:53 - 2015-10-14 14:50 - 00100352 _____ (Hi-Rez Studios Inc.) C:\Program Files\HirezUtils.dll
2016-02-29 19:53 - 2015-10-14 14:50 - 00023040 _____ (Microsoft) C:\Program Files\ReduxDecompress.exe
2016-02-29 19:53 - 2015-10-14 14:50 - 00020480 _____ (Microsoft) C:\Program Files\HiRezLauncherControls.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 01359872 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\libeay32.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 00355328 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\ssleay32.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 00235352 _____ (Pocket Soft, Inc.) C:\Program Files\expapply64.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 00201560 _____ (Pocket Soft, Inc.) C:\Program Files\expapply.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 00200704 _____ (ICSharpCode.net) C:\Program Files\ICSharpCode.SharpZipLib.dll
2016-02-29 19:53 - 2015-05-18 21:36 - 04088320 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Core.dll
2016-02-29 19:53 - 2015-02-17 06:56 - 00199168 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebKitWidgets.dll
2016-02-29 19:53 - 2015-02-17 06:48 - 17519616 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebKit.dll
2016-02-29 19:53 - 2015-02-17 02:54 - 00157184 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Positioning.dll
2016-02-29 19:53 - 2015-02-17 02:53 - 00230912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WinExtras.dll
2016-02-29 19:53 - 2015-02-17 02:49 - 00075264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebChannel.dll
2016-02-29 19:53 - 2015-02-17 02:48 - 00088576 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5MultimediaWidgets.dll
2016-02-29 19:53 - 2015-02-17 02:46 - 00537088 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Multimedia.dll
2016-02-29 19:53 - 2015-02-17 02:45 - 00145920 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Sensors.dll
2016-02-29 19:53 - 2015-02-17 02:35 - 02393088 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Quick.dll
2016-02-29 19:53 - 2015-02-17 02:30 - 02600960 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Qml.dll
2016-02-29 19:53 - 2015-02-17 02:23 - 00250880 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Svg.dll
2016-02-29 19:53 - 2015-02-17 02:20 - 00271872 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5OpenGL.dll
2016-02-29 19:53 - 2015-02-17 02:20 - 00264192 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5PrintSupport.dll
2016-02-29 19:53 - 2015-02-17 02:17 - 04468736 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Widgets.dll
2016-02-29 19:53 - 2015-02-17 02:13 - 04604416 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Gui.dll
2016-02-29 19:53 - 2015-02-17 02:10 - 00839680 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Network.dll
2016-02-29 19:53 - 2015-02-17 02:10 - 00151552 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Sql.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 21529088 _____ (The ICU Project) C:\Program Files\icudt53.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 01961472 _____ (The ICU Project) C:\Program Files\icuin53.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 01316352 _____ (The ICU Project) C:\Program Files\icuuc53.dll
2016-02-29 11:00 - 2016-02-29 11:00 - 00000000 ____D C:\ProgramData\Nefarius Software Solutions
2016-02-29 01:34 - 2016-03-06 14:30 - 00002966 _____ C:\WINDOWS\System32\Tasks\updater
2016-02-29 01:34 - 2016-03-06 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
2016-02-29 01:34 - 2016-02-29 01:34 - 00001239 _____ C:\Users\Public\Desktop\ScpToolkit Driver Installer.lnk
2016-02-29 01:34 - 2016-02-29 01:34 - 00001204 _____ C:\Users\Public\Desktop\ScpToolkit Settings Manager.lnk
2016-02-29 01:34 - 2016-02-29 01:34 - 00001199 _____ C:\Users\Public\Desktop\ScpToolkit Updater.lnk
2016-02-29 01:34 - 2016-02-29 01:34 - 00001199 _____ C:\Users\Public\Desktop\ScpToolkit Monitor (legacy).lnk
2016-02-28 18:31 - 2016-02-28 18:31 - 00000000 ____D C:\Users\Dee\Documents\H&R Block
2016-02-28 18:04 - 2016-03-06 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block
2016-02-28 18:04 - 2016-02-28 18:31 - 00000000 ____D C:\Users\Dee\AppData\Local\hrb
2016-02-28 18:04 - 2016-02-28 18:07 - 00000000 ____D C:\Users\Dee\AppData\Local\hrblock2015
2016-02-28 18:04 - 2016-02-28 18:04 - 00001178 _____ C:\Users\Public\Desktop\H&R Block 2015 1.5.lnk
2016-02-28 18:04 - 2016-02-28 18:04 - 00000000 ____D C:\Program Files (x86)\H&R Block
2016-02-22 22:55 - 2016-02-22 22:55 - 00000000 ____D C:\Users\Dee\AppData\Local\Macromedia
2016-02-22 22:53 - 2016-03-09 00:53 - 00000000 ____D C:\Users\Dee\AppData\Local\Adobe
2016-02-22 22:41 - 2016-02-22 22:47 - 00000000 ____D C:\Users\Dee\AppData\Local\Mozilla
2016-02-22 22:41 - 2016-02-22 22:41 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-22 22:41 - 2016-02-22 22:41 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-22 22:41 - 2016-02-22 22:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-22 22:41 - 2016-02-22 22:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-22 19:03 - 2016-02-22 19:03 - 00000000 ____D C:\Users\Dee\AppData\LocalLow\Adblock Plus for IE
2016-02-22 19:03 - 2016-02-22 19:03 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-02-22 15:23 - 2016-02-22 15:23 - 00000000 ____D C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz]
2016-02-22 15:22 - 2016-02-22 15:22 - 06806144 _____ C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz].zip
2016-02-22 12:54 - 2016-03-07 09:27 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusbK.dll
2016-02-22 12:54 - 2016-03-07 09:27 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusbK.dll
2016-02-22 12:54 - 2016-03-07 09:27 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
2016-02-22 12:54 - 2016-03-07 09:27 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
2016-02-22 12:54 - 2016-03-07 09:27 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusbK.sys
2016-02-22 12:54 - 2016-03-07 09:27 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-02-22 12:52 - 2016-02-22 12:52 - 00000000 ____D C:\Users\Dee\AppData\Roaming\Nefarius Software Solutions
2016-02-22 12:52 - 2016-02-22 12:52 - 00000000 ____D C:\Program Files\Nefarius Software Solutions
2016-02-20 18:15 - 2016-02-20 18:30 - 00000000 ____D C:\Users\Dee\Downloads\Deadpool 2016 NEW HD-TELESYNC V2 x264-CPG
2016-02-16 19:25 - 2016-02-16 19:25 - 00000000 ____D C:\Users\Dee\AppData\LocalLow\Bloober Team
2016-02-16 18:43 - 2016-02-16 18:53 - 00000000 ____D C:\Users\Dee\Downloads\Layers.of.Fear 2016-RELOADED
2016-02-16 10:12 - 2016-02-09 04:39 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-16 10:12 - 2016-02-09 04:39 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-17 02:02 - 2015-06-24 14:59 - 00000000 ____D C:\Users\Dee\AppData\Roaming\Skype
2016-03-17 01:57 - 2015-07-13 11:59 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA.job
2016-03-17 01:57 - 2015-07-13 11:59 - 00000862 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job
2016-03-17 01:32 - 2015-06-24 16:26 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-17 01:05 - 2015-10-20 15:42 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-17 01:05 - 2015-07-28 21:02 - 00000000 ____D C:\Users\Dee\AppData\LocalLow\Heroes and Generals
2016-03-16 23:36 - 2015-06-24 14:53 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE5A38E6-E8A3-4C3A-9219-DCB56CD7E17A}
2016-03-16 18:45 - 2015-07-01 15:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-16 18:11 - 2015-06-24 14:50 - 00000000 __RDO C:\Users\Dee\OneDrive
2016-03-16 17:35 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-16 17:28 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-16 17:28 - 2015-06-24 16:26 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-16 17:28 - 2015-06-24 14:48 - 00000000 __SHD C:\Users\Dee\IntelGraphicsProfiles
2016-03-16 13:09 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-16 11:00 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-14 15:14 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-13 16:35 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\System
2016-03-13 13:31 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-12 23:10 - 2016-02-12 21:38 - 00002041 _____ C:\Users\Dee\Desktop\Drakensang Online.lnk
2016-03-12 23:10 - 2016-02-12 21:38 - 00000000 ____D C:\Program Files (x86)\Drakensang Online
2016-03-11 23:59 - 2015-07-19 18:30 - 00000000 ____D C:\ProgramData\Origin
2016-03-11 23:56 - 2015-11-25 21:11 - 00000000 ____D C:\Program Files (x86)\Diablo II
2016-03-11 23:54 - 2015-11-25 21:11 - 00001097 _____ C:\Users\Public\Desktop\Diablo II.lnk
2016-03-11 23:50 - 2015-06-24 15:06 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-03-11 02:02 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 02:02 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 02:02 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 02:02 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 15:59 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-10 14:53 - 2015-06-25 03:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-10 14:52 - 2015-06-25 03:32 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-10 11:29 - 2015-04-17 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-09 23:19 - 2015-08-29 01:31 - 12653504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-03-09 22:32 - 2015-06-24 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-09 20:45 - 2015-10-09 22:21 - 00000000 ____D C:\Games
2016-03-09 01:48 - 2015-06-24 19:43 - 00000000 ____D C:\Users\Dee\Documents\My Games
2016-03-09 01:13 - 2015-06-24 15:06 - 00000000 ____D C:\Users\Dee\AppData\Local\Battle.net
2016-03-09 01:13 - 2015-06-24 15:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-08 14:32 - 2015-06-24 14:48 - 00000000 ____D C:\Users\Dee\AppData\Local\Packages
2016-03-08 06:27 - 2015-08-29 01:31 - 20061152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-03-08 06:27 - 2015-08-29 01:31 - 14226864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-08 06:27 - 2015-08-29 01:31 - 03681672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-03-08 06:27 - 2015-08-29 01:31 - 03259176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-03-08 06:27 - 2015-08-07 09:10 - 00037702 _____ C:\WINDOWS\system32\nvinfo.pb
2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 02:42 - 2015-12-22 12:32 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-03-08 02:42 - 2015-12-22 12:32 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-03-07 17:08 - 2015-06-24 14:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-07 09:30 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-03-06 17:25 - 2015-10-30 03:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-06 17:24 - 2015-10-30 05:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-03-06 17:24 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-06 17:24 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-06 17:24 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-06 14:52 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-03-06 14:35 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-06 14:35 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-03-06 14:35 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-03-06 14:35 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-03-06 14:32 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-03-06 14:31 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-06 14:31 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Registration
2016-03-06 14:31 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-06 14:30 - 2015-10-30 03:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-06 14:30 - 2015-10-10 16:17 - 00002256 _____ C:\WINDOWS\System32\Tasks\IntelMemoryDiagnostic
2016-03-06 14:30 - 2015-07-18 00:21 - 00002012 _____ C:\WINDOWS\System32\Tasks\shut down
2016-03-06 14:30 - 2015-07-15 01:05 - 00002010 _____ C:\WINDOWS\System32\Tasks\pc shut down at night
2016-03-06 14:30 - 2015-07-13 11:59 - 00003362 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA
2016-03-06 14:30 - 2015-07-13 11:59 - 00003090 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core
2016-03-06 14:30 - 2015-06-24 16:26 - 00003288 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-06 14:30 - 2015-06-24 16:26 - 00003060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-06 14:30 - 2015-06-24 14:53 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3311186725-2389629427-1582189158-1002
2016-03-06 14:30 - 2015-04-17 20:51 - 00003060 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E7D86410-B9DC-4370-AEF2-46AC5231A2C7}
2016-03-06 14:30 - 2015-04-17 20:31 - 00002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3311186725-2389629427-1582189158-1001
2016-03-06 14:29 - 2015-11-25 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-06 14:29 - 2015-11-25 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-03-06 14:29 - 2015-10-20 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-06 14:29 - 2015-10-14 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-06 14:29 - 2015-08-26 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-03-06 14:29 - 2015-06-24 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-03-06 14:29 - 2015-06-24 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-03-06 14:29 - 2015-04-17 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-06 14:29 - 2015-04-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-03-06 14:29 - 2015-04-17 20:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-03-06 14:29 - 2013-08-22 09:36 - 00000000 ____D C:\Users\Default.migrated
2016-03-06 14:28 - 2016-01-11 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-03-06 14:28 - 2015-12-15 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-06 14:28 - 2015-11-19 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-03-06 14:28 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-06 14:28 - 2015-10-09 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-06 14:28 - 2015-04-17 20:26 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2016-03-06 14:28 - 2013-08-22 11:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-06 14:28 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-03-06 14:28 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-03-06 14:28 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-03-06 14:28 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-03-06 14:27 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Help
2016-03-06 14:27 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-06 14:25 - 2015-10-30 05:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-06 14:16 - 2015-10-30 05:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-06 12:10 - 2015-07-16 05:16 - 00048640 ___SH C:\Users\Dee\Downloads\Thumbs.db
2016-03-02 13:23 - 2015-10-19 10:34 - 00001798 _____ C:\Users\Dee\Desktop\ips.txt
2016-02-29 19:53 - 2015-04-17 20:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-28 18:04 - 2015-08-29 09:52 - 00000000 ____D C:\Users\Dee\.oracle_jre_usage
2016-02-26 17:33 - 2016-01-14 17:55 - 00000000 ____D C:\Users\Dee\AppData\Local\CrashDumps
2016-02-24 16:40 - 2016-01-11 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-02-24 16:40 - 2016-01-11 00:20 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2016-02-24 16:36 - 2016-01-19 23:25 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2016-02-22 22:41 - 2015-12-16 18:52 - 00000000 ____D C:\Users\Dee\AppData\Roaming\Mozilla
2016-02-22 19:07 - 2015-06-24 16:26 - 00000000 ____D C:\Users\Dee\AppData\Local\Google
2016-02-22 19:07 - 2015-06-24 16:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-22 18:59 - 2015-07-31 05:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-22 17:27 - 2015-06-24 14:48 - 00000000 ____D C:\Users\Dee\AppData\Local\NVIDIA
2016-02-22 15:31 - 2015-08-26 11:12 - 00000000 ____D C:\Users\Dee\AppData\Roaming\TS3Client
2016-02-20 13:27 - 2015-11-15 17:31 - 00000566 _____ C:\Users\Dee\Desktop\Email.txt
2016-02-17 02:40 - 2015-12-01 23:55 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-02-17 02:40 - 2015-04-17 20:43 - 01903344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-02-17 02:40 - 2015-04-17 20:43 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-02-17 02:40 - 2015-04-17 20:43 - 01571624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-02-17 02:40 - 2015-04-17 20:43 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

==================== Files in the root of some directories =======

2016-02-29 19:53 - 2015-08-04 13:50 - 0201560 _____ (Pocket Soft, Inc.) C:\Program Files\expapply.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 0235352 _____ (Pocket Soft, Inc.) C:\Program Files\expapply64.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 0072704 _____ () C:\Program Files\HiManagedBridge.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 0067072 _____ (Microsoft) C:\Program Files\HiManagedPatchClient.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 0013824 _____ (Microsoft) C:\Program Files\HiPatchInstHelper.exe
2016-02-29 19:53 - 2016-02-02 11:49 - 0034304 _____ (Microsoft) C:\Program Files\HiPatchSelfUpdateWindow.exe
2016-02-29 19:53 - 2016-02-29 19:53 - 0000096 _____ () C:\Program Files\HiPatchService.config
2016-02-29 19:53 - 2016-02-02 11:49 - 0009728 _____ (Hi-Rez Studios) C:\Program Files\HiPatchService.exe
2016-02-29 19:53 - 2016-02-02 11:52 - 0653256 _____ (Hewlett-Packard Company) C:\Program Files\HiRezGamesDiagAndSupport.exe
2016-02-29 19:53 - 2015-10-14 14:50 - 0020480 _____ (Microsoft) C:\Program Files\HiRezLauncherControls.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 2422216 _____ () C:\Program Files\HirezLauncherUI.exe
2016-02-29 19:53 - 2015-10-14 14:50 - 0100352 _____ (Hi-Rez Studios Inc.) C:\Program Files\HirezUtils.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 0200704 _____ (ICSharpCode.net) C:\Program Files\ICSharpCode.SharpZipLib.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 21529088 _____ (The ICU Project) C:\Program Files\icudt53.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 1961472 _____ (The ICU Project) C:\Program Files\icuin53.dll
2016-02-29 19:53 - 2014-09-03 04:13 - 1316352 _____ (The ICU Project) C:\Program Files\icuuc53.dll
2016-02-29 19:53 - 2015-08-04 13:50 - 1359872 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\libeay32.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 0032768 _____ (Microsoft) C:\Program Files\PatcherData.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 0674760 _____ (Microsoft) C:\Program Files\PatcherEngine.dll
2016-02-29 19:53 - 2016-02-02 11:52 - 0086472 _____ (Microsoft) C:\Program Files\PatcherMisc.dll
2016-02-29 19:53 - 2015-05-18 21:36 - 4088320 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Core.dll
2016-02-29 19:53 - 2015-02-17 02:13 - 4604416 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Gui.dll
2016-02-29 19:53 - 2015-02-17 02:46 - 0537088 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Multimedia.dll
2016-02-29 19:53 - 2015-02-17 02:48 - 0088576 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5MultimediaWidgets.dll
2016-02-29 19:53 - 2015-02-17 02:10 - 0839680 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Network.dll
2016-02-29 19:53 - 2015-02-17 02:20 - 0271872 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5OpenGL.dll
2016-02-29 19:53 - 2015-02-17 02:54 - 0157184 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Positioning.dll
2016-02-29 19:53 - 2015-02-17 02:20 - 0264192 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5PrintSupport.dll
2016-02-29 19:53 - 2015-02-17 02:30 - 2600960 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Qml.dll
2016-02-29 19:53 - 2015-02-17 02:35 - 2393088 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Quick.dll
2016-02-29 19:53 - 2015-02-17 02:45 - 0145920 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Sensors.dll
2016-02-29 19:53 - 2015-02-17 02:10 - 0151552 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Sql.dll
2016-02-29 19:53 - 2015-02-17 02:23 - 0250880 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Svg.dll
2016-02-29 19:53 - 2015-02-17 02:49 - 0075264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebChannel.dll
2016-02-29 19:53 - 2015-02-17 06:48 - 17519616 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebKit.dll
2016-02-29 19:53 - 2015-02-17 06:56 - 0199168 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WebKitWidgets.dll
2016-02-29 19:53 - 2015-02-17 02:17 - 4468736 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5Widgets.dll
2016-02-29 19:53 - 2015-02-17 02:53 - 0230912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\Qt5WinExtras.dll
2016-02-29 19:53 - 2015-10-14 14:50 - 0023040 _____ (Microsoft) C:\Program Files\ReduxDecompress.exe
2016-02-29 19:53 - 2015-08-04 13:50 - 0355328 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\ssleay32.dll
2016-02-29 19:53 - 2016-02-02 11:49 - 0008192 _____ () C:\Program Files\VideoCardCompatibility.exe
2015-08-13 08:41 - 2015-08-13 08:47 - 0047462 ___SH () C:\Users\Dee\AppData\Roaming\d3dx10.exe
2016-03-06 14:27 - 2016-03-06 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Dee\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dee\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dee\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-16 18:26

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Dee (2016-03-17 02:28:08)
Running from C:\Users\Dee\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-06 18:35:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3311186725-2389629427-1582189158-500 - Administrator - Disabled)
Dee (S-1-5-21-3311186725-2389629427-1582189158-1002 - Administrator - Enabled) => C:\Users\Dee
DefaultAccount (S-1-5-21-3311186725-2389629427-1582189158-503 - Limited - Disabled)
Guest (S-1-5-21-3311186725-2389629427-1582189158-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3311186725-2389629427-1582189158-1004 - Limited - Enabled)
User (S-1-5-21-3311186725-2389629427-1582189158-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{66A71D83-289C-4521-A986-F62AE7E7BC5F}) (Version: 1.4.798 - Eyeo GmbH)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version:  - Crate Entertainment)
H&R Block 2015 1.5 (HKLM-x32\...\{7E4C0771-A265-496C-A1DD-7865E590AF96}) (Version: 1.5 - H&R Block)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 362.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 362.00 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.6.1.5336 - Electronic Arts, Inc.)
Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.17.865.5 - Hi-Rez Studios)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.)
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Dee\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {112E0163-D807-46AE-993B-86FAF8C57DEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {11C93896-42DE-4694-BF98-216159994C94} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {28EA4725-9E52-42FB-AE17-5F5E3342453A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2E251C33-FAFA-4C48-941C-7A23CF11CCE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core => C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {406C74AF-871B-4232-BDA1-9719BFC1D855} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {45FA8A25-9B04-477E-821D-BD8B33F878A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {699C16EC-8E4E-48C5-96B7-40630412C487} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77D6F21B-C98C-464F-AD52-29DFC0F9ED6F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {8DBC9E6F-23A0-4FE4-9ECE-EA69BD60D788} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA => C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-24] (Google Inc.)
Task: {9131F407-8D9C-453A-B902-DA7E8CD6BA64} - System32\Tasks\pc shut down at night => shutdown
Task: {91D8E85F-82E3-4B2C-A2E3-47E2A273285A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9441E460-31A2-471D-B024-A5047938D6F5} - System32\Tasks\shut down => shutdown
Task: {A70FE642-26D1-4A3C-8E51-7DAE6B8497EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {A9D5D8C1-A2A3-4507-9AD5-CF782D9581E2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BA82DD05-73CA-43C9-A739-1B2E1152427E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BCFA78F7-77C3-4C7D-88CD-A8E3A6508DDB} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions)
Task: {BE1FADF2-4874-4101-9FD0-0F3C26FC7D1F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C4A48EDD-BC73-4E3D-86B5-0CEC06EC0916} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D4C3A0D4-AD73-4D60-B5E2-6E3193DD01A5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {DF052B98-8754-4606-B0A5-D9D804B93E35} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EEF4EC76-71EF-42D5-9B78-907AA381AAA6} - System32\Tasks\IntelMemoryDiagnostic => %ApplicationDataFolder%\d3dx10.exe
Task: {F962C91C-1BF2-41CD-B977-D44416FD217C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job => C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA.job => C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-06 14:27 - 2016-03-08 02:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-12 11:34 - 2016-03-12 11:34 - 00307712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\9add180a1387d07af506b25467c1eb70\ReactiveSockets.ni.dll
2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2016-02-22 17:27 - 2016-02-17 02:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-22 12:28 - 2016-02-17 02:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-22 17:27 - 2016-02-17 02:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-08-28 17:30 - 2015-08-28 17:30 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-06 15:15 - 2016-03-06 15:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-06 17:23 - 2016-03-06 17:23 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-06 17:23 - 2016-03-06 17:23 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-06 15:15 - 2016-03-06 15:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-06 15:15 - 2016-03-06 15:15 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-04-20 11:57 - 2016-02-17 03:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-11 11:36 - 2016-01-11 11:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-06-24 16:28 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-10-20 15:43 - 2016-02-09 21:17 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-10-20 15:43 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-10-20 15:43 - 2016-03-10 15:02 - 02547792 _____ () C:\Program Files (x86)\Steam\video.dll
2015-10-20 15:43 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-10-20 15:43 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-10-20 15:43 - 2016-02-08 19:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-20 15:43 - 2016-02-08 19:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-20 15:43 - 2016-02-08 19:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-20 15:43 - 2016-02-08 19:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-20 15:43 - 2016-02-08 19:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-10-20 15:43 - 2016-03-10 15:02 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-08 23:24 - 2016-02-17 18:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-20 15:43 - 2016-02-08 21:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-20 15:43 - 2015-09-24 19:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Dee:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2016-02-27 11:31 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

#    ::1             localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 64.140.114.21 - 64.140.114.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3311186725-2389629427-1582189158-1002\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{04D4C6BC-1DEA-4A67-A60D-3FA8412405EF}] => (Allow) C:\Users\Dee\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA22836B-4C47-4B9A-9875-9AAAFA66FC68}] => (Allow) C:\Users\Dee\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{90088604-BECB-4508-B09F-2109B8C42E04}C:\program files\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{6A6A072E-FCF4-4795-8DF7-5B481AA49491}C:\program files\hirezgames\paladins\binaries\win32\paladins.exe] => (Block) C:\program files\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [{22C086E8-9520-4675-9647-DF5C2857CD5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DCAB0499-5859-4C37-99E6-D4C0EF1DF113}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{8939DE40-1460-4DEF-BC9B-5A92079E37E1}C:\games\scrap mechanic v0.1.16\release\scrapmechanic.exe] => (Block) C:\games\scrap mechanic v0.1.16\release\scrapmechanic.exe
FirewallRules: [TCP Query User{AAA79926-636B-4949-834F-9BDF3452CEBB}C:\games\scrap mechanic v0.1.16\release\scrapmechanic.exe] => (Block) C:\games\scrap mechanic v0.1.16\release\scrapmechanic.exe
FirewallRules: [{11E74A00-6EAA-410A-8721-A9FAE1B84285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{E5FFB1AB-5D1E-4B0E-9CF7-25D0520D89F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{4FE22E7F-439E-449E-8B81-9CA69185AB1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{28B1B731-9364-4B35-A35D-592FFCF8872A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EFA6D197-FB1A-41A6-B542-DB99F478D458}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{38D934F5-1816-4F9A-AF00-814A7DEA0606}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F267F233-9296-4DD0-93EA-4BE2E12BA41A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{03B34DDD-C414-43F5-96E0-8188858751AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{16217159-4A14-4130-9626-02F113F6211F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CAD5479A-D4DA-4AA0-9CA3-6978A34DAC94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B326726F-9DD9-44E5-A6E1-720896C1C9E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD669436-9B9D-4427-A9C0-CD5C5F3B2F78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A36C3FF7-C8C9-46A6-B65D-897ACB0CFFFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E62C935-7DC8-486D-9D2C-C105507917EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B223E0AE-0389-4638-BB3B-5FC2223BFFE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{42C46D14-39FB-48D9-8909-2A42B4327250}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6FEB6FE3-44AA-4A3F-8C12-94537F73C521}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A9D4C185-335D-4FEF-AF30-37E340940DD3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{C1E92581-F09C-4220-9B7F-B7477B4805A4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{EFB5E7F3-CF86-4571-BF9B-3AB8C8546445}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5E6C8981-0C38-4633-AD71-26D8EA71DD64}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{4E6612AF-B425-4514-859A-670BF7C0A663}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5CDA0E83-7CE5-4F6D-8EB7-7A2F1509E154}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7E66AE27-FDE0-43DF-8EE9-67D9550D6352}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BB3B4105-736D-4D92-B669-43E3DF4C2F31}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5C26359-8097-446B-B720-A2BD785D2ADD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{FA0ECD8F-A0C1-4E2D-97AA-4B8EE02CFF93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{BFAC1F45-3841-406F-AB06-5062A4B8B034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{03EF463F-09EC-4D7F-9105-186AA9461A88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{977C5F19-0BE3-40FF-B6C6-B49CD159CC83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{799B60AE-1EB8-483B-92A2-0C721F69A0EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2016 07:53:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/14/2016 06:53:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/14/2016 01:46:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.

Error: (03/13/2016 05:53:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/13/2016 01:31:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/13/2016 03:03:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.10586.0, time stamp: 0x5632d756
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a849ab
Exception code: 0xc0000005
Fault offset: 0x0000000000067e3c
Faulting process id: 0x180c
Faulting application start time: 0xdwm.exe0
Faulting application path: dwm.exe1
Faulting module path: dwm.exe2
Report Id: dwm.exe3
Faulting package full name: dwm.exe4
Faulting package-relative application ID: dwm.exe5

Error: (03/12/2016 04:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.10586.0, time stamp: 0x5632d756
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a849ab
Exception code: 0xc0000005
Fault offset: 0x0000000000067e3c
Faulting process id: 0x1b1c
Faulting application start time: 0xdwm.exe0
Faulting application path: dwm.exe1
Faulting module path: dwm.exe2
Report Id: dwm.exe3
Faulting package full name: dwm.exe4
Faulting package-relative application ID: dwm.exe5

Error: (03/12/2016 04:04:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/12/2016 01:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dwm.exe, version: 10.0.10586.0, time stamp: 0x5632d756
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a849ab
Exception code: 0xc0000005
Fault offset: 0x0000000000067e3c
Faulting process id: 0x168c
Faulting application start time: 0xdwm.exe0
Faulting application path: dwm.exe1
Faulting module path: dwm.exe2
Report Id: dwm.exe3
Faulting package full name: dwm.exe4
Faulting package-relative application ID: dwm.exe5

Error: (03/12/2016 11:33:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.


System errors:
=============
Error: (03/16/2016 06:28:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (03/16/2016 05:31:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Updater service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/16/2016 05:27:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2016-03-13 16:33:22.678
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-13 11:01:09.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 09:16:50.095
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-07 08:27:39.285
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 15:37:28.744
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 13:30:25.291
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 13:30:25.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-06 13:26:13.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8086.02 MB
Available physical RAM: 5073.91 MB
Total Virtual: 9366.02 MB
Available Virtual: 5557.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.79 GB) (Free:51.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 6EC6A124)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:46 AM

Posted 17 March 2016 - 09:13 AM

Greetings,

My pleasure to work together with you on this.

I would encourage you to only download programs from reputable sites.

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Tcpip\..\Interfaces\{91F5B1FA-1858-4342-A313-59A9E5ECB227}: [DhcpNameServer]  
2016-02-22 15:23 - 2016-02-22 15:23 - 00000000 ____D C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz]
2016-02-22 15:22 - 2016-02-22 15:22 - 06806144 _____ C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz].zip
Task: {11C93896-42DE-4694-BF98-216159994C94} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {28EA4725-9E52-42FB-AE17-5F5E3342453A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {45FA8A25-9B04-477E-821D-BD8B33F878A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {699C16EC-8E4E-48C5-96B7-40630412C487} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77D6F21B-C98C-464F-AD52-29DFC0F9ED6F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {91D8E85F-82E3-4B2C-A2E3-47E2A273285A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9D5D8C1-A2A3-4507-9AD5-CF782D9581E2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BA82DD05-73CA-43C9-A739-1B2E1152427E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BE1FADF2-4874-4101-9FD0-0F3C26FC7D1F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C4A48EDD-BC73-4E3D-86B5-0CEC06EC0916} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DF052B98-8754-4606-B0A5-D9D804B93E35} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F962C91C-1BF2-41CD-B977-D44416FD217C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Dee:Heroes & Generals [38]
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Zoek by Smeenk - Scan and Automatic Cleanup

--------------------
  • Download Zoek and save it to your Desktop
  • Right click the icon, select Run as Admistrator, and wait for the Program to appear on your Desktop (may take 15 seconds or so)
  • Verify Scan All Users is selected then click Run Script
  • Type 4 in the lower box to Do a Deep Scan and Automated Cleanup then click OK
  • Wait patiently for the program to run
  • Do not use your computer while the scan is running
  • When completed a zoek-results.txt report will appear on your desktop. Copy and paste the contents in your reply
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a MTB.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Zoek report
  • MiniToolBox report
  • TDSSKiller report
  • aswMBR report
  • How is your computer running

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 11:22 AM

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Dee (2016-03-17 11:32:31) Run:1
Running from C:\Users\Dee\Desktop
Loaded Profiles: Dee (Available Profiles: User & Dee)
Boot Mode: Normal
==============================================

fixlist content:
*****************
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Tcpip\..\Interfaces\{91F5B1FA-1858-4342-A313-59A9E5ECB227}: [DhcpNameServer]  
2016-02-22 15:23 - 2016-02-22 15:23 - 00000000 ____D C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz]
2016-02-22 15:22 - 2016-02-22 15:22 - 06806144 _____ C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz].zip
Task: {11C93896-42DE-4694-BF98-216159994C94} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {28EA4725-9E52-42FB-AE17-5F5E3342453A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {45FA8A25-9B04-477E-821D-BD8B33F878A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {699C16EC-8E4E-48C5-96B7-40630412C487} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77D6F21B-C98C-464F-AD52-29DFC0F9ED6F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {91D8E85F-82E3-4B2C-A2E3-47E2A273285A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A9D5D8C1-A2A3-4507-9AD5-CF782D9581E2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BA82DD05-73CA-43C9-A739-1B2E1152427E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BE1FADF2-4874-4101-9FD0-0F3C26FC7D1F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C4A48EDD-BC73-4E3D-86B5-0CEC06EC0916} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DF052B98-8754-4606-B0A5-D9D804B93E35} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F962C91C-1BF2-41CD-B977-D44416FD217C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Dee:Heroes & Generals [38]
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91F5B1FA-1858-4342-A313-59A9E5ECB227}\\DhcpNameServer => value removed successfully
"C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz]" => not found.
"C:\Users\Dee\Downloads\CCleaner v5.14.5493 Incl. Business, Technician and Professional Edition + Crack [4realtorrentz].zip" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11C93896-42DE-4694-BF98-216159994C94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11C93896-42DE-4694-BF98-216159994C94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28EA4725-9E52-42FB-AE17-5F5E3342453A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28EA4725-9E52-42FB-AE17-5F5E3342453A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45FA8A25-9B04-477E-821D-BD8B33F878A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45FA8A25-9B04-477E-821D-BD8B33F878A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{699C16EC-8E4E-48C5-96B7-40630412C487}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{699C16EC-8E4E-48C5-96B7-40630412C487}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77D6F21B-C98C-464F-AD52-29DFC0F9ED6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77D6F21B-C98C-464F-AD52-29DFC0F9ED6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91D8E85F-82E3-4B2C-A2E3-47E2A273285A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91D8E85F-82E3-4B2C-A2E3-47E2A273285A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9D5D8C1-A2A3-4507-9AD5-CF782D9581E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9D5D8C1-A2A3-4507-9AD5-CF782D9581E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA82DD05-73CA-43C9-A739-1B2E1152427E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA82DD05-73CA-43C9-A739-1B2E1152427E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE1FADF2-4874-4101-9FD0-0F3C26FC7D1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE1FADF2-4874-4101-9FD0-0F3C26FC7D1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4A48EDD-BC73-4E3D-86B5-0CEC06EC0916}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4A48EDD-BC73-4E3D-86B5-0CEC06EC0916}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF052B98-8754-4606-B0A5-D9D804B93E35}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF052B98-8754-4606-B0A5-D9D804B93E35}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F962C91C-1BF2-41CD-B977-D44416FD217C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F962C91C-1BF2-41CD-B977-D44416FD217C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
C:\Users\Dee => ":Heroes & Generals" ADS removed successfully.

==== End of Fixlog 11:32:31 ====



#6 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 11:30 AM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Dee (administrator) on 17-03-2016 at 11:51:42
Running from "C:\Users\Dee\Desktop"
Microsoft Windows 10 Home  (X64)
Model: B85-HD3 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Qualcomm Atheros AR9485 Wireless Network Adapter = Wi-Fi (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Dexter
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
   Physical Address. . . . . . . . . : C4-6E-1F-DD-A7-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 16-6E-1F-DD-A7-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : FC-AA-14-A6-E3-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::28be:6cf9:a947:6fd2%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 108.168.42.173(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.224
   Lease Obtained. . . . . . . . . . : March 17, 2016 11:47:42 AM
   Lease Expires . . . . . . . . . . : March 19, 2016 11:16:21 AM
   Default Gateway . . . . . . . . . : 108.168.42.161
   DHCP Server . . . . . . . . . . . : 108.168.42.129
   DHCPv6 IAID . . . . . . . . . . . : 66890260
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-1C-DB-1F-FC-AA-14-A6-E3-73
   DNS Servers . . . . . . . . . . . : 64.140.114.21
                                       64.140.114.22
                                       64.140.114.23
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:6ca8:2aad::6ca8:2aad(Preferred)
   Default Gateway . . . . . . . . . : 2002:c058:6301::1
   DHCPv6 IAID . . . . . . . . . . . : 318767104
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-1C-DB-1F-FC-AA-14-A6-E3-73
   DNS Servers . . . . . . . . . . . : 64.140.114.21
                                       64.140.114.22
                                       64.140.114.23
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:14b7:2bba:9357:d552(Preferred)
   Link-local IPv6 Address . . . . . : fe80::14b7:2bba:9357:d552%14(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 335544320
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-1C-DB-1F-FC-AA-14-A6-E3-73
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{1E0A3AF4-F1E2-4E53-A652-864CB390DF8B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1-toronto1.net.start.ca
Address:  64.140.114.21

Name:    google.com
Addresses:  2607:f8b0:400b:806::200e
      172.217.1.110


Pinging google.com [172.217.1.110] with 32 bytes of data:
Reply from 172.217.1.110: bytes=32 time=11ms TTL=58
Reply from 172.217.1.110: bytes=32 time=11ms TTL=58

Ping statistics for 172.217.1.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 11ms, Average = 11ms
Server:  resolver1-toronto1.net.start.ca
Address:  64.140.114.21

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=73ms TTL=52
Reply from 206.190.36.45: bytes=32 time=74ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 73ms, Maximum = 74ms, Average = 73ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...c4 6e 1f dd a7 8a ......Qualcomm Atheros AR9485 Wireless Network Adapter
 16...16 6e 1f dd a7 8a ......Microsoft Wi-Fi Direct Virtual Adapter
  3...fc aa 14 a6 e3 73 ......Realtek PCIe GBE Family Controller
  7...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   108.168.42.161   108.168.42.173     10
   108.168.42.160  255.255.255.224         On-link    108.168.42.173    266
   108.168.42.173  255.255.255.255         On-link    108.168.42.173    266
   108.168.42.191  255.255.255.255         On-link    108.168.42.173    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    108.168.42.173    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    108.168.42.173    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7   1011 ::/0                     2002:c058:6301::1
  1    306 ::1/128                  On-link
 14    306 2001::/32                On-link
 14    306 2001:0:9d38:6abd:14b7:2bba:9357:d552/128
                                    On-link
  7   1010 2002::/16                On-link
  7    266 2002:6ca8:2aad::6ca8:2aad/128
                                    On-link
  3    266 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::14b7:2bba:9357:d552/128
                                    On-link
  3    266 fe80::28be:6cf9:a947:6fd2/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    266 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

**** End of log ****
 


aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2016-03-17 12:04:30
-----------------------------
12:04:30.722    OS Version: Windows x64 6.2.9200
12:04:30.722    Number of processors: 4 586 0x3C03
12:04:30.722    ComputerName: DEXTER  UserName: Dee
12:04:30.869    Initialize success
12:04:30.884    VM: initialized successfully
12:04:30.884    VM: Intel CPU supported
12:05:08.846    VM: disk I/O iaStorA.sys
12:06:10.668    AVAST engine defs: 16031700
12:06:29.198    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002f
12:06:29.198    Disk 0 Vendor: SSD2SC240G1CS1754D117-820 CS111101 Size: 228936MB BusType: 11
12:06:29.214    Disk 0 MBR read successfully
12:06:29.214    Disk 0 MBR scan
12:06:29.229    Disk 0 Windows 7 default MBR code
12:06:29.229    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          350 MB offset 2048
12:06:29.245    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       228135 MB offset 718848
12:06:29.283    Disk 0 scanning C:\WINDOWS\system32\drivers
12:06:34.990    Service scanning
12:06:52.242    Modules scanning
12:06:52.723    Disk 0 trace - called modules:
12:06:52.723    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
12:06:52.723    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000de054060]
12:06:52.738    3 CLASSPNP.SYS[fffff8008eaf7d95] -> nt!IofCallDriver -> [0xffffe000db8db800]
12:06:52.738    5 ACPI.sys[fffff8008cc41361] -> nt!IofCallDriver -> [0xffffe000db8d47c0]
12:06:52.738    7 ACPI.sys[fffff8008cc41361] -> nt!IofCallDriver -> \Device\0000002f[0xffffe000db8e3060]
12:06:52.876    AVAST engine scan C:\WINDOWS
12:06:53.477    AVAST engine scan C:\WINDOWS\system32
12:08:38.881    AVAST engine scan C:\WINDOWS\system32\drivers
12:08:45.806    AVAST engine scan C:\Users\Dee
12:10:43.623    AVAST engine scan C:\ProgramData
12:12:12.391    Disk 0 statistics 4220438/0/0 @ 15.17 MB/s
12:12:12.391    Scan finished successfully
12:14:03.910    Disk 0 MBR has been saved successfully to "C:\Users\Dee\Desktop\MBR.dat"
12:14:03.925    The log file has been saved successfully to "C:\Users\Dee\Desktop\aswMBR.txt"

 


11:54:53.0388 0x1600  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:55:03.0569 0x1600  ============================================================
11:55:03.0569 0x1600  Current date / time: 2016/03/17 11:55:03.0569
11:55:03.0569 0x1600  SystemInfo:
11:55:03.0569 0x1600  
11:55:03.0569 0x1600  OS Version: 10.0.10586 ServicePack: 0.0
11:55:03.0569 0x1600  Product type: Workstation
11:55:03.0569 0x1600  ComputerName: DEXTER
11:55:03.0569 0x1600  UserName: Dee
11:55:03.0569 0x1600  Windows directory: C:\WINDOWS
11:55:03.0569 0x1600  System windows directory: C:\WINDOWS
11:55:03.0569 0x1600  Running under WOW64
11:55:03.0569 0x1600  Processor architecture: Intel x64
11:55:03.0569 0x1600  Number of processors: 4
11:55:03.0569 0x1600  Page size: 0x1000
11:55:03.0569 0x1600  Boot type: Normal boot
11:55:03.0569 0x1600  ============================================================
11:55:03.0635 0x1600  KLMD registered as C:\WINDOWS\system32\drivers\10371824.sys
11:55:04.0120 0x1600  System UUID: {BE5DF4AB-931C-DBEF-CCFC-FED4E5D3EE92}
11:55:04.0590 0x1600  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:55:04.0590 0x1600  ============================================================
11:55:04.0590 0x1600  \Device\Harddisk0\DR0:
11:55:04.0590 0x1600  MBR partitions:
11:55:04.0590 0x1600  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:55:04.0590 0x1600  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1BD93800
11:55:04.0590 0x1600  ============================================================
11:55:04.0590 0x1600  C: <-> \Device\Harddisk0\DR0\Partition2
11:55:04.0590 0x1600  ============================================================
11:55:04.0590 0x1600  Initialize success
11:55:04.0590 0x1600  ============================================================
11:55:25.0744 0x1758  ============================================================
11:55:25.0744 0x1758  Scan started
11:55:25.0744 0x1758  Mode: Manual;
11:55:25.0744 0x1758  ============================================================
11:55:25.0744 0x1758  KSN ping started
11:55:28.0052 0x1758  KSN ping finished: true
11:55:28.0388 0x1758  ================ Scan system memory ========================
11:55:28.0388 0x1758  System memory - ok
11:55:28.0388 0x1758  ================ Scan services =============================
11:55:28.0420 0x1758  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
11:55:28.0420 0x1758  1394ohci - ok
11:55:28.0435 0x1758  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
11:55:28.0435 0x1758  3ware - ok
11:55:28.0451 0x1758  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
11:55:28.0451 0x1758  ACPI - ok
11:55:28.0451 0x1758  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
11:55:28.0451 0x1758  acpiex - ok
11:55:28.0469 0x1758  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
11:55:28.0470 0x1758  acpipagr - ok
11:55:28.0472 0x1758  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
11:55:28.0472 0x1758  AcpiPmi - ok
11:55:28.0472 0x1758  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
11:55:28.0472 0x1758  acpitime - ok
11:55:28.0488 0x1758  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
11:55:28.0504 0x1758  ADP80XX - ok
11:55:28.0519 0x1758  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
11:55:28.0535 0x1758  AFD - ok
11:55:28.0535 0x1758  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
11:55:28.0535 0x1758  agp440 - ok
11:55:28.0535 0x1758  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:55:28.0551 0x1758  ahcache - ok
11:55:28.0551 0x1758  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
11:55:28.0551 0x1758  AJRouter - ok
11:55:28.0551 0x1758  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
11:55:28.0551 0x1758  ALG - ok
11:55:28.0570 0x1758  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
11:55:28.0572 0x1758  AmdK8 - ok
11:55:28.0572 0x1758  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
11:55:28.0572 0x1758  AmdPPM - ok
11:55:28.0572 0x1758  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
11:55:28.0572 0x1758  amdsata - ok
11:55:28.0588 0x1758  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
11:55:28.0588 0x1758  amdsbs - ok
11:55:28.0588 0x1758  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
11:55:28.0588 0x1758  amdxata - ok
11:55:28.0604 0x1758  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
11:55:28.0604 0x1758  AppID - ok
11:55:28.0604 0x1758  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
11:55:28.0604 0x1758  AppIDSvc - ok
11:55:28.0604 0x1758  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
11:55:28.0604 0x1758  Appinfo - ok
11:55:28.0620 0x1758  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
11:55:28.0635 0x1758  AppReadiness - ok
11:55:28.0672 0x1758  [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
11:55:28.0688 0x1758  AppXSvc - ok
11:55:28.0704 0x1758  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
11:55:28.0704 0x1758  arcsas - ok
11:55:28.0704 0x1758  [ 8C0CDB1E9C2734EFCD5DC8E266F05EAE, EE8A04FB51F92849E5B530EB1615AAB6982B620B76EF38A2432FB3F7DF9B32E5 ] ArcService      C:\Program Files (x86)\Arc\ArcService.exe
11:55:28.0735 0x1758  ArcService - ok
11:55:28.0735 0x1758  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
11:55:28.0735 0x1758  AsyncMac - ok
11:55:28.0735 0x1758  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
11:55:28.0735 0x1758  atapi - ok
11:55:28.0804 0x1758  [ 41DFF214D30294F18F64257167F1CCBA, 87BB8BC1AB5EC4F5DAD84CB0B16CDD4634F10DC687264E4C84E47EFEFF4310F6 ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
11:55:28.0851 0x1758  athr - ok
11:55:28.0872 0x1758  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:55:28.0873 0x1758  AudioEndpointBuilder - ok
11:55:28.0889 0x1758  [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
11:55:28.0904 0x1758  Audiosrv - ok
11:55:28.0904 0x1758  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
11:55:28.0904 0x1758  AxInstSV - ok
11:55:28.0920 0x1758  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
11:55:28.0936 0x1758  b06bdrv - ok
11:55:28.0936 0x1758  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:55:28.0936 0x1758  BasicDisplay - ok
11:55:28.0936 0x1758  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
11:55:28.0936 0x1758  BasicRender - ok
11:55:28.0936 0x1758  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
11:55:28.0936 0x1758  bcmfn - ok
11:55:28.0951 0x1758  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
11:55:28.0951 0x1758  bcmfn2 - ok
11:55:28.0951 0x1758  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
11:55:28.0967 0x1758  BDESVC - ok
11:55:28.0970 0x1758  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:55:28.0970 0x1758  Beep - ok
11:55:28.0988 0x1758  [ DA27D806461256EBF525FFBA2148C675, 500CD8F47BAAA612180E220849E01250FED8F49BBCE2ABA361D9B3C63BE3E93A ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
11:55:29.0503 0x1758  BEService - ok
11:55:29.0518 0x1758  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
11:55:29.0523 0x1758  BFE - ok
11:55:29.0539 0x1758  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
11:55:29.0570 0x1758  BITS - ok
11:55:29.0570 0x1758  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
11:55:29.0570 0x1758  bowser - ok
11:55:29.0585 0x1758  [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:55:29.0585 0x1758  BrokerInfrastructure - ok
11:55:29.0601 0x1758  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
11:55:29.0601 0x1758  Browser - ok
11:55:29.0601 0x1758  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:55:29.0601 0x1758  BthAvrcpTg - ok
11:55:29.0601 0x1758  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
11:55:29.0617 0x1758  BthHFEnum - ok
11:55:29.0620 0x1758  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
11:55:29.0621 0x1758  bthhfhid - ok
11:55:29.0623 0x1758  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
11:55:29.0623 0x1758  BthHFSrv - ok
11:55:29.0623 0x1758  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
11:55:29.0639 0x1758  BTHMODEM - ok
11:55:29.0639 0x1758  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
11:55:29.0639 0x1758  bthserv - ok
11:55:29.0639 0x1758  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
11:55:29.0639 0x1758  buttonconverter - ok
11:55:29.0655 0x1758  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
11:55:29.0655 0x1758  CapImg - ok
11:55:29.0655 0x1758  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:55:29.0655 0x1758  cdfs - ok
11:55:29.0670 0x1758  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
11:55:29.0670 0x1758  CDPSvc - ok
11:55:29.0670 0x1758  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
11:55:29.0670 0x1758  cdrom - ok
11:55:29.0686 0x1758  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
11:55:29.0686 0x1758  CertPropSvc - ok
11:55:29.0686 0x1758  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
11:55:29.0686 0x1758  circlass - ok
11:55:29.0702 0x1758  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
11:55:29.0721 0x1758  CLFS - ok
11:55:29.0723 0x1758  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
11:55:29.0739 0x1758  ClipSVC - ok
11:55:29.0739 0x1758  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
11:55:29.0739 0x1758  CmBatt - ok
11:55:29.0755 0x1758  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
11:55:29.0755 0x1758  CNG - ok
11:55:29.0770 0x1758  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
11:55:29.0770 0x1758  cnghwassist - ok
11:55:29.0770 0x1758  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
11:55:29.0770 0x1758  CompositeBus - ok
11:55:29.0770 0x1758  COMSysApp - ok
11:55:29.0786 0x1758  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
11:55:29.0786 0x1758  condrv - ok
11:55:29.0802 0x1758  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
11:55:29.0802 0x1758  CoreMessagingRegistrar - ok
11:55:29.0823 0x1758  [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:55:29.0886 0x1758  cphs - ok
11:55:29.0886 0x1758  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:55:29.0886 0x1758  CryptSvc - ok
11:55:29.0886 0x1758  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
11:55:29.0886 0x1758  dam - ok
11:55:29.0901 0x1758  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:55:29.0924 0x1758  DcomLaunch - ok
11:55:29.0924 0x1758  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
11:55:29.0924 0x1758  DcpSvc - ok
11:55:29.0939 0x1758  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
11:55:29.0939 0x1758  defragsvc - ok
11:55:29.0955 0x1758  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:55:29.0971 0x1758  DeviceAssociationService - ok
11:55:29.0971 0x1758  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
11:55:29.0971 0x1758  DeviceInstall - ok
11:55:29.0971 0x1758  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
11:55:29.0971 0x1758  DevQueryBroker - ok
11:55:29.0986 0x1758  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
11:55:29.0986 0x1758  Dfsc - ok
11:55:30.0002 0x1758  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:55:30.0002 0x1758  Dhcp - ok
11:55:30.0018 0x1758  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
11:55:30.0019 0x1758  diagnosticshub.standardcollector.service - ok
11:55:30.0039 0x1758  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
11:55:30.0055 0x1758  DiagTrack - ok
11:55:30.0071 0x1758  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
11:55:30.0071 0x1758  disk - ok
11:55:30.0071 0x1758  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
11:55:30.0071 0x1758  DmEnrollmentSvc - ok
11:55:30.0086 0x1758  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
11:55:30.0086 0x1758  dmvsc - ok
11:55:30.0086 0x1758  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
11:55:30.0086 0x1758  dmwappushservice - ok
11:55:30.0086 0x1758  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:55:30.0102 0x1758  Dnscache - ok
11:55:30.0102 0x1758  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:55:30.0118 0x1758  dot3svc - ok
11:55:30.0123 0x1758  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
11:55:30.0124 0x1758  DPS - ok
11:55:30.0124 0x1758  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
11:55:30.0124 0x1758  drmkaud - ok
11:55:30.0140 0x1758  [ E37DBD9E2D0037288EBFC6F15EA4D220, ECF71AEF267BD2F95D295ED650050D8EFD3A1A391D64E45525165C3CB61A1BAC ] Ds3Service      C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
11:55:30.0140 0x1758  Ds3Service - ok
11:55:30.0140 0x1758  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
11:55:30.0155 0x1758  DsmSvc - ok
11:55:30.0155 0x1758  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
11:55:30.0155 0x1758  DsSvc - ok
11:55:30.0186 0x1758  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:55:30.0224 0x1758  DXGKrnl - ok
11:55:30.0224 0x1758  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
11:55:30.0224 0x1758  Eaphost - ok
11:55:30.0224 0x1758  EasyAntiCheat - ok
11:55:30.0281 0x1758  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
11:55:30.0324 0x1758  ebdrv - ok
11:55:30.0340 0x1758  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
11:55:30.0340 0x1758  EFS - ok
11:55:30.0340 0x1758  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
11:55:30.0340 0x1758  EhStorClass - ok
11:55:30.0340 0x1758  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:55:30.0355 0x1758  EhStorTcgDrv - ok
11:55:30.0355 0x1758  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
11:55:30.0355 0x1758  embeddedmode - ok
11:55:30.0371 0x1758  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
11:55:30.0371 0x1758  EntAppSvc - ok
11:55:30.0371 0x1758  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
11:55:30.0371 0x1758  ErrDev - ok
11:55:30.0387 0x1758  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
11:55:30.0387 0x1758  EventSystem - ok
11:55:30.0402 0x1758  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
11:55:30.0402 0x1758  exfat - ok
11:55:30.0419 0x1758  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
11:55:30.0424 0x1758  fastfat - ok
11:55:30.0424 0x1758  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
11:55:30.0440 0x1758  Fax - ok
11:55:30.0440 0x1758  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
11:55:30.0440 0x1758  fdc - ok
11:55:30.0440 0x1758  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
11:55:30.0456 0x1758  fdPHost - ok
11:55:30.0456 0x1758  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
11:55:30.0456 0x1758  FDResPub - ok
11:55:30.0456 0x1758  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
11:55:30.0456 0x1758  fhsvc - ok
11:55:30.0471 0x1758  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
11:55:30.0471 0x1758  FileCrypt - ok
11:55:30.0471 0x1758  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
11:55:30.0471 0x1758  FileInfo - ok
11:55:30.0471 0x1758  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
11:55:30.0471 0x1758  Filetrace - ok
11:55:30.0487 0x1758  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
11:55:30.0487 0x1758  flpydisk - ok
11:55:30.0487 0x1758  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:55:30.0503 0x1758  FltMgr - ok
11:55:30.0525 0x1758  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
11:55:30.0540 0x1758  FontCache - ok
11:55:30.0540 0x1758  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:55:30.0556 0x1758  FontCache3.0.0.0 - ok
11:55:30.0556 0x1758  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
11:55:30.0556 0x1758  FsDepends - ok
11:55:30.0556 0x1758  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:55:30.0556 0x1758  Fs_Rec - ok
11:55:30.0572 0x1758  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:55:30.0572 0x1758  fvevol - ok
11:55:30.0587 0x1758  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
11:55:30.0587 0x1758  gagp30kx - ok
11:55:30.0587 0x1758  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
11:55:30.0587 0x1758  gencounter - ok
11:55:30.0587 0x1758  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
11:55:30.0587 0x1758  genericusbfn - ok
11:55:30.0603 0x1758  [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:55:30.0625 0x1758  GfExperienceService - ok
11:55:30.0640 0x1758  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:55:30.0640 0x1758  GPIOClx0101 - ok
11:55:30.0656 0x1758  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
11:55:30.0687 0x1758  gpsvc - ok
11:55:30.0687 0x1758  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
11:55:30.0687 0x1758  GpuEnergyDrv - ok
11:55:30.0687 0x1758  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:55:30.0687 0x1758  gupdate - ok
11:55:30.0703 0x1758  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:55:30.0703 0x1758  gupdatem - ok
11:55:30.0703 0x1758  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:55:30.0741 0x1758  gusvc - ok
11:55:30.0741 0x1758  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
11:55:30.0756 0x1758  HdAudAddService - ok
11:55:30.0756 0x1758  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
11:55:30.0756 0x1758  HDAudBus - ok
11:55:30.0756 0x1758  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
11:55:30.0756 0x1758  HidBatt - ok
11:55:30.0772 0x1758  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
11:55:30.0772 0x1758  HidBth - ok
11:55:30.0772 0x1758  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
11:55:30.0772 0x1758  hidi2c - ok
11:55:30.0772 0x1758  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
11:55:30.0772 0x1758  hidinterrupt - ok
11:55:30.0788 0x1758  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
11:55:30.0788 0x1758  HidIr - ok
11:55:30.0788 0x1758  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
11:55:30.0788 0x1758  hidserv - ok
11:55:30.0788 0x1758  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:55:30.0788 0x1758  HidUsb - ok
11:55:30.0788 0x1758  [ 403855F9B844929BA6D7F5B84BC0124C, 6D1F40720150048EC225FA42B1CAD5630D1A217DCD3516E28F1F40734B93CEB5 ] HiPatchService  C:\Program Files\HiPatchService.exe
11:55:30.0803 0x1758  HiPatchService - ok
11:55:30.0803 0x1758  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:55:30.0822 0x1758  HomeGroupListener - ok
11:55:30.0825 0x1758  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:55:30.0825 0x1758  HomeGroupProvider - ok
11:55:30.0841 0x1758  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
11:55:30.0841 0x1758  HpSAMD - ok
11:55:30.0857 0x1758  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
11:55:30.0872 0x1758  HTTP - ok
11:55:30.0872 0x1758  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
11:55:30.0872 0x1758  hwpolicy - ok
11:55:30.0872 0x1758  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
11:55:30.0872 0x1758  hyperkbd - ok
11:55:30.0888 0x1758  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
11:55:30.0888 0x1758  i8042prt - ok
11:55:30.0888 0x1758  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
11:55:30.0888 0x1758  iai2c - ok
11:55:30.0888 0x1758  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
11:55:30.0904 0x1758  iaLPSS2i_I2C - ok
11:55:30.0904 0x1758  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
11:55:30.0904 0x1758  iaLPSSi_GPIO - ok
11:55:30.0904 0x1758  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
11:55:30.0904 0x1758  iaLPSSi_I2C - ok
11:55:30.0926 0x1758  [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
11:55:30.0926 0x1758  iaStorA - ok
11:55:30.0941 0x1758  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
11:55:30.0957 0x1758  iaStorAV - ok
11:55:30.0957 0x1758  [ F35FBCEB1B71BC20BBAFA526E203D6A1, F389B689B5DF0D204E3EA21B7201A89D29DE518716781BB390AC6E5CED64C790 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:55:30.0957 0x1758  IAStorDataMgrSvc - ok
11:55:30.0972 0x1758  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
11:55:30.0972 0x1758  iaStorV - ok
11:55:30.0988 0x1758  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
11:55:30.0988 0x1758  ibbus - ok
11:55:30.0988 0x1758  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:55:31.0004 0x1758  icssvc - ok
11:55:31.0004 0x1758  IEEtwCollectorService - ok
11:55:31.0126 0x1758  [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:55:31.0173 0x1d30  Object required for P2P: [ 8C0CDB1E9C2734EFCD5DC8E266F05EAE ] ArcService
11:55:31.0226 0x1758  igfx - ok
11:55:31.0242 0x1758  [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:55:31.0257 0x1758  igfxCUIService2.0.0.0 - ok
11:55:31.0273 0x1758  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
11:55:31.0289 0x1758  IKEEXT - ok
11:55:31.0304 0x1758  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
11:55:31.0304 0x1758  intaud_WaveExtensible - ok
11:55:31.0373 0x1758  [ 9D1FEF41DD5728C7CC26270977762F54, 06570B6421F23B8064278CBCD814B0F6F4073DFBC44B8A71DDE35FBD5AC4B721 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:55:31.0426 0x1758  IntcAzAudAddService - ok
11:55:31.0442 0x1758  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:55:31.0974 0x1758  Intel® Capability Licensing Service Interface - ok
11:55:31.0990 0x1758  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:55:32.0444 0x1c90  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
11:55:32.0560 0x1758  Intel® Capability Licensing Service TCP IP Interface - ok
11:55:32.0560 0x1758  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
11:55:32.0560 0x1758  intelide - ok
11:55:32.0575 0x1758  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
11:55:32.0575 0x1758  intelpep - ok
11:55:32.0575 0x1758  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
11:55:32.0575 0x1758  intelppm - ok
11:55:32.0575 0x1758  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
11:55:32.0575 0x1758  IoQos - ok
11:55:32.0591 0x1758  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:55:32.0591 0x1758  IpFilterDriver - ok
11:55:32.0607 0x1758  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:55:32.0623 0x1758  iphlpsvc - ok
11:55:32.0628 0x1758  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:55:32.0628 0x1758  IPMIDRV - ok
11:55:32.0628 0x1758  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
11:55:32.0628 0x1758  IPNAT - ok
11:55:32.0628 0x1758  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
11:55:32.0628 0x1758  IRENUM - ok
11:55:32.0628 0x1758  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
11:55:32.0644 0x1758  isapnp - ok
11:55:32.0644 0x1758  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
11:55:32.0644 0x1758  iScsiPrt - ok
11:55:32.0660 0x1758  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
11:55:32.0660 0x1758  jhi_service - ok
11:55:32.0660 0x1758  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
11:55:32.0660 0x1758  kbdclass - ok
11:55:32.0660 0x1758  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
11:55:32.0660 0x1758  kbdhid - ok
11:55:32.0675 0x1758  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
11:55:32.0675 0x1758  kdnic - ok
11:55:32.0675 0x1758  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
11:55:32.0675 0x1758  KeyIso - ok
11:55:32.0675 0x1758  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
11:55:32.0675 0x1758  KSecDD - ok
11:55:32.0691 0x1758  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:55:32.0691 0x1758  KSecPkg - ok
11:55:32.0691 0x1758  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
11:55:32.0691 0x1758  ksthunk - ok
11:55:32.0706 0x1758  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
11:55:32.0706 0x1758  KtmRm - ok
11:55:32.0723 0x1758  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
11:55:32.0728 0x1758  LanmanServer - ok
11:55:32.0729 0x1758  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:55:32.0729 0x1758  LanmanWorkstation - ok
11:55:32.0729 0x1758  [ 184F24F629CB0EFB23A6296CCF242D1A, 9510CBE7778BC2A29B0BF867A60F3FDED7170A44E4197249B5CC1317E05E55CE ] LcUvcUpper      C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
11:55:32.0729 0x1758  LcUvcUpper - ok
11:55:32.0744 0x1758  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
11:55:32.0744 0x1758  lfsvc - ok
11:55:32.0744 0x1758  [ C4AB79ACB70AAF0AC8B68A9018AA9625, 57A3439356F35B043F2BD44E47A7453B7B883D32154A4237C532CEBE35033455 ] libusbK         C:\WINDOWS\System32\drivers\libusbK.sys
11:55:32.0760 0x1758  libusbK - ok
11:55:32.0760 0x1758  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
11:55:32.0760 0x1758  LicenseManager - ok
11:55:32.0760 0x1758  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
11:55:32.0760 0x1758  lltdio - ok
11:55:32.0776 0x1758  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
11:55:32.0776 0x1758  lltdsvc - ok
11:55:32.0776 0x1758  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
11:55:32.0776 0x1758  lmhosts - ok
11:55:32.0791 0x1758  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:55:32.0791 0x1758  LMS - ok
11:55:32.0807 0x1758  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
11:55:32.0807 0x1758  LSI_SAS - ok
11:55:32.0807 0x1758  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
11:55:32.0807 0x1758  LSI_SAS2i - ok
11:55:32.0807 0x1758  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
11:55:32.0807 0x1758  LSI_SAS3i - ok
11:55:32.0827 0x1758  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
11:55:32.0828 0x1758  LSI_SSS - ok
11:55:32.0828 0x1758  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
11:55:32.0844 0x1758  LSM - ok
11:55:32.0844 0x1758  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
11:55:32.0844 0x1758  luafv - ok
11:55:32.0860 0x1758  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
11:55:32.0860 0x1758  MapsBroker - ok
11:55:32.0860 0x1758  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:55:32.0860 0x1758  MBAMProtector - ok
11:55:32.0891 0x1758  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
11:55:32.0907 0x1758  MBAMScheduler - ok
11:55:32.0929 0x1758  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
11:55:32.0944 0x1758  MBAMService - ok
11:55:32.0944 0x1758  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
11:55:32.0960 0x1758  MBAMSwissArmy - ok
11:55:32.0960 0x1758  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:55:32.0960 0x1758  MBAMWebAccessControl - ok
11:55:32.0960 0x1758  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
11:55:32.0960 0x1758  megasas - ok
11:55:32.0976 0x1758  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
11:55:32.0976 0x1758  megasr - ok
11:55:32.0991 0x1758  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
11:55:33.0007 0x1758  MEIx64 - ok
11:55:33.0007 0x1758  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
11:55:33.0007 0x1758  MessagingService - ok
11:55:33.0029 0x1758  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
11:55:33.0029 0x1758  mlx4_bus - ok
11:55:33.0029 0x1758  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
11:55:33.0045 0x1758  MMCSS - ok
11:55:33.0045 0x1758  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
11:55:33.0045 0x1758  Modem - ok
11:55:33.0045 0x1758  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
11:55:33.0045 0x1758  monitor - ok
11:55:33.0060 0x1758  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
11:55:33.0060 0x1758  mouclass - ok
11:55:33.0060 0x1758  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
11:55:33.0060 0x1758  mouhid - ok
11:55:33.0060 0x1758  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
11:55:33.0060 0x1758  mountmgr - ok
11:55:33.0060 0x1758  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:55:33.0076 0x1758  MozillaMaintenance - ok
11:55:33.0076 0x1758  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
11:55:33.0076 0x1758  mpsdrv - ok
11:55:33.0091 0x1758  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
11:55:33.0107 0x1758  MpsSvc - ok
11:55:33.0107 0x1758  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
11:55:33.0107 0x1758  MRxDAV - ok
11:55:33.0129 0x1758  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:55:33.0129 0x1758  mrxsmb - ok
11:55:33.0129 0x1758  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:55:33.0145 0x1758  mrxsmb10 - ok
11:55:33.0145 0x1758  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:55:33.0145 0x1758  mrxsmb20 - ok
11:55:33.0160 0x1758  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
11:55:33.0160 0x1758  MsBridge - ok
11:55:33.0160 0x1758  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
11:55:33.0160 0x1758  MSDTC - ok
11:55:33.0176 0x1758  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:55:33.0176 0x1758  Msfs - ok
11:55:33.0176 0x1758  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:55:33.0176 0x1758  msgpiowin32 - ok
11:55:33.0176 0x1758  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:55:33.0176 0x1758  mshidkmdf - ok
11:55:33.0176 0x1758  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
11:55:33.0176 0x1758  mshidumdf - ok
11:55:33.0192 0x1758  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
11:55:33.0192 0x1758  msisadrv - ok
11:55:33.0192 0x1758  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
11:55:33.0192 0x1758  MSiSCSI - ok
11:55:33.0192 0x1758  msiserver - ok
11:55:33.0192 0x1758  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
11:55:33.0207 0x1758  MSKSSRV - ok
11:55:33.0207 0x1758  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
11:55:33.0207 0x1758  MsLldp - ok
11:55:33.0207 0x1758  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
11:55:33.0207 0x1758  MSPCLOCK - ok
11:55:33.0207 0x1758  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
11:55:33.0207 0x1758  MSPQM - ok
11:55:33.0227 0x1758  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
11:55:33.0229 0x1758  MsRPC - ok
11:55:33.0229 0x1758  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
11:55:33.0229 0x1758  mssmbios - ok
11:55:33.0229 0x1758  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
11:55:33.0229 0x1758  MSTEE - ok
11:55:33.0229 0x1758  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
11:55:33.0245 0x1758  MTConfig - ok
11:55:33.0245 0x1758  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
11:55:33.0245 0x1758  Mup - ok
11:55:33.0245 0x1758  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
11:55:33.0245 0x1758  mvumis - ok
11:55:33.0260 0x1758  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:55:33.0260 0x1758  NativeWifiP - ok
11:55:33.0276 0x1758  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
11:55:33.0276 0x1758  NcaSvc - ok
11:55:33.0291 0x1758  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
11:55:33.0291 0x1758  NcbService - ok
11:55:33.0291 0x1758  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
11:55:33.0291 0x1758  NcdAutoSetup - ok
11:55:33.0307 0x1758  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
11:55:33.0307 0x1758  ndfltr - ok
11:55:33.0329 0x1758  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
11:55:33.0329 0x1758  NDIS - ok
11:55:33.0345 0x1758  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
11:55:33.0345 0x1758  NdisCap - ok
11:55:33.0345 0x1758  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
11:55:33.0345 0x1758  NdisImPlatform - ok
11:55:33.0345 0x1758  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:55:33.0360 0x1758  NdisTapi - ok
11:55:33.0360 0x1758  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
11:55:33.0360 0x1758  Ndisuio - ok
11:55:33.0360 0x1758  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
11:55:33.0360 0x1758  NdisVirtualBus - ok
11:55:33.0360 0x1758  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
11:55:33.0376 0x1758  NdisWan - ok
11:55:33.0376 0x1758  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:33.0376 0x1758  ndiswanlegacy - ok
11:55:33.0376 0x1758  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
11:55:33.0376 0x1758  ndproxy - ok
11:55:33.0392 0x1758  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:55:33.0392 0x1758  Ndu - ok
11:55:33.0392 0x1758  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
11:55:33.0392 0x1758  NetBIOS - ok
11:55:33.0407 0x1758  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:55:33.0407 0x1758  NetBT - ok
11:55:33.0407 0x1758  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:55:33.0407 0x1758  Netlogon - ok
11:55:33.0423 0x1758  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
11:55:33.0430 0x1758  Netman - ok
11:55:33.0430 0x1758  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
11:55:33.0445 0x1758  netprofm - ok
11:55:33.0445 0x1758  [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
11:55:33.0445 0x1758  NetSetupSvc - ok
11:55:33.0461 0x1758  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:55:33.0461 0x1758  NetTcpPortSharing - ok
11:55:33.0476 0x1758  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
11:55:33.0476 0x1758  NgcCtnrSvc - ok
11:55:33.0492 0x1758  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
11:55:33.0492 0x1758  NgcSvc - ok
11:55:33.0508 0x1758  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
11:55:33.0508 0x1758  NlaSvc - ok
11:55:33.0508 0x1758  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:55:33.0525 0x1758  Npfs - ok
11:55:33.0527 0x1758  npggsvc - ok
11:55:33.0529 0x1758  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
11:55:33.0529 0x1758  npsvctrig - ok
11:55:33.0529 0x1758  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
11:55:33.0529 0x1758  nsi - ok
11:55:33.0529 0x1758  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
11:55:33.0529 0x1758  nsiproxy - ok
11:55:33.0561 0x1758  [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
11:55:33.0592 0x1758  NTFS - ok
11:55:33.0592 0x1758  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:55:33.0592 0x1758  Null - ok
11:55:33.0608 0x1758  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
11:55:33.0608 0x1758  NVHDA - ok
11:55:33.0792 0x1758  [ 597C022F2A7E5D31ED3BAD18C75D5552, 1D0A32A2A23FC8BA5E02A8EB248902EF234DBCEFA53454C4AEA3B92D7043A2B3 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:55:33.0977 0x1758  nvlddmkm - ok
11:55:34.0008 0x1758  [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:55:34.0030 0x1758  NvNetworkService - ok
11:55:34.0046 0x1758  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
11:55:34.0046 0x1758  nvraid - ok
11:55:34.0061 0x1758  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
11:55:34.0061 0x1758  nvstor - ok
11:55:34.0061 0x1758  [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:55:34.0061 0x1758  NvStreamKms - ok
11:55:34.0162 0x1758  [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:55:34.0246 0x1758  NvStreamNetworkSvc - ok
11:55:34.0293 0x1758  [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:55:34.0331 0x1758  NvStreamSvc - ok
11:55:34.0362 0x1758  [ 38885AE14957B271496CD7DA19CF2697, 1A506872585B6C5B5DD3F2927F70DE6393977167D72DC0A31FB2267B9FF89A49 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
11:55:34.0378 0x1758  nvsvc - ok
11:55:34.0378 0x1758  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:55:34.0378 0x1758  nvvad_WaveExtensible - ok
11:55:34.0378 0x1758  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
11:55:34.0393 0x1758  nv_agp - ok
11:55:34.0393 0x1758  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
11:55:34.0393 0x1758  OneSyncSvc - ok
11:55:34.0431 0x1758  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
11:55:34.0509 0x1758  Origin Client Service - ok
11:55:34.0531 0x1758  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:55:34.0531 0x1758  p2pimsvc - ok
11:55:34.0547 0x1758  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
11:55:34.0547 0x1758  p2psvc - ok
11:55:34.0547 0x1758  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
11:55:34.0547 0x1758  Parport - ok
11:55:34.0562 0x1758  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
11:55:34.0562 0x1758  partmgr - ok
11:55:34.0562 0x1758  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
11:55:34.0578 0x1758  PcaSvc - ok
11:55:34.0578 0x1758  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
11:55:34.0594 0x1758  pci - ok
11:55:34.0594 0x1758  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
11:55:34.0594 0x1758  pciide - ok
11:55:34.0594 0x1758  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
11:55:34.0594 0x1758  pcmcia - ok
11:55:34.0609 0x1758  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
11:55:34.0609 0x1758  pcw - ok
11:55:34.0609 0x1758  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
11:55:34.0609 0x1758  pdc - ok
11:55:34.0631 0x1758  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
11:55:34.0631 0x1758  PEAUTH - ok
11:55:34.0631 0x1758  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
11:55:34.0647 0x1758  percsas2i - ok
11:55:34.0647 0x1758  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
11:55:34.0647 0x1758  percsas3i - ok
11:55:34.0647 0x1758  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
11:55:34.0663 0x1758  PerfHost - ok
11:55:34.0678 0x1758  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
11:55:34.0694 0x1758  PhoneSvc - ok
11:55:34.0694 0x1758  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
11:55:34.0694 0x1758  PimIndexMaintenanceSvc - ok
11:55:34.0732 0x1758  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
11:55:34.0747 0x1758  pla - ok
11:55:34.0763 0x1758  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
11:55:34.0763 0x1758  PlugPlay - ok
11:55:34.0763 0x1758  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
11:55:34.0778 0x1758  PnkBstrA - ok
11:55:34.0794 0x1758  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
11:55:34.0794 0x1758  PNRPAutoReg - ok
11:55:34.0794 0x1758  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
11:55:34.0794 0x1758  PNRPsvc - ok
11:55:34.0810 0x1758  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
11:55:34.0827 0x1758  PolicyAgent - ok
11:55:34.0832 0x1758  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
11:55:34.0832 0x1758  Power - ok
11:55:34.0832 0x1758  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
11:55:34.0832 0x1758  PptpMiniport - ok
11:55:34.0879 0x1758  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:55:34.0948 0x1758  PrintNotify - ok
11:55:34.0963 0x1758  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
11:55:34.0963 0x1758  Processor - ok
11:55:34.0979 0x1758  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
11:55:34.0979 0x1758  ProfSvc - ok
11:55:34.0979 0x1758  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
11:55:34.0979 0x1758  Psched - ok
11:55:34.0995 0x1758  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
11:55:34.0995 0x1758  QWAVE - ok
11:55:34.0995 0x1758  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
11:55:35.0010 0x1758  QWAVEdrv - ok
11:55:35.0010 0x1758  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:55:35.0010 0x1758  RasAcd - ok
11:55:35.0010 0x1758  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
11:55:35.0010 0x1758  RasAgileVpn - ok
11:55:35.0010 0x1758  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:55:35.0027 0x1758  RasAuto - ok
11:55:35.0032 0x1758  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
11:55:35.0032 0x1758  Rasl2tp - ok
11:55:35.0032 0x1758  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:55:35.0048 0x1758  RasMan - ok
11:55:35.0048 0x1758  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:55:35.0064 0x1758  RasPppoe - ok
11:55:35.0064 0x1758  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
11:55:35.0064 0x1758  RasSstp - ok
11:55:35.0079 0x1758  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:55:35.0079 0x1758  rdbss - ok
11:55:35.0079 0x1758  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
11:55:35.0079 0x1758  rdpbus - ok
11:55:35.0095 0x1758  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
11:55:35.0095 0x1758  RDPDR - ok
11:55:35.0095 0x1758  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:55:35.0095 0x1758  RdpVideoMiniport - ok
11:55:35.0110 0x1758  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
11:55:35.0110 0x1758  rdyboost - ok
11:55:35.0132 0x1758  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
11:55:35.0132 0x1758  ReFSv1 - ok
11:55:35.0148 0x1758  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:55:35.0163 0x1758  RemoteAccess - ok
11:55:35.0163 0x1758  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:55:35.0163 0x1758  RemoteRegistry - ok
11:55:35.0179 0x1758  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
11:55:35.0210 0x1758  RetailDemo - ok
11:55:35.0210 0x1758  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
11:55:35.0210 0x1758  RpcEptMapper - ok
11:55:35.0210 0x1758  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:55:35.0210 0x1758  RpcLocator - ok
11:55:35.0233 0x1758  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
11:55:35.0248 0x1758  RpcSs - ok
11:55:35.0248 0x1758  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
11:55:35.0248 0x1758  rspndr - ok
11:55:35.0264 0x1758  [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
11:55:35.0264 0x1758  rt640x64 - ok
11:55:35.0279 0x1758  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
11:55:35.0279 0x1758  s3cap - ok
11:55:35.0279 0x1758  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:55:35.0279 0x1758  SamSs - ok
11:55:35.0279 0x1758  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
11:55:35.0279 0x1758  sbp2port - ok
11:55:35.0295 0x1758  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
11:55:35.0295 0x1758  SCardSvr - ok
11:55:35.0311 0x1758  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
11:55:35.0311 0x1758  ScDeviceEnum - ok
11:55:35.0311 0x1758  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:55:35.0311 0x1758  scfilter - ok
11:55:35.0333 0x1758  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:55:35.0349 0x1758  Schedule - ok
11:55:35.0349 0x1758  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
11:55:35.0349 0x1758  SCPolicySvc - ok
11:55:35.0349 0x1758  [ 0447065A6E10774EFCECFDD0EB970A79, 384A9AC72E756F96D43EE4B144A466564476AFD8778092C979116BB29A514433 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
11:55:35.0364 0x1758  ScpVBus - ok
11:55:35.0364 0x1758  [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
11:55:35.0380 0x1758  sdbus - ok
11:55:35.0380 0x1758  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
11:55:35.0380 0x1758  SDRSVC - ok
11:55:35.0395 0x1758  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
11:55:35.0395 0x1758  sdstor - ok
11:55:35.0395 0x1758  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
11:55:35.0395 0x1758  seclogon - ok
11:55:35.0395 0x1758  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
11:55:35.0395 0x1758  SENS - ok
11:55:35.0431 0x1758  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
11:55:35.0449 0x1758  SensorDataService - ok
11:55:35.0449 0x1758  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
11:55:35.0465 0x1758  SensorService - ok
11:55:35.0465 0x1758  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
11:55:35.0465 0x1758  SensrSvc - ok
11:55:35.0465 0x1758  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
11:55:35.0480 0x1758  SerCx - ok
11:55:35.0480 0x1758  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
11:55:35.0480 0x1758  SerCx2 - ok
11:55:35.0480 0x1758  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
11:55:35.0480 0x1758  Serenum - ok
11:55:35.0496 0x1758  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
11:55:35.0496 0x1758  Serial - ok
11:55:35.0496 0x1758  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
11:55:35.0496 0x1758  sermouse - ok
11:55:35.0511 0x1758  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
11:55:35.0511 0x1758  SessionEnv - ok
11:55:35.0511 0x1758  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
11:55:35.0511 0x1758  sfloppy - ok
11:55:35.0532 0x1758  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:55:35.0533 0x1758  SharedAccess - ok
11:55:35.0549 0x1758  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:55:35.0549 0x1758  ShellHWDetection - ok
11:55:35.0549 0x1758  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:55:35.0564 0x1758  SiSRaid2 - ok
11:55:35.0564 0x1758  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
11:55:35.0564 0x1758  SiSRaid4 - ok
11:55:35.0564 0x1758  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:55:35.0580 0x1758  SkypeUpdate - ok
11:55:35.0580 0x1758  [ 7039ED63F198FD40E8B9E9C5065333F1, C62D318C0ACB74B871985ED095D0D45A63D55CC0DC761D154C2F59CC15DC850F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
11:55:35.0596 0x1758  SmbDrvI - ok
11:55:35.0596 0x1758  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
11:55:35.0596 0x1758  smphost - ok
11:55:35.0611 0x1758  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
11:55:35.0611 0x1758  SmsRouter - ok
11:55:35.0629 0x1758  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:55:35.0631 0x1758  SNMPTRAP - ok
11:55:35.0633 0x1758  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
11:55:35.0633 0x1758  spaceport - ok
11:55:35.0649 0x1758  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
11:55:35.0649 0x1758  SpbCx - ok
11:55:35.0665 0x1758  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
11:55:35.0680 0x1758  Spooler - ok
11:55:35.0765 0x1758  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
11:55:35.0855 0x1758  sppsvc - ok
11:55:35.0869 0x1758  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:55:35.0874 0x1758  srv - ok
11:55:35.0874 0x1758  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
11:55:35.0890 0x1758  srv2 - ok
11:55:35.0905 0x1758  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:55:35.0905 0x1758  srvnet - ok
11:55:35.0905 0x1758  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:55:35.0921 0x1758  SSDPSRV - ok
11:55:35.0921 0x1758  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
11:55:35.0921 0x1758  SstpSvc - ok
11:55:35.0974 0x1758  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
11:55:36.0005 0x1758  StateRepository - ok
11:55:36.0021 0x1758  [ 81433E112B6BD31B59519BA31EF927DB, DD1776E5729F22C58A4969132E0C105B0E48672ADC4E8FD958A8D5A627596BBA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:55:36.0237 0x1758  Steam Client Service - ok
11:55:36.0237 0x1758  [ 419226C42B9427BB7D04F05BBA9C7FC9, 4D6910C250C6A48D79CA3253CC4529E37C37C38876F91B62B2CF92C63EA68F39 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:55:36.0253 0x1758  Stereo Service - ok
11:55:36.0253 0x1758  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
11:55:36.0253 0x1758  stexstor - ok
11:55:36.0275 0x1758  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
11:55:36.0275 0x1758  stisvc - ok
11:55:36.0290 0x1758  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
11:55:36.0290 0x1758  storahci - ok
11:55:36.0290 0x1758  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
11:55:36.0290 0x1758  storflt - ok
11:55:36.0290 0x1758  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
11:55:36.0306 0x1758  stornvme - ok
11:55:36.0306 0x1758  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
11:55:36.0306 0x1758  storqosflt - ok
11:55:36.0322 0x1758  [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
11:55:36.0322 0x1758  StorSvc - ok
11:55:36.0322 0x1758  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
11:55:36.0337 0x1758  storufs - ok
11:55:36.0337 0x1758  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
11:55:36.0337 0x1758  storvsc - ok
11:55:36.0337 0x1758  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
11:55:36.0337 0x1758  svsvc - ok
11:55:36.0337 0x1758  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
11:55:36.0337 0x1758  swenum - ok
11:55:36.0353 0x1758  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
11:55:36.0368 0x1758  swprv - ok
11:55:36.0373 0x1758  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
11:55:36.0374 0x1758  Synth3dVsc - ok
11:55:36.0391 0x1758  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
11:55:36.0406 0x1758  SysMain - ok
11:55:36.0406 0x1758  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:55:36.0422 0x1758  SystemEventsBroker - ok
11:55:36.0422 0x1758  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:55:36.0422 0x1758  TabletInputService - ok
11:55:36.0437 0x1758  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:55:36.0437 0x1758  TapiSrv - ok
11:55:36.0475 0x1758  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
11:55:36.0506 0x1758  Tcpip - ok
11:55:36.0538 0x1758  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
11:55:36.0575 0x1758  Tcpip6 - ok
11:55:36.0575 0x1758  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
11:55:36.0575 0x1758  tcpipreg - ok
11:55:36.0575 0x1758  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
11:55:36.0591 0x1758  tdx - ok
11:55:36.0591 0x1758  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
11:55:36.0591 0x1758  terminpt - ok
11:55:36.0607 0x1758  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
11:55:36.0622 0x1758  TermService - ok
11:55:36.0622 0x1758  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
11:55:36.0622 0x1758  Themes - ok
11:55:36.0638 0x1758  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
11:55:36.0638 0x1758  TieringEngineService - ok
11:55:36.0654 0x1758  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
11:55:36.0654 0x1758  tiledatamodelsvc - ok
11:55:36.0671 0x1758  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
11:55:36.0674 0x1758  TimeBroker - ok
11:55:36.0676 0x1758  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
11:55:36.0676 0x1758  TPM - ok
11:55:36.0676 0x1758  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
11:55:36.0691 0x1758  TrkWks - ok
11:55:36.0691 0x1758  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:55:36.0691 0x1758  TrustedInstaller - ok
11:55:36.0691 0x1758  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
11:55:36.0691 0x1758  tsusbflt - ok
11:55:36.0707 0x1758  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:55:36.0707 0x1758  TsUsbGD - ok
11:55:36.0707 0x1758  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
11:55:36.0707 0x1758  tunnel - ok
11:55:36.0707 0x1758  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
11:55:36.0723 0x1758  tzautoupdate - ok
11:55:36.0723 0x1758  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
11:55:36.0723 0x1758  uagp35 - ok
11:55:36.0723 0x1758  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
11:55:36.0723 0x1758  UASPStor - ok
11:55:36.0723 0x1758  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
11:55:36.0738 0x1758  UcmCx0101 - ok
11:55:36.0738 0x1758  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
11:55:36.0738 0x1758  UcmUcsi - ok
11:55:36.0738 0x1758  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
11:55:36.0738 0x1758  Ucx01000 - ok
11:55:36.0754 0x1758  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
11:55:36.0754 0x1758  UdeCx - ok
11:55:36.0754 0x1758  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
11:55:36.0771 0x1758  udfs - ok
11:55:36.0775 0x1758  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
11:55:36.0775 0x1758  UEFI - ok
11:55:36.0775 0x1758  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:55:36.0775 0x1758  Ufx01000 - ok
11:55:36.0775 0x1758  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
11:55:36.0791 0x1758  UfxChipidea - ok
11:55:36.0791 0x1758  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
11:55:36.0791 0x1758  ufxsynopsys - ok
11:55:36.0791 0x1758  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
11:55:36.0807 0x1758  UI0Detect - ok
11:55:36.0807 0x1758  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
11:55:36.0807 0x1758  uliagpkx - ok
11:55:36.0807 0x1758  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
11:55:36.0807 0x1758  umbus - ok
11:55:36.0807 0x1758  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
11:55:36.0807 0x1758  UmPass - ok
11:55:36.0822 0x1d30  Object send P2P result: true
11:55:36.0822 0x1758  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
11:55:36.0822 0x1758  UmRdpService - ok
11:55:36.0838 0x1758  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
11:55:36.0853 0x1758  UnistoreSvc - ok
11:55:36.0876 0x1758  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:55:36.0891 0x1758  upnphost - ok
11:55:36.0891 0x1758  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
11:55:36.0891 0x1758  UrsChipidea - ok
11:55:36.0891 0x1758  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
11:55:36.0891 0x1758  UrsCx01000 - ok
11:55:36.0891 0x1758  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
11:55:36.0891 0x1758  UrsSynopsys - ok
11:55:36.0907 0x1758  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
11:55:36.0907 0x1758  usbaudio - ok
11:55:36.0907 0x1758  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
11:55:36.0907 0x1758  usbccgp - ok
11:55:36.0923 0x1758  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
11:55:36.0923 0x1758  usbcir - ok
11:55:36.0923 0x1758  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
11:55:36.0923 0x1758  usbehci - ok
11:55:36.0938 0x1758  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
11:55:36.0938 0x1758  usbhub - ok
11:55:36.0954 0x1758  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
11:55:36.0954 0x1758  USBHUB3 - ok
11:55:36.0973 0x1758  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
11:55:36.0974 0x1758  usbohci - ok
11:55:36.0976 0x1758  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
11:55:36.0976 0x1758  usbprint - ok
11:55:36.0976 0x1758  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
11:55:36.0976 0x1758  usbser - ok
11:55:36.0976 0x1758  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:55:36.0976 0x1758  USBSTOR - ok
11:55:36.0992 0x1758  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
11:55:36.0992 0x1758  usbuhci - ok
11:55:36.0992 0x1758  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
11:55:36.0992 0x1758  usbvideo - ok
11:55:37.0007 0x1758  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:55:37.0007 0x1758  USBXHCI - ok
11:55:37.0039 0x1758  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
11:55:37.0054 0x1758  UserDataSvc - ok
11:55:37.0076 0x1758  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
11:55:37.0092 0x1758  UserManager - ok
11:55:37.0092 0x1758  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
11:55:37.0107 0x1758  UsoSvc - ok
11:55:37.0107 0x1758  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
11:55:37.0107 0x1758  VaultSvc - ok
11:55:37.0107 0x1758  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
11:55:37.0107 0x1758  vdrvroot - ok
11:55:37.0123 0x1758  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
11:55:37.0139 0x1758  vds - ok
11:55:37.0139 0x1758  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
11:55:37.0139 0x1758  VerifierExt - ok
11:55:37.0154 0x1758  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
11:55:37.0175 0x1758  vhdmp - ok
11:55:37.0176 0x1758  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
11:55:37.0176 0x1758  vhf - ok
11:55:37.0176 0x1758  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
11:55:37.0176 0x1758  vmbus - ok
11:55:37.0176 0x1758  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
11:55:37.0176 0x1758  VMBusHID - ok
11:55:37.0192 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
11:55:37.0208 0x1758  vmicguestinterface - ok
11:55:37.0208 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
11:55:37.0223 0x1758  vmicheartbeat - ok
11:55:37.0223 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:55:37.0239 0x1758  vmickvpexchange - ok
11:55:37.0239 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
11:55:37.0254 0x1758  vmicrdv - ok
11:55:37.0254 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
11:55:37.0273 0x1758  vmicshutdown - ok
11:55:37.0276 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
11:55:37.0276 0x1758  vmictimesync - ok
11:55:37.0292 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
11:55:37.0292 0x1758  vmicvmsession - ok
11:55:37.0308 0x1758  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
11:55:37.0308 0x1758  vmicvss - ok
11:55:37.0323 0x1758  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
11:55:37.0323 0x1758  volmgr - ok
11:55:37.0323 0x1758  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
11:55:37.0323 0x1758  volmgrx - ok
11:55:37.0339 0x1758  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
11:55:37.0339 0x1758  volsnap - ok
11:55:37.0355 0x1758  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
11:55:37.0355 0x1758  vpci - ok
11:55:37.0355 0x1758  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
11:55:37.0355 0x1758  vsmraid - ok
11:55:37.0377 0x1758  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
11:55:37.0408 0x1758  VSS - ok
11:55:37.0408 0x1758  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
11:55:37.0424 0x1758  VSTXRAID - ok
11:55:37.0424 0x1758  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
11:55:37.0424 0x1758  vwifibus - ok
11:55:37.0424 0x1758  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
11:55:37.0424 0x1758  vwififlt - ok
11:55:37.0424 0x1758  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
11:55:37.0440 0x1758  vwifimp - ok
11:55:37.0440 0x1758  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
11:55:37.0455 0x1758  W32Time - ok
11:55:37.0455 0x1758  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
11:55:37.0455 0x1758  WacomPen - ok
11:55:37.0473 0x1758  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
11:55:37.0477 0x1758  WalletService - ok
11:55:37.0477 0x1758  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:55:37.0477 0x1758  wanarp - ok
11:55:37.0477 0x1758  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:55:37.0492 0x1758  wanarpv6 - ok
11:55:37.0508 0x1758  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
11:55:37.0539 0x1758  wbengine - ok
11:55:37.0555 0x1758  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
11:55:37.0555 0x1758  WbioSrvc - ok
11:55:37.0577 0x1758  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
11:55:37.0577 0x1758  Wcmsvc - ok
11:55:37.0593 0x1758  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
11:55:37.0593 0x1758  wcncsvc - ok
11:55:37.0609 0x1758  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:55:37.0609 0x1758  WcsPlugInService - ok
11:55:37.0609 0x1758  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
11:55:37.0609 0x1758  WdBoot - ok
11:55:37.0624 0x1758  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
11:55:37.0640 0x1758  Wdf01000 - ok
11:55:37.0640 0x1758  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
11:55:37.0640 0x1758  WdFilter - ok
11:55:37.0655 0x1758  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
11:55:37.0655 0x1758  WdiServiceHost - ok
11:55:37.0655 0x1758  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
11:55:37.0655 0x1758  WdiSystemHost - ok
11:55:37.0678 0x1758  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
11:55:37.0678 0x1758  wdiwifi - ok
11:55:37.0693 0x1758  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
11:55:37.0693 0x1758  WdNisDrv - ok
11:55:37.0693 0x1758  WdNisSvc - ok
11:55:37.0693 0x1758  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:55:37.0709 0x1758  WebClient - ok
11:55:37.0709 0x1758  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
11:55:37.0709 0x1758  Wecsvc - ok
11:55:37.0709 0x1758  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
11:55:37.0724 0x1758  WEPHOSTSVC - ok
11:55:37.0724 0x1758  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
11:55:37.0724 0x1758  wercplsupport - ok
11:55:37.0724 0x1758  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
11:55:37.0740 0x1758  WerSvc - ok
11:55:37.0740 0x1758  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
11:55:37.0740 0x1758  WFPLWFS - ok
11:55:37.0740 0x1758  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
11:55:37.0756 0x1758  WiaRpc - ok
11:55:37.0756 0x1758  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
11:55:37.0756 0x1758  WIMMount - ok
11:55:37.0756 0x1758  WinDefend - ok
11:55:37.0756 0x1758  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
11:55:37.0756 0x1758  WindowsTrustedRT - ok
11:55:37.0772 0x1758  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
11:55:37.0773 0x1758  WindowsTrustedRTProxy - ok
11:55:37.0777 0x1758  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:55:37.0793 0x1758  WinHttpAutoProxySvc - ok
11:55:37.0793 0x1758  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
11:55:37.0793 0x1758  WinMad - ok
11:55:37.0808 0x1758  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:55:37.0808 0x1758  Winmgmt - ok
11:55:37.0840 0x1758  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:55:37.0893 0x1758  WinRM - ok
11:55:37.0893 0x1758  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
11:55:37.0893 0x1758  WINUSB - ok
11:55:37.0893 0x1758  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
11:55:37.0909 0x1758  WinVerbs - ok
11:55:37.0940 0x1758  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
11:55:37.0978 0x1758  WlanSvc - ok
11:55:38.0009 0x1758  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
11:55:38.0040 0x1758  wlidsvc - ok
11:55:38.0040 0x1758  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
11:55:38.0040 0x1758  WmiAcpi - ok
11:55:38.0040 0x1758  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:55:38.0040 0x1758  wmiApSrv - ok
11:55:38.0056 0x1758  WMPNetworkSvc - ok
11:55:38.0056 0x1758  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:55:38.0056 0x1758  Wof - ok
11:55:38.0078 0x1c90  Object send P2P result: true
11:55:38.0094 0x1758  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
11:55:38.0125 0x1758  workfolderssvc - ok
11:55:38.0125 0x1758  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:55:38.0125 0x1758  wpcfltr - ok
11:55:38.0125 0x1758  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
11:55:38.0125 0x1758  WPDBusEnum - ok
11:55:38.0140 0x1758  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:55:38.0140 0x1758  WpdUpFltr - ok
11:55:38.0140 0x1758  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
11:55:38.0140 0x1758  WpnService - ok
11:55:38.0140 0x1758  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:55:38.0140 0x1758  ws2ifsl - ok
11:55:38.0156 0x1758  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:55:38.0156 0x1758  wscsvc - ok
11:55:38.0156 0x1758  WSearch - ok
11:55:38.0209 0x1758  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
11:55:38.0256 0x1758  WSService - ok
11:55:38.0294 0x1758  [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
11:55:38.0310 0x1758  wuauserv - ok
11:55:38.0325 0x1758  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
11:55:38.0325 0x1758  WudfPf - ok
11:55:38.0325 0x1758  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
11:55:38.0341 0x1758  WUDFRd - ok
11:55:38.0341 0x1758  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
11:55:38.0341 0x1758  wudfsvc - ok
11:55:38.0356 0x1758  [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
11:55:38.0378 0x1758  WwanSvc - ok
11:55:38.0394 0x1758  [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
11:55:38.0410 0x1758  XblAuthManager - ok
11:55:38.0441 0x1758  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
11:55:38.0456 0x1758  XblGameSave - ok
11:55:38.0456 0x1758  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
11:55:38.0475 0x1758  xboxgip - ok
11:55:38.0478 0x1758  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
11:55:38.0509 0x1758  XboxNetApiSvc - ok
11:55:38.0509 0x1758  [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
11:55:38.0509 0x1758  xinputhid - ok
11:55:38.0509 0x1758  [ DCF1C283860C3CAB0BF0A71528A0136C, DFC44E5337A8B37C54CA57D53F74E41BE2C0495AF2A566FE1E9A37C045BF4C84 ] XtuAcpiDriver   C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
11:55:38.0509 0x1758  XtuAcpiDriver - ok
11:55:38.0509 0x1758  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\WINDOWS\System32\drivers\xusb21.sys
11:55:38.0525 0x1758  xusb21 - ok
11:55:38.0525 0x1758  [ 47E1337B1538390895E035DFF91E0FD1, FC47D47607B8027067C14EBF106B40569C09375F9482570053BD189D56E9BD2E ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
11:55:38.0525 0x1758  xusb22 - ok
11:55:38.0525 0x1758  ================ Scan global ===============================
11:55:38.0525 0x1758  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
11:55:38.0541 0x1758  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
11:55:38.0541 0x1758  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
11:55:38.0556 0x1758  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
11:55:38.0556 0x1758  [ Global ] - ok
11:55:38.0556 0x1758  ================ Scan MBR ==================================
11:55:38.0556 0x1758  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:55:38.0594 0x1758  \Device\Harddisk0\DR0 - ok
11:55:38.0594 0x1758  ================ Scan VBR ==================================
11:55:38.0594 0x1758  [ F05E659AC35A5833563DF26CFAAAB2E9 ] \Device\Harddisk0\DR0\Partition1
11:55:38.0594 0x1758  \Device\Harddisk0\DR0\Partition1 - ok
11:55:38.0594 0x1758  [ 86FEF24EEDCC56D8465D155FAEF55302 ] \Device\Harddisk0\DR0\Partition2
11:55:38.0594 0x1758  \Device\Harddisk0\DR0\Partition2 - ok
11:55:38.0594 0x1758  ================ Scan generic autorun ======================
11:55:38.0795 0x1758  [ E82EEBC75E9DD5394E59DC08A2A3E1FB, C5E5ABDEF4130B9281BEC8F9387EC91EAB25166302BF5893D8CFB065753048FC ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:55:38.0958 0x1758  RTHDVCPL - ok
11:55:38.0974 0x1758  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
11:55:38.0976 0x1758  Logitech Download Assistant - ok
11:55:38.0979 0x1758  [ C9900177A954E22C84A696075A40A173, 33E32173FF811DF1B687916CB3CADAE2907DAF5AC4B80F559039D3B61553C48F ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
11:55:38.0980 0x1758  IAStorIcon - ok
11:55:39.0011 0x1758  [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:55:39.0042 0x1758  NvBackend - ok
11:55:39.0058 0x1758  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
11:55:39.0058 0x1758  ShadowPlay - ok
11:55:39.0058 0x1758  [ 163E43BC69AE78F468024EC2133C94A8, 782C79FA3A841FDC4F549A212E07C3B8397E1FBEE44833C0662FC7E43EA24997 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:55:39.0078 0x1758  SunJavaUpdateSched - ok
11:55:39.0196 0x1758  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:55:39.0296 0x1758  OneDriveSetup - ok
11:55:39.0343 0x07bc  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
11:55:39.0412 0x1758  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:55:39.0513 0x1758  OneDriveSetup - ok
11:55:39.0628 0x1758  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:55:39.0722 0x1758  OneDriveSetup - ok
11:55:39.0729 0x1758  Skype - ok
11:55:39.0739 0x1758  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:55:39.0741 0x1758  WAB Migrate - ok
11:55:39.0741 0x1758  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe
11:55:39.0757 0x1758  Google Update - ok
11:55:39.0804 0x1758  [ A4581BBD3D19EC95C8F927170BC18E36, A87BC6CA6C148DF985280584BB6BAE2F7BF9F5B503DB6C019F8E4350BB6BED1E ] C:\Program Files (x86)\Steam\steam.exe
11:55:39.0841 0x1758  Steam - ok
11:55:39.0842 0x1758  Skype - ok
11:55:39.0842 0x1758  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Dee\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:55:39.0858 0x1758  OneDrive - ok
11:55:39.0858 0x1758  Waiting for KSN requests completion. In queue: 397
11:55:40.0872 0x1758  Waiting for KSN requests completion. In queue: 397
11:55:41.0872 0x1758  Waiting for KSN requests completion. In queue: 397
11:55:42.0191 0x1a74  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
11:55:42.0877 0x1758  Waiting for KSN requests completion. In queue: 371
11:55:43.0886 0x1758  Waiting for KSN requests completion. In queue: 371
11:55:44.0887 0x1758  Waiting for KSN requests completion. In queue: 371
11:55:44.0962 0x07bc  Object send P2P result: true
11:55:44.0962 0x07bc  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
11:55:45.0899 0x1758  Waiting for KSN requests completion. In queue: 370
11:55:46.0900 0x1758  Waiting for KSN requests completion. In queue: 370
11:55:47.0821 0x1a74  Object send P2P result: true
11:55:47.0900 0x1758  Waiting for KSN requests completion. In queue: 293
11:55:48.0900 0x1758  Waiting for KSN requests completion. In queue: 293
11:55:49.0901 0x1758  Waiting for KSN requests completion. In queue: 293
11:55:50.0616 0x07bc  Object send P2P result: true
11:55:50.0616 0x07bc  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
11:55:50.0904 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:51.0916 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:52.0918 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:53.0918 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:54.0919 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:55.0931 0x1758  Waiting for KSN requests completion. In queue: 217
11:55:56.0251 0x07bc  Object send P2P result: true
11:55:56.0251 0x07bc  Object required for P2P: [ 597C022F2A7E5D31ED3BAD18C75D5552 ] nvlddmkm
11:55:56.0939 0x1758  Waiting for KSN requests completion. In queue: 169
11:55:57.0952 0x1758  Waiting for KSN requests completion. In queue: 169
11:55:58.0968 0x1758  Waiting for KSN requests completion. In queue: 169
11:55:59.0968 0x1758  Waiting for KSN requests completion. In queue: 169
11:56:00.0969 0x1758  Waiting for KSN requests completion. In queue: 169
11:56:01.0968 0x07bc  Object send P2P result: true
11:56:01.0968 0x07bc  Object required for P2P: [ 38885AE14957B271496CD7DA19CF2697 ] nvsvc
11:56:01.0984 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:02.0985 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:03.0986 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:04.0986 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:05.0986 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:06.0991 0x1758  Waiting for KSN requests completion. In queue: 162
11:56:07.0588 0x07bc  Object send P2P result: true
11:56:07.0588 0x07bc  Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
11:56:08.0004 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:09.0005 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:10.0021 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:11.0021 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:12.0022 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:13.0022 0x1758  Waiting for KSN requests completion. In queue: 113
11:56:13.0238 0x07bc  Object send P2P result: true
11:56:13.0238 0x07bc  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
11:56:14.0023 0x1758  Waiting for KSN requests completion. In queue: 74
11:56:15.0035 0x1758  Waiting for KSN requests completion. In queue: 74
11:56:16.0050 0x1758  Waiting for KSN requests completion. In queue: 74
11:56:17.0051 0x1758  Waiting for KSN requests completion. In queue: 74
11:56:18.0063 0x1758  Waiting for KSN requests completion. In queue: 74
11:56:18.0888 0x07bc  Object send P2P result: true
11:56:18.0888 0x07bc  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
11:56:19.0069 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:20.0084 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:21.0099 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:22.0115 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:23.0116 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:24.0117 0x1758  Waiting for KSN requests completion. In queue: 52
11:56:24.0517 0x07bc  Object send P2P result: true
11:56:25.0118 0x1758  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
11:56:25.0118 0x1758  Win FW state via NFP2: enabled ( trusted )
11:56:27.0590 0x1758  ============================================================
11:56:27.0590 0x1758  Scan finished
11:56:27.0590 0x1758  ============================================================
11:56:27.0590 0x1dd8  Detected object count: 0
11:56:27.0590 0x1dd8  Actual detected object count: 0
11:57:31.0501 0x1498  Deinitialize success
 



#7 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 11:34 AM

I have done everything step by step.I do not see any zoek-results.txt. I did run it but i do not see the txt file. It found nothing. no threats. My PC still makes that sound and i still have that (name not available) in sound mixer.



#8 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 11:48 AM

found it

 

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Dee on 2016-03-17 at 11:33:54.72.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dee\Desktop\zoek.exe [Scan all users]   [Deep Scan] [Auto Clean]

==== System Restore Info ======================

2016-03-17 11:34:42 AM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\NCSOFT deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\SystemRequirementsLab deleted successfully
C:\Program Files\locales deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\entropia universe deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\Dee\AppData\LocalGoogle deleted successfully
C:\Users\Dee\AppData\Local\ActiveSync deleted successfully
C:\Users\Dee\AppData\Local\Adobe deleted successfully
C:\Users\Dee\AppData\Local\Colossal Order deleted successfully
C:\Users\Dee\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Dee\AppData\Local\EmieSiteList deleted successfully
C:\Users\Dee\AppData\Local\EmieUserList deleted successfully
C:\Users\Dee\AppData\Local\NetworkTiles deleted successfully
C:\Users\Dee\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3311186725-2389629427-1582189158-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF1FF83-D72B-46DC-AC26-DEE8D1BD8B3F} deleted successfully
HKEY_USERS\S-1-5-21-3311186725-2389629427-1582189158-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Dee\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\Dee\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\NCSOFT not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\SystemRequirementsLab not found
C:\Users\Dee\AppData\Local\NCSOFT deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Dee\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\Users\Dee\AppData\Roaming\Albion" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8087 MB
CPU Info: Intel® Core™ i5-4460  CPU @ 3.20GHz
CPU Speed: 3286.1 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GTX 960 | NVIDIA GeForce GTX 960 | NVIDIA GeForce GTX 960 | NVIDIA GeForce GTX 960 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600
Monitors: 1x; S220HQL |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller | Microsoft Wi-Fi Direct Virtual Adapter
CD / DVD Drives: 1x (D: | ) D: ASUS    DRW-24F1ST   b
Ports: COM1 LPT1
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  222.8GB
Hard Disks - Free: C:  75.4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 07/04/14 | ALASKA - 1072009
Time Zone: Eastern Standard Time
Motherboard *: Gigabyte Technology Co., Ltd. B85-HD3
Country: Canada
Language: ENC

==== System Specs (Software) ======================

Default Browser: Firefox    44.0.2
Internet Explorer Version: 11.162.10586.0
Mozilla Firefox version: 44.0.2 (x86 en-US)
Sun Java version: 1.8.0_73 (32-bit)
Sun Java version: 1.8.0_73 (64-bit)
Flash Player version: 20.0.0.306

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-03-06 21:23:31    95D730526EF81792CD6848D8D10FAA1C    4502352    ----a-w-    C:\WINDOWS\explorer.exe
2016-03-06 18:26:40    A5CEEEDC622E13F919DA953CB73A99B4    67584    --s-a-w-    C:\WINDOWS\bootstat.dat
2016-03-06 18:16:43    70757BB715401D58378CEFA1164902C8    13338    ----a-w-    C:\WINDOWS\diagwrn.xml
2016-03-06 18:16:43    70757BB715401D58378CEFA1164902C8    13338    ----a-w-    C:\WINDOWS\diagerr.xml
====== C:\Users\Dee\AppData\Local\Temp ====
====== Java Cache =====
2016-02-22 23:21:47    A8E4910619B28E63A2F9A8D65418A6A9    120209    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\46224568-17490ed4
2016-02-22 23:21:45    378B4862211DFB2408C6DE1E76A08277    783    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\3f7a73aa-3c0d4540
2016-02-22 23:21:45    3F263729ECEABD343B632BDC63B7FF88    85    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\3f7a73aa-b13ec2d02a863470872cd5bac7e2932ebbfea7b7143e1316c7835825d10806c3-6.0.lap
2016-02-22 23:21:45    FF4104505AA65254EC05C19A5E8BD900    36654    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\46d79770-3d8017f5
2016-02-22 23:21:46    4D4EA3CD6F578FAD6B817AF88054380E    64376    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\46d79770-3d8017f5-n\dsonative.dll
2016-02-22 23:21:46    4777D5213A2451A36EAD087EB9D22C9F    165809    ----a-w-    C:\Users\Dee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7a7e7389-644a3314
====== C:\WINDOWS\SysWOW64 =====
2016-03-10 15:29:24    B1D33F6072B9D07AEEDE58B807A483E8    110016    ----a-w-    C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-10 15:29:20    9D33E598C94B522D780B8023F9F5A207    42264    ----a-w-    C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-10 15:29:20    7B3AAC6D2DB9AAB0D1BD0CB753E4AF4D    125720    ----a-w-    C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-10 15:28:13    EBC45872209D47E6E05F688F18705DDD    17325400    ----a-w-    C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-10 15:28:13    DDE3586EFCC769980180895542AE554F    2257344    ----a-w-    C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-10 15:28:13    C9358DD99636BBB1EB85AD9B70C6D766    37609528    ----a-w-    C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-10 15:28:13    A39F915DA98F560B072D70C446E049F1    8657936    ----a-w-    C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-03-10 15:28:13    991B0F9EB8E4A1B5C9FCE34F272FF022    692160    ----a-w-    C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-10 15:28:13    969452658C3C3F4A3921C46FDD6F3182    139    ----a-w-    C:\WINDOWS\SysWOW64\nv-vk32.json
2016-03-10 15:28:13    929203AC324D8E27C88BDB434205DBF7    571912    ----a-w-    C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-03-10 15:28:13    90C6D2EDB25ECBCB5E10AC8A1E3053B7    17732960    ----a-w-    C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-10 15:28:13    8D284AAF74889B40E191C68A0B423FFA    448824    ----a-w-    C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-10 15:28:13    8A039032F027C8B41A953396242210AB    18906048    ----a-w-    C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-10 15:28:13    7404661E4AD7457116571FBE182CB791    346560    ----a-w-    C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-10 15:28:13    6604CF93DE240AB4AD109350A7E32130    377792    ----a-w-    C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-10 15:28:13    627D28E833B41A3677DAB5C8CD0D76DE    153208    ----a-w-    C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-10 15:28:13    5510B7FE51EA0428EA68EF0411D2C4D2    632152    ----a-w-    C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-10 15:28:13    3DE6789756A979E9383ACE973AC19E2B    17320280    ----a-w-    C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-10 15:28:13    3B4BC2FBBF261D39846A3F4672C654CA    750016    ----a-w-    C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-10 15:28:13    29F721F739BB88AE78E9509B3CD82C76    630592    ----a-w-    C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-03-10 15:28:13    19B7CD0203BB7EF93E71715D077D6B91    128696    ----a-w-    C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-10 15:28:13    09138E18B1BCAB8CBDCF5A412A9D9CDF    317656    ----a-w-    C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-09 14:51:43    00CE414BA74B576960B559C8C2674106    19339776    ----a-w-    C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 14:51:42    D641F5B6C115C334FD990827979028F3    18677760    ----a-w-    C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 14:51:39    780795062541AF34415CCCE4072FBBB8    12586496    ----a-w-    C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 14:51:38    C97B5BEADC79FFC5DAF1C9011CAE796B    5242496    ----a-w-    C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 14:51:38    AA20E6BCDC5A617F4333EE5EEE3CC79E    5661696    ----a-w-    C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 14:51:38    05B81C404A34101E1DC17C0D9A67EA32    5321728    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 14:51:36    2BECAD7E55AB723F361254477270ED2F    1707520    ----a-w-    C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 14:51:35    2D0C2AB110A51895D9D1E875201013DE    1557768    ----a-w-    C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 14:51:34    C012CE3AB0120D01C75EDBB869AC463E    523752    ----a-w-    C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 14:51:34    A8EF9AEDACF24908E12E910BF3977DC9    703840    ----a-w-    C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 14:51:34    4B9DE8EAA2E16C34E018749F325BAEFF    949248    ----a-w-    C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 14:51:33    EB5DBA11B7C79B28A759AF12F03A17BB    769536    ----a-w-    C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 14:51:33    DB6C9645A16676FDE0D730CB05D8F6E1    1443328    ----a-w-    C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 14:51:33    CA57FE09C1255009C9AC1462B7D7264D    957608    ----a-w-    C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 14:51:33    B073C14F8B76DF8652415488C22F10A1    670928    ----a-w-    C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 14:51:33    AD1B282BDE4A19D7CE2D405409DBB8D0    1497088    ----a-w-    C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 14:51:33    952D6065F133D9525B399E6274CFE027    793600    ----a-w-    C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 14:51:33    620737C11CD32E03299E0B60BC896230    552960    ----a-w-    C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 14:51:32    EC21FC40C74206DAB19F1A8F9132EFAB    890368    ----a-w-    C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 14:51:32    9B60985A87BA2FED9F57DA30F191098E    315904    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 14:51:32    38EE252AD45EB7D6834F718B9487D3F9    538736    ----a-w-    C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 14:51:31    D1817C1F148C21EC4403186D731DF042    540752    ----a-w-    C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 14:51:31    C406A5FDC8A1ECF2A9632F302B7D0EC3    294752    ----a-w-    C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 14:51:31    856AD15FD2D187EA8435564A135C85C0    228352    ----a-w-    C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 14:51:31    65D0043F608A12AF75ED37A65AFB906B    342528    ----a-w-    C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 14:51:30    AC42505CBCEE5825BB2695C34E43B1D0    184832    ----a-w-    C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 14:51:30    A34EDEA5F401143A0190642EABA28518    709688    ----a-w-    C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 14:51:30    4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB    220064    ----a-w-    C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 14:51:30    395F9E50709FAE503C339047207E46CF    540160    ----a-w-    C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 14:51:29    DD73501C379ABF585DC7CC1765BE8E2E    303104    ----a-w-    C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 14:51:29    5A212173FC0622865F409B16ED77C9DF    98304    ----a-w-    C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 14:51:29    4591BC3EC5FD8336642F8B94EABD4D4F    187744    ----a-w-    C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 14:51:29    160CC95D34D62B6A72F9E4E3EE52EBCC    369664    ----a-w-    C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 14:51:28    56315A6A6598E701BB0A5F506DA6143E    200704    ----a-w-    C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 14:51:28    2C84609F09FD003FA955567D395EEA8A    575488    ----a-w-    C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 14:51:26    B315EB17077EF082A79922D4EA47DBF4    163328    ----a-w-    C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 14:51:26    3547D79A60007624BFEBAFCAE158E992    169984    ----a-w-    C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 14:51:23    8CE4D365EF60DA0A098757371DD43752    88576    ----a-w-    C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 14:51:23    05B15BD9C92BE52F35A2295B22C5D892    168448    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 14:51:22    97E96ABEBCB6CF556406781C47C5282A    78848    ----a-w-    C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 14:51:22    7A2A3BAAA05C8124D95B2915E904F900    141664    ----a-w-    C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 14:51:22    43AE8C9F7D031AB3DBEADA4C17D8C682    150528    ----a-w-    C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 14:51:22    15E75D27F0C67A7A21D5A514601F0E5A    135168    ----a-w-    C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 14:51:21    3B1F2F6F89F3F4ED75C5FADDB2E7CFE1    56320    ----a-w-    C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 14:51:21    259517866C369BCC5990292BCB57E709    223744    ----a-w-    C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 14:51:20    E34395496B11CF5C8C5B6D2E438BFA43    18944    ----a-w-    C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 14:51:20    242708810A22D373904539EDF39FFAD1    196608    ----a-w-    C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 14:51:19    CA2EA5401563387162E61444AE15AF59    53248    ----a-w-    C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 14:51:19    93B7ED5F44D9C3FB0A74C059E1B9E68B    89088    ----a-w-    C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 14:51:19    75B5C1588D3703F44004D3EB2BD358AD    129024    ----a-w-    C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 14:51:19    39E7BAB659A6AB4419A908E578BE7029    56320    ----a-w-    C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 14:51:19    1AEBF2230422716D8CE1BEBCBAE961D3    48128    ----a-w-    C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 14:51:18    392434472351B2DA0499AEC962E988CE    37888    ----a-w-    C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 14:51:18    31657EDEEA6039E71C708BDA61AB62D5    37888    ----a-w-    C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 14:51:17    EBD26D676238C0B3938AFF925043576F    394752    ----a-w-    C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 14:51:17    9DEB4C56FAAB147839BF68B6C28A38FC    164864    ----a-w-    C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 14:51:17    978D6640C869D7FA4FCDD877E4A5C2C7    93696    ----a-w-    C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 14:51:17    7734BD0E9C8ED7DC48F559A67D0A79F4    20480    ----a-w-    C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 14:51:17    6FA3485DB4DE58EE9E73597CAC493AB4    37376    ----a-w-    C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-06 21:25:31    54CFBC46B064972BB4334788DC743B49    36746    ----a-w-    C:\WINDOWS\SysWOW64\license.rtf
2016-03-06 21:23:36    EF3D963CD01DBBBAA7394BB1A638A1BB    116728    ----a-w-    C:\WINDOWS\SysWOW64\mfps.dll
2016-03-06 21:23:36    E3C2853C8F2EED113646F07D62D08C9E    503296    ----a-w-    C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-06 21:23:36    D0693220928997E1DD513B261AF86308    454056    ----a-w-    C:\WINDOWS\SysWOW64\AudioEng.dll
2016-03-06 21:23:36    C8F351BE29CEA63BC5EE5A175576B7F3    1105920    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-06 21:23:36    C8892F76C2D15CB1175E3F7A04D07904    890880    ----a-w-    C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-03-06 21:23:36    C86784A6F08E733BE19D62C82182FA7D    266752    ----a-w-    C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-06 21:23:36    C85501FE7EFD33E06A877B8786F396B6    462760    ----a-w-    C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-03-06 21:23:36    C117F577BB0CC6545EA181FBB3FACE99    980352    ----a-w-    C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-06 21:23:36    B65549A1CDB2C827AD022A3F35994FCF    2180136    ----a-w-    C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-06 21:23:36    B13BE7A31C732B5773FDF51FB140B614    334336    ----a-w-    C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-03-06 21:23:36    AF209F751EB761084CEFE2CF10E1CE8D    895080    ----a-w-    C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-06 21:23:36    A7583A49B0F4A91E5B2E154C3582DF82    420928    ----a-w-    C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-06 21:23:36    A60B02C7D70EEBF8E362BA5C06339177    366224    ----a-w-    C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-03-06 21:23:36    A4CC1E8330E839AA619978E61AEEEAC4    73360    ----a-w-    C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-03-06 21:23:36    A19A2DDCC69FF16B5FB68AD4F02B564A    480256    ----a-w-    C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-06 21:23:36    9ACCC0C1786391EF1FD1FAF12AE22801    340480    ----a-w-    C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-03-06 21:23:36    964DE3052B6A869EFBC86930DD51E8BD    379392    ----a-w-    C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-06 21:23:36    8C2E49ACD2A820A3FA7C598B811F3803    450912    ----a-w-    C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-06 21:23:36    888D41F5EFD6995491326C0DEEA2124A    713824    ----a-w-    C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-06 21:23:36    86128937B83E51BF543CBCB854AE4FFC    405568    ----a-w-    C:\WINDOWS\SysWOW64\AudioSes.dll
2016-03-06 21:23:36    7BA4B67BDA4222B55FA700E31B63F32D    208176    ----a-w-    C:\WINDOWS\SysWOW64\mftranscode.dll
2016-03-06 21:23:36    75F7D82383D8CF10D5999874993A2EF5    27136    ----a-w-    C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-03-06 21:23:36    6D151B11358362786C45F1A4A21576FA    925064    ----a-w-    C:\WINDOWS\SysWOW64\mfplat.dll
2016-03-06 21:23:36    5D676C1C350EA4976B888804444932CE    2061312    ----a-w-    C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-06 21:23:36    51B550A0FBFA6E04F8595ED0BD99C202    100160    ----a-w-    C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-03-06 21:23:36    49CF99392314B7CAD65DE8A05ABFE30D    882720    ----a-w-    C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-06 21:23:36    463DA1563BB9C1849527967BA80C1810    287712    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-06 21:23:36    44CBF47585584D74C3D0C2320031E539    569856    ----a-w-    C:\WINDOWS\SysWOW64\qdvd.dll
2016-03-06 21:23:36    2EECE39CDFFF244B2489FD8ACDC14D7A    517632    ----a-w-    C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-03-06 21:23:36    2AF0E5217FE677C29669E0243F28D64F    70656    ----a-w-    C:\WINDOWS\SysWOW64\AppCapture.dll
2016-03-06 21:23:36    29EF8EC898FE21680DB5FB15DB513EC8    235008    ----a-w-    C:\WINDOWS\SysWOW64\ksproxy.ax
2016-03-06 21:23:36    2003BE1653553FBC9D809BA40AEE4D68    1542656    ----a-w-    C:\WINDOWS\SysWOW64\quartz.dll
2016-03-06 21:23:36    1F7C4CBC0C5788E3E91C08A3D32F7BB9    1118208    ----a-w-    C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-03-06 21:23:36    1F48933EFAB68EDD3B456C78E17B89CE    871936    ----a-w-    C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-03-06 21:23:36    132209E26098FCDDEC023B460E68EBEB    1070080    ----a-w-    C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-03-06 21:23:36    0C39C1CC2ABC5D88D586EA0D86E79EEE    2793472    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-06 21:23:36    0B7C5790893F3650162BED4BEA35D9A6    695752    ----a-w-    C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-03-06 21:23:36    0A8409C137B580A3EEB80E33649044F3    701384    ----a-w-    C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-03-06 21:23:33    F2061A1835E8844637168800292309BF    84832    ----a-w-    C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-06 21:23:33    E83DA16178E4E97B572900803183419D    1542816    ----a-w-    C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-06 21:23:33    DDC479FA1A36285BFC1EF25B547403C3    273408    ----a-w-    C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-03-06 21:23:33    B44BC5CC78CF476028D1939A7712BD93    652312    ----a-w-    C:\WINDOWS\SysWOW64\evr.dll
2016-03-06 21:23:33    8BD7A79F9A8FF011B89A61C8AC796988    502112    ----a-w-    C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-06 21:23:33    8A26A15B852AF385469AD62865CCAE7F    2050048    ----a-w-    C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-06 21:23:33    7BB6C35792323E4761AC6624E2D42397    12125696    ----a-w-    C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-06 21:23:33    5814754D92DBD471D5AB7437B20EE3F0    687616    ----a-w-    C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-06 21:23:33    550ECFF3C3808065169BFEA6C2B7837C    400896    ----a-w-    C:\WINDOWS\SysWOW64\winspool.drv
2016-03-06 21:23:33    3A280280AEA583EAB0375C330F7A6CE9    335872    ----a-w-    C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-06 21:23:33    22269B90E92BECDEB3D67EBE1DDB378E    3666432    ----a-w-    C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-06 21:23:33    192B579E14C116D2B742FEBE85A4D3C1    2756096    ----a-w-    C:\WINDOWS\SysWOW64\mshtml.tlb
2016-03-06 21:23:33    162CB5DE3BAB5A029E658180A2E0673A    2919320    ----a-w-    C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-06 21:23:33    110A45F765495043CB8ED918FEFD8D90    572928    ----a-w-    C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-03-06 21:23:33    0FA8D61A4D4F56063113F9DA4E18848B    289248    ----a-w-    C:\WINDOWS\SysWOW64\MFPlay.dll
2016-03-06 21:23:31    FCBCED2A237DCD7EF86CED551B731742    4064320    ----a-w-    C:\WINDOWS\SysWOW64\explorer.exe
2016-03-06 21:23:31    FABAF2C5E74BA9ADC07D28BB03F5C32A    349696    ----a-w-    C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-06 21:23:31    FAA5A3DE34FD44C220691C4527E88453    157696    ----a-w-    C:\WINDOWS\SysWOW64\SimCfg.dll
2016-03-06 21:23:31    F7F4D3C8F419097D5219C80B811978A9    203264    ----a-w-    C:\WINDOWS\SysWOW64\iassam.dll
2016-03-06 21:23:31    F7169F42A954DEAD789529859921BD36    81112    ----a-w-    C:\WINDOWS\SysWOW64\OpenWith.exe
2016-03-06 21:23:31    F40196C743D54C56C7C2CCDD6FDE262E    572272    ----a-w-    C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-06 21:23:31    DBE39E4BDCC3D8F49A2B0277652120D0    41984    ----a-w-    C:\WINDOWS\SysWOW64\pcaui.exe
2016-03-06 21:23:31    D213E29D66D7182AF58CB525EFC2F409    421888    ----a-w-    C:\WINDOWS\SysWOW64\LogonController.dll
2016-03-06 21:23:31    CF17C8CA575EC10ACDE1671CDED01B73    17408    ----a-w-    C:\WINDOWS\SysWOW64\rasautou.exe
2016-03-06 21:23:31    AD18802933E2F0BD9FDE02FF35D8AEC3    118272    ----a-w-    C:\WINDOWS\SysWOW64\mtxoci.dll
2016-03-06 21:23:31    9DB69A637142A6C72DF22706CF2F6F7B    31744    ----a-w-    C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-06 21:23:31    9797BB52F1943B78CD245B41AE833E1F    653312    ----a-w-    C:\WINDOWS\SysWOW64\rasapi32.dll
2016-03-06 21:23:31    96D60277EF8CB48BD3D920298C9D7F83    11776    ----a-w-    C:\WINDOWS\SysWOW64\rastlsext.dll
2016-03-06 21:23:31    8880848DC5DEE8BF8FE34DBC57C5655C    129024    ----a-w-    C:\WINDOWS\SysWOW64\SimAuth.dll
2016-03-06 21:23:31    7D81335F3FCD9C37DE3C8C9989428C99    431240    ----a-w-    C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-03-06 21:23:31    76B9CA3DF18D9E116051652EB4CD2FF2    9919488    ----a-w-    C:\WINDOWS\SysWOW64\twinui.dll
2016-03-06 21:23:31    76B00BE575C4D8CF3D7334240C8DAF90    683008    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-03-06 21:23:31    6F1EEEF679AFA703C7C328BD87C5AB68    558592    ----a-w-    C:\WINDOWS\SysWOW64\uReFS.dll
2016-03-06 21:23:31    6CE4F5BC53932C885B2276C2B352065C    34816    ----a-w-    C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-03-06 21:23:31    650A2E42A8965FEEF24105EF3D19780B    510976    ----a-w-    C:\WINDOWS\SysWOW64\wlidcli.dll
2016-03-06 21:23:31    64F7A89D4DBFA69D40C7C1FF5BB4457E    166912    ----a-w-    C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-03-06 21:23:31    5B64BFE61393D22D908BB5E2A17B6147    1328128    ----a-w-    C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-06 21:23:31    5A98CF000F5202776E4A58438AB2E070    4412928    ----a-w-    C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-06 21:23:31    559358D3C39A1EC0D944714C32FAD582    799744    ----a-w-    C:\WINDOWS\SysWOW64\rasdlg.dll
2016-03-06 21:23:31    5467DAD0BDB397D84052FCCF8686FB9C    60928    ----a-w-    C:\WINDOWS\SysWOW64\mssign32.dll
2016-03-06 21:23:31    532AC1D121972B17BE523A9988A3A0E5    2155008    ----a-w-    C:\WINDOWS\SysWOW64\authui.dll
2016-03-06 21:23:31    4C421E34FF4A836590401A3E9A5B5DE8    415744    ----a-w-    C:\WINDOWS\SysWOW64\catsrvut.dll
2016-03-06 21:23:31    4A49EC3B4063CC569134D2BA64FA5022    350720    ----a-w-    C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-03-06 21:23:31    42248856CC8A2AE6642B5D1B170EAB35    450560    ----a-w-    C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-06 21:23:31    31DE6A034E8BBA043CB2F4612033C12A    296488    ----a-w-    C:\WINDOWS\SysWOW64\policymanager.dll
2016-03-06 21:23:31    27C3814755F5078A06B3B95CC6BAD111    13312    ----a-w-    C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-03-06 21:23:31    1E7B13CDBA9D57D2BF54A7501FB17376    586080    ----a-w-    C:\WINDOWS\SysWOW64\wimgapi.dll
2016-03-06 21:23:31    1C1DC38D8D6E075DE06ED174B9E81FE9    535040    ----a-w-    C:\WINDOWS\SysWOW64\rastls.dll
2016-03-06 21:23:31    197948552BE23DACBEF10ECC8168FD11    29696    ----a-w-    C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-06 21:23:31    102F3BB5D63225A25817C8E44B85533F    63528    ----a-w-    C:\WINDOWS\SysWOW64\wwapi.dll
2016-03-06 21:23:31    100E983F59F3BF3A3F8BFA327CF9B438    157184    ----a-w-    C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-06 21:23:31    0C60922D59461C8D1B0A2AA3CF493438    21124344    ----a-w-    C:\WINDOWS\SysWOW64\shell32.dll
2016-03-06 21:23:29    FAE7DA27029FDDA27375722B4DC387D7    138240    ----a-w-    C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-03-06 21:23:29    F32770E19F1CB817274BC85824730E48    470528    ----a-w-    C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-03-06 21:23:29    D9EF9F5DA78CD085FD23C8EBB6108662    409088    ----a-w-    C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-03-06 21:23:29    D8DA5B9D54225B46242011154C9E417A    133632    ----a-w-    C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-06 21:23:29    D707B12965D5E8DFBD7C5BF7FB12AF02    24064    ----a-w-    C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-03-06 21:23:29    CE9B87CDE4D7BCEA229D676720E28C6B    1859960    ----a-w-    C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-06 21:23:29    CA260C1A4CFC95D49DBE4DAEDCD65585    58368    ----a-w-    C:\WINDOWS\SysWOW64\MosStorage.dll
2016-03-06 21:23:29    C11AFEBFFDD62BA366D2F146212B415E    110592    ----a-w-    C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-03-06 21:23:29    B8C4EFAA6AAED98E6B5AB57CAFA489B9    1337240    ----a-w-    C:\WINDOWS\SysWOW64\user32.dll
2016-03-06 21:23:29    B0DB58B85CF68C61AFBEFC107807FECF    784896    ----a-w-    C:\WINDOWS\SysWOW64\NMAA.dll
2016-03-06 21:23:29    AA0644D24DD488B1E1517189DD3DC00B    48640    ----a-w-    C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-03-06 21:23:29    A971D150CD168A1F7BD775674896F02C    711680    ----a-w-    C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-03-06 21:23:29    A589CD44BDB433F727EE84792FCCF0C0    87040    ----a-w-    C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-03-06 21:23:29    A43688711B5DA91ED9FC159BB8F8AF14    646656    ----a-w-    C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-06 21:23:29    A1EB9EF86954DF012BD3A48803DB36C8    6297088    ----a-w-    C:\WINDOWS\SysWOW64\mos.dll
2016-03-06 21:23:29    8BAD6657817E0960C7CB6026323828A1    511320    ----a-w-    C:\WINDOWS\SysWOW64\mf.dll
2016-03-06 21:23:29    88D538838692B2D66514301CCB37B4E7    83456    ----a-w-    C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-06 21:23:29    7F64C196D3FA41C0F437A158FDEF7F50    800768    ----a-w-    C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-03-06 21:23:29    7CDF1630DCF7C9167E551874D18C3CE0    709120    ----a-w-    C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-03-06 21:23:29    761E6E736B47DA42D74227A26F658108    100864    ----a-w-    C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-03-06 21:23:29    6DFDAD2B0EA3385069276DF547F4CAC8    2186864    ----a-w-    C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-06 21:23:29    6AE2C3CFEA73E2D01CB1E00DBD1EC4A5    205824    ----a-w-    C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-03-06 21:23:29    674333934AEF201C56419742CD86782B    973664    ----a-w-    C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-03-06 21:23:29    65E98344070A6C0B66ED476F735B14D3    59904    ----a-w-    C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-03-06 21:23:29    53F74B2F4AEA9C6A7BB9DABDCC3C7431    613888    ----a-w-    C:\WINDOWS\SysWOW64\winhttp.dll
2016-03-06 21:23:29    53E2029302DA056DE856D4C662663B2B    10240    ----a-w-    C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-03-06 21:23:29    4C85D9A9FD26D3F00BBF5D3F469F1800    241664    ----a-w-    C:\WINDOWS\SysWOW64\cryptngc.dll
2016-03-06 21:23:29    4A2AD2C3B186FFE8EFE4DC7AB492F73E    79360    ----a-w-    C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-03-06 21:23:29    451356B814B46BB6582F307E24AA0863    9728    ----a-w-    C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-03-06 21:23:29    3FCEAC0D175851962F9CF797A370A14F    3072    ----a-w-    C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-03-06 21:23:29    3BFCD46B7D67D0B137BD54C2BE644C4A    161280    ----a-w-    C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-06 21:23:29    3249EA75874EE3DD3FCBA141656DF210    713728    ----a-w-    C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-06 21:23:29    2DE2DAF437341AECB280DBFE88CBB581    346112    ----a-w-    C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-03-06 21:23:29    262D880248233D3A96C15F7C7E1BAD21    58368    ----a-w-    C:\WINDOWS\SysWOW64\MosResource.dll
2016-03-06 21:23:29    1ECA3CCBC61038D780FC179C9CB5F0CA    1944576    ----a-w-    C:\WINDOWS\SysWOW64\InputService.dll
2016-03-06 21:23:29    1C22BFBABCF389F2A985A32C01819467    5202944    ----a-w-    C:\WINDOWS\SysWOW64\BingMaps.dll
2016-03-06 21:23:29    123BD3D4504BB548A823152EAC57DE00    32040    ----a-w-    C:\WINDOWS\SysWOW64\mfpmp.exe
2016-03-06 21:23:29    104ED5E318C5EED6178BE9F4B4E1E5A2    4759040    ----a-w-    C:\WINDOWS\SysWOW64\d2d1.dll
2016-03-06 21:23:29    0B247775E6D85763E490BAE3B7CE0CB9    31232    ----a-w-    C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-03-06 21:23:29    039AD4C3FDCF13CE3196C0258C24D0C7    1371792    ----a-w-    C:\WINDOWS\SysWOW64\gdi32.dll
2016-03-06 21:23:28    FC90756CB632C0E4AC0D6A60AF2DF9AD    585216    ----a-w-    C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-06 21:23:28    F60E1993D8D8FD2E23516C1278B209C1    34304    ----a-w-    C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-03-06 21:23:28    F2D2E8091D0929884E6A86AFD9981E2F    2001408    ----a-w-    C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-03-06 21:23:28    E43400F37F8F0FA9281FEB64E3D7F72B    754176    ----a-w-    C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-06 21:23:28    CBE2DFB96C188DC8913B0CCBFA50C2FF    1824264    ----a-w-    C:\WINDOWS\SysWOW64\combase.dll
2016-03-06 21:23:28    C9B1E5A2FE0C7BF75B8B751311331EB4    2604032    ----a-w-    C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-06 21:23:28    B7B67257F01B0B814066F245DAD34367    93696    ----a-w-    C:\WINDOWS\SysWOW64\winbio.dll
2016-03-06 21:23:28    9FE071ED2AAE48A691D234E757297CF3    49152    ----a-w-    C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-03-06 21:23:28    6EB3A9117D1849AE452110A2C66CC411    820704    ----a-w-    C:\WINDOWS\SysWOW64\WinTypes.dll
2016-03-06 21:23:28    6DA0B412C0DD9DDB5382527488A5AD2E    237056    ----a-w-    C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-06 21:23:28    626E736B04150EC59601D2D3EEFEDA6D    123392    ----a-w-    C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-03-06 21:23:28    35383CA7169E12D885B9B553F59E3154    41984    ----a-w-    C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-03-06 21:23:28    30C2700A2CDEF6042585C9296ABC9054    499432    ----a-w-    C:\WINDOWS\SysWOW64\advapi32.dll
2016-03-06 21:23:28    2B6C84CF3AE5E1CEE5C763115DAF5FB4    389120    ----a-w-    C:\WINDOWS\SysWOW64\schannel.dll
2016-03-06 21:23:28    0B8C82099C16CC3AF45ABBE9BADC0B0C    498176    ----a-w-    C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-03-06 21:23:28    053E2D136DB8A4743E4C40D5D979834B    200704    ----a-w-    C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-06 21:23:28    00ECC00ED8713D7FDE30323237C5CAEF    792064    ----a-w-    C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-06 21:23:27    F87C928A9C09611670BBF6533281003C    162816    ----a-w-    C:\WINDOWS\SysWOW64\msorcl32.dll
2016-03-06 21:23:27    F7447D7EDE2E9F4FEC87143F5CC021F5    65536    ----a-w-    C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-06 21:23:27    F0ED21F9D39229B305C363B6ED023170    11776    ----a-w-    C:\WINDOWS\SysWOW64\dciman32.dll
2016-03-06 21:23:27    EDD93EDB3758471A4862D3CF70FE9007    503296    ----a-w-    C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-06 21:23:27    D51618B0CB2B51F7D9B8DEB38A454126    36352    ----a-w-    C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-03-06 21:23:27    CF342DCC0B8053DCABA7C5D30BE4B5C3    1500672    ----a-w-    C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-06 21:23:27    C23A52581FEA6CD49A49160BFA794BF7    6952088    ----a-w-    C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-06 21:23:27    B014F98BEE810D5BF9F8C1C75F0EAD92    489984    ----a-w-    C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-06 21:23:27    A820BD54E6B4A68C6E4490EA23FA5650    1860096    ----a-w-    C:\WINDOWS\SysWOW64\cdp.dll
2016-03-06 21:23:27    A680339559FBC02BC0854D73DDE85C7B    1174008    ----a-w-    C:\WINDOWS\SysWOW64\msctf.dll
2016-03-06 21:23:27    94A99147A62D9830676B47D2BFA8FA46    125440    ----a-w-    C:\WINDOWS\SysWOW64\wshom.ocx
2016-03-06 21:23:27    93050CE746C09F2F6F49A4893FB060ED    647168    ----a-w-    C:\WINDOWS\SysWOW64\jscript.dll
2016-03-06 21:23:27    8FA6855FCD9F683BC6761B97F7F48408    13018624    ----a-w-    C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-03-06 21:23:27    89F3F69C9996D5BCC879C664BF74A4E2    675064    ----a-w-    C:\WINDOWS\SysWOW64\dcomp.dll
2016-03-06 21:23:27    847B31F89A3009D5D851479224B7579A    2680320    ----a-w-    C:\WINDOWS\SysWOW64\msftedit.dll
2016-03-06 21:23:27    7F0A9630C78E3783680CC9620C4E09C0    6740992    ----a-w-    C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-06 21:23:27    6E7BF3FB027D46B7DEFCFFBEF8C4511D    2026736    ----a-w-    C:\WINDOWS\SysWOW64\msxml6.dll
2016-03-06 21:23:27    64B0C2833EB2501DAE37C0A9700BF48F    45568    ----a-w-    C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-06 21:23:27    627DC6C1A8D38FFC64BF884C2DE90410    573440    ----a-w-    C:\WINDOWS\SysWOW64\qedit.dll
2016-03-06 21:23:27    594B272EA8C34067CD74AAE90EFFBE88    1626624    ----a-w-    C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-06 21:23:27    588E4109C8A78BC211AC1D5756652A67    1139200    ----a-w-    C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-03-06 21:23:27    54F47C0CD2DE99A7B8C7583CF6C22D92    3072    ----a-w-    C:\WINDOWS\SysWOW64\lpk.dll
2016-03-06 21:23:27    529D8C676C042EC2E6930221F81C1A4A    99840    ----a-w-    C:\WINDOWS\SysWOW64\hlink.dll
2016-03-06 21:23:27    52838DDB3B20C7330A30D89509A93B55    1268736    ----a-w-    C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-03-06 21:23:27    44F1D7984F8B7739EF7EF50DEC6B41B9    2229760    ----a-w-    C:\WINDOWS\SysWOW64\wininet.dll
2016-03-06 21:23:27    3F8B09A6D234877025A5EBECF9151F58    162816    ----a-w-    C:\WINDOWS\SysWOW64\MTF.dll
2016-03-06 21:23:27    302A0BE9FA2874A3E99C0E25C992E7C7    1467392    ----a-w-    C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-03-06 21:23:27    0FC0E3CA4D36EB8A3BC1BA48436C1645    63488    ----a-w-    C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-03-06 21:20:18    F432E0E5B0958F4982D40EB622FBD7FC    35480    ----a-w-    C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-03-06 21:20:18    BF9CAA33ADD4C21C118148B5CFC5494B    778936    ----a-w-    C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-03-06 21:20:18    6F391E9286733CC6B34FC0FAB23B8DF3    103120    ----a-w-    C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 18:28:11    42DE22BB4E675AE8DADD9038B26F8EFE    2718208    ----a-w-    C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-03-06 18:26:57    F16BF0E24EE8C8346376E6210C23D2E5    103944    ----a-w-    C:\WINDOWS\SysWOW64\OpenCL.DLL
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-03-10 15:29:20    B0ECA1A7A27554613D52FF60328D75DA    126232    ----a-w-    C:\WINDOWS\Sysnative\vulkan-1.dll
2016-03-10 15:29:20    8B3FD814D7DD1D35540C8C8883E83FF2    45848    ----a-w-    C:\WINDOWS\Sysnative\vulkaninfo.exe
2016-03-10 15:28:13    DCE017947B83020FE7A4B903C325E89A    22971960    ----a-w-    C:\WINDOWS\Sysnative\nvoglv64.dll
2016-03-10 15:28:13    CF714F04670571F691EE42C786F35DA1    21322480    ----a-w-    C:\WINDOWS\Sysnative\nvopencl.dll
2016-03-10 15:28:13    CE17537CCBED28751FD835AC0B6EEC7F    678704    ----a-w-    C:\WINDOWS\Sysnative\nvfatbinaryLoader.dll
2016-03-10 15:28:13    BDF37839F6B0FDF61DBC81162FFDEE10    385080    ----a-w-    C:\WINDOWS\Sysnative\nvDecMFTMjpeg.dll
2016-03-10 15:28:13    B96ED752B29C258B24A08D88F90A9269    423360    ----a-w-    C:\WINDOWS\Sysnative\NvIFROpenGL.dll
2016-03-10 15:28:13    B22F925FB43838F95F4D4D9FE1656527    10547128    ----a-w-    C:\WINDOWS\Sysnative\nvptxJitCompiler.dll
2016-03-10 15:28:13    A99D76ED217809579F6CC4E1F0AF0B9C    175552    ----a-w-    C:\WINDOWS\Sysnative\nvinitx.dll
2016-03-10 15:28:13    A7250AC0CD53BCBDD140EB6E5ED68ABE    151184    ----a-w-    C:\WINDOWS\Sysnative\nvoglshim64.dll
2016-03-10 15:28:13    A71BAC6DCF242A58F12262B1F831830E    2613696    ----a-w-    C:\WINDOWS\Sysnative\nvcuvid.dll
2016-03-10 15:28:13    A19ADE61206D802C214DC16575219C66    139    ----a-w-    C:\WINDOWS\Sysnative\nv-vk64.json
2016-03-10 15:28:13    9356449F15A63D5C701AD3389891D8AE    786872    ----a-w-    C:\WINDOWS\Sysnative\nvEncMFTH264.dll
2016-03-10 15:28:13    6583F51DA03CE2BB31A5AB5F6B4C1C36    784640    ----a-w-    C:\WINDOWS\Sysnative\nvEncMFThevc.dll
2016-03-10 15:28:13    5F4AF19B117C588D52B6A673066AE033    545632    ----a-w-    C:\WINDOWS\Sysnative\nvumdshimx.dll
2016-03-10 15:28:13    5CBA9A06E8EC8F30D33C4CECDD923E66    379296    ----a-w-    C:\WINDOWS\Sysnative\nvEncodeAPI64.dll
2016-03-10 15:28:13    58405A26DB5EAAC6E4B1D0DC0CC0E7AF    601752    ----a-w-    C:\WINDOWS\Sysnative\nvmcumd.dll
2016-03-10 15:28:13    575B5586C67B89476361AF1513B9150D    955328    ----a-w-    C:\WINDOWS\Sysnative\NvFBC64.dll
2016-03-10 15:28:13    52C889D60B4C3099D0E9C09C666273DC    885184    ----a-w-    C:\WINDOWS\Sysnative\NvIFR64.dll
2016-03-10 15:28:13    48C03148F1CDC03B41E3EA19BDB862E6    42968120    ----a-w-    C:\WINDOWS\Sysnative\nvcompiler.dll
2016-03-10 15:28:13    46672C5F5EFAB8CD1C65A21B7882F003    17368424    ----a-w-    C:\WINDOWS\Sysnative\nvd3dumx.dll
2016-03-10 15:28:13    45B047E426CBFED77A4D4FF35A10B237    1922496    ----a-w-    C:\WINDOWS\Sysnative\nvdispco6436451.dll
2016-03-10 15:28:13    453430704C6F8F762108ADB61E4201EB    1571776    ----a-w-    C:\WINDOWS\Sysnative\nvdispgenco6436451.dll
2016-03-10 15:28:13    1BA86A473E72BB1E474E4D88CC5B9122    20863920    ----a-w-    C:\WINDOWS\Sysnative\nvcuda.dll
2016-03-09 14:51:44    408E62A03168C0016B986C80ECFD088C    24600576    ----a-w-    C:\WINDOWS\Sysnative\mshtml.dll
2016-03-09 14:51:44    3ED081A1F371E63BC6DA0327E1E51D22    22376960    ----a-w-    C:\WINDOWS\Sysnative\edgehtml.dll
2016-03-09 14:51:41    6E04BBE242E2889B37300C4DF5CE1126    3449168    ----a-w-    C:\WINDOWS\Sysnative\WSService.dll
2016-03-09 14:51:41    3E80E2B0C0010154CC504DC51BE21968    14252544    ----a-w-    C:\WINDOWS\Sysnative\wmp.dll
2016-03-09 14:51:40    797497201A406D6CFDB72FE0545F990C    6972416    ----a-w-    C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-03-09 14:51:39    EB850DDF36D7462F1ADC1B6A329CE266    7835648    ----a-w-    C:\WINDOWS\Sysnative\Chakra.dll
2016-03-09 14:51:39    83012CF88DF6EC835B2308941B47CA8A    7474528    ----a-w-    C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-03-09 14:51:38    597AA6F5B21B1B15C87982FAFD1555EE    6607080    ----a-w-    C:\WINDOWS\Sysnative\windows.storage.dll
2016-03-09 14:51:37    722FA682ED9EA8B85FA843A5C8F39E61    2273792    ----a-w-    C:\WINDOWS\Sysnative\wuaueng.dll
2016-03-09 14:51:36    E4AFFF129D51A779B75164CB6D077FC1    1831936    ----a-w-    C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-03-09 14:51:36    6F9775D843AA4595A3F60A60829B11A9    1098752    ----a-w-    C:\WINDOWS\Sysnative\dosvc.dll
2016-03-09 14:51:36    6855984AA46D2452A7C518787E1F2643    1996288    ----a-w-    C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-03-09 14:51:36    32509061F29DA432B62336A4462ADEBF    3593216    ----a-w-    C:\WINDOWS\Sysnative\win32kfull.sys
2016-03-09 14:51:35    CB902A15DD21B363FECA5DCCF34F5C57    1224704    ----a-w-    C:\WINDOWS\Sysnative\Unistore.dll
2016-03-09 14:51:34    D169A4C1EDA2F63545628420014F2FE3    808800    ----a-w-    C:\WINDOWS\Sysnative\WWAHost.exe
2016-03-09 14:51:34    96BAB1499995B85B91C312BA5114CA03    1322248    ----a-w-    C:\WINDOWS\Sysnative\ole32.dll
2016-03-09 14:51:34    7C6B51E0233814D401905289AFD27BC5    1390592    ----a-w-    C:\WINDOWS\Sysnative\win32kbase.sys
2016-03-09 14:51:34    39D5E08E69BFC5CBFA94EE09656D6427    1713664    ----a-w-    C:\WINDOWS\Sysnative\SRHInproc.dll
2016-03-09 14:51:34    21098276051C6BEBBA7C8EB79AAF4E22    938496    ----a-w-    C:\WINDOWS\Sysnative\ContactApis.dll
2016-03-09 14:51:34    15D174719872A30F2FDD6B5B1B8BA5D9    1613664    ----a-w-    C:\WINDOWS\Sysnative\diagtrack.dll
2016-03-09 14:51:34    0088614FE67298E6996AD19B05AE90C7    1997328    ----a-w-    C:\WINDOWS\Sysnative\KernelBase.dll
2016-03-09 14:51:33    BAEFEFB04D7F9A554C029FBA52A02BB8    652392    ----a-w-    C:\WINDOWS\Sysnative\dxgi.dll
2016-03-09 14:51:33    45FDB4ACF680DF92D6510F77E7FF3E7F    713568    ----a-w-    C:\WINDOWS\Sysnative\invagent.dll
2016-03-09 14:51:33    3932940E0DB7A31B00A415F6B3D3E242    700416    ----a-w-    C:\WINDOWS\Sysnative\AppointmentApis.dll
2016-03-09 14:51:32    F7526C133AC265F283012E9CD751F873    625000    ----a-w-    C:\WINDOWS\Sysnative\ClipSVC.dll
2016-03-09 14:51:32    9CB84B6398F10BCF0CE357F2C7B6056D    286720    ----a-w-    C:\WINDOWS\Sysnative\deviceaccess.dll
2016-03-09 14:51:32    96B060E7FDDD6E2902282C12C3BFD6AE    630632    ----a-w-    C:\WINDOWS\Sysnative\fontdrvhost.exe
2016-03-09 14:51:32    8465AF051B7C887C0D163AB939FDF570    358752    ----a-w-    C:\WINDOWS\Sysnative\msv1_0.dll
2016-03-09 14:51:32    751F5B6AF16546162E06211AF1FC2979    794888    ----a-w-    C:\WINDOWS\Sysnative\mfds.dll
2016-03-09 14:51:32    6D31FB3E4263749BD994B3895322D799    982016    ----a-w-    C:\WINDOWS\Sysnative\AppxPackaging.dll
2016-03-09 14:51:32    56027D21265759F4EADD0555E7915D9A    957952    ----a-w-    C:\WINDOWS\Sysnative\SRH.dll
2016-03-09 14:51:32    4098813724BDAC23A74DD6E75CA360CC    450560    ----a-w-    C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
2016-03-09 14:51:31    92F74BF86088520654BD5636A69E37F1    848168    ----a-w-    C:\WINDOWS\Sysnative\mfsvr.dll
2016-03-09 14:51:31    46D84D62993CEB88542EFA438F4D6E82    167936    ----a-w-    C:\WINDOWS\Sysnative\dafBth.dll
2016-03-09 14:51:31    3CE8EBC0B1A74A7AC639C5FAFC549CCA    436736    ----a-w-    C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-03-09 14:51:31    333F190DFAE2E1EE500234B78ADDA297    640472    ----a-w-    C:\WINDOWS\Sysnative\wer.dll
2016-03-09 14:51:30    F01ADB9BD13B60B6AB9538447F901921    365568    ----a-w-    C:\WINDOWS\Sysnative\atmfd.dll
2016-03-09 14:51:30    CD8C4364BC6040C0226638EF37E13CBB    161280    ----a-w-    C:\WINDOWS\Sysnative\CallHistoryClient.dll
2016-03-09 14:51:30    C78D43083400B8FAE408FEB1E99F9DA8    1847808    ----a-w-    C:\WINDOWS\Sysnative\WMPDMC.exe
2016-03-09 14:51:30    553F19DC6F3F73545CB17FCD7A8AE37B    870912    ----a-w-    C:\WINDOWS\Sysnative\MPSSVC.dll
2016-03-09 14:51:30    3DF25A56F18D2AB4CF58C1300C8CD323    2158592    ----a-w-    C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-03-09 14:51:30    2BCCAEB08EAF8C5D6BD024B3F020D0EA    790528    ----a-w-    C:\WINDOWS\Sysnative\EmailApis.dll
2016-03-09 14:51:29    61C99C1A4BB5EE14563ED321A859ACB6    726528    ----a-w-    C:\WINDOWS\Sysnative\ChatApis.dll
2016-03-09 14:51:29    497EB340D13433E8FE53625103E0C2D0    146432    ----a-w-    C:\WINDOWS\Sysnative\AuthBroker.dll
2016-03-09 14:51:29    215C9C65601378F56BEECDECBD1EF4AE    216416    ----a-w-    C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2016-03-09 14:51:28    B8CBDF64077D764D26E6E0255270B7BF    224256    ----a-w-    C:\WINDOWS\Sysnative\PackageStateRoaming.dll
2016-03-09 14:51:28    68B34C3558BEE0F6B822FA603E9AE441    258280    ----a-w-    C:\WINDOWS\Sysnative\sqmapi.dll
2016-03-09 14:51:28    5D88798FC34BB61C74256CDD66BDD205    318976    ----a-w-    C:\WINDOWS\Sysnative\domgmt.dll
2016-03-09 14:51:28    47323DE2A684895004CE63EC66FB4AB4    401408    ----a-w-    C:\WINDOWS\Sysnative\sharemediacpl.dll
2016-03-09 14:51:28    1D00BBEEE33FA7F64A8CBFF471968CB0    195072    ----a-w-    C:\WINDOWS\Sysnative\VCardParser.dll
2016-03-09 14:51:26    907B65AD953EA159B573A0BCC82F6DB0    243712    ----a-w-    C:\WINDOWS\Sysnative\cemapi.dll
2016-03-09 14:51:25    DD57E9F1482E1A9BD2514F6D017DF58A    258560    ----a-w-    C:\WINDOWS\Sysnative\UserDataAccountApis.dll
2016-03-09 14:51:23    F66EEB5365413D4B968C5B51D25F88B8    141560    ----a-w-    C:\WINDOWS\Sysnative\AuthHost.exe
2016-03-09 14:51:23    5B50521452D87A439A87B1EAEBC138C7    208896    ----a-w-    C:\WINDOWS\Sysnative\storewuauth.dll
2016-03-09 14:51:23    4C3A93515CA70A7017CBA3A6A95CF080    121856    ----a-w-    C:\WINDOWS\Sysnative\AppointmentActivation.dll
2016-03-09 14:51:23    04F7878E7017105AB782353231561749    252928    ----a-w-    C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
2016-03-09 14:51:22    E432FCF8572682126C3362AA856DC4AE    221184    ----a-w-    C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
2016-03-09 14:51:22    98112F9B965646D338896FD7B13BB32E    1173344    ----a-w-    C:\WINDOWS\Sysnative\aeinv.dll
2016-03-09 14:51:22    95D2BD6AC94FB337AF69F8AFE056BEBE    147808    ----a-w-    C:\WINDOWS\Sysnative\wermgr.exe
2016-03-09 14:51:22    77B2F9C522467B1FC8770028D09534DB    91648    ----a-w-    C:\WINDOWS\Sysnative\asycfilt.dll
2016-03-09 14:51:22    7185B16516478DF0061C2561C1B072CE    228352    ----a-w-    C:\WINDOWS\Sysnative\wsqmcons.exe
2016-03-09 14:51:21    E78793375E53690605E4441078CCBF84    87552    ----a-w-    C:\WINDOWS\Sysnative\AppxSysprep.dll
2016-03-09 14:51:21    A249C98D869623F1AF0DB4BCFFF6D2A8    68096    ----a-w-    C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll
2016-03-09 14:51:20    FBC8C56814642A7CA88ACBCA8DD1121F    145408    ----a-w-    C:\WINDOWS\Sysnative\dssvc.dll
2016-03-09 14:51:20    EEA1E99FBC7D91A1A271012F2B4567BB    60416    ----a-w-    C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll
2016-03-09 14:51:20    EBD07BD20B5E0E92A398566EF8720F79    31232    ----a-w-    C:\WINDOWS\Sysnative\seclogon.dll
2016-03-09 14:51:20    E9B10E704AD5B1BA5E531809C89A085B    93184    ----a-w-    C:\WINDOWS\Sysnative\wpninprc.dll
2016-03-09 14:51:20    E1D8055043DF089DB8ADB67C21DF2CC4    70656    ----a-w-    C:\WINDOWS\Sysnative\POSyncServices.dll
2016-03-09 14:51:20    DEFF4C7B937F60923980D4BB7D1724B8    274944    ----a-w-    C:\WINDOWS\Sysnative\ExSMime.dll
2016-03-09 14:51:20    AFAF7063071A1124985A63382B2BC34C    161792    ----a-w-    C:\WINDOWS\Sysnative\AppxSip.dll
2016-03-09 14:51:20    AA97AC06BFA15DA23C7C9C145A226C2D    25600    ----a-w-    C:\WINDOWS\Sysnative\wfapigp.dll
2016-03-09 14:51:20    9AE80C03EA83537F17B286ECBBA13D43    184320    ----a-w-    C:\WINDOWS\Sysnative\fwbase.dll
2016-03-09 14:51:20    6A5290128257BC733107E7819648CA76    526336    ----a-w-    C:\WINDOWS\Sysnative\FirewallAPI.dll
2016-03-09 14:51:20    5548D83C60E37CBB1B451A1108D4142C    513888    ----a-w-    C:\WINDOWS\Sysnative\devinv.dll
2016-03-09 14:51:19    DD877B48C28AB34197AD88902971B81D    45056    ----a-w-    C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll
2016-03-09 14:51:19    B6877446C93D3110E56C90CF13CBEC89    45568    ----a-w-    C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll
2016-03-09 14:51:19    70BA4CAAC5D621DCE88082DA0B1FF014    23552    ----a-w-    C:\WINDOWS\Sysnative\ExtrasXmlParser.dll
2016-03-09 14:51:19    3F8466CC13D1F614C8FAC24B1C030D59    214528    ----a-w-    C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll
2016-03-09 14:51:19    020AD2DA67F206DC160053F88454A0D4    111616    ----a-w-    C:\WINDOWS\Sysnative\UserDataTimeUtil.dll
2016-03-09 14:51:18    F6B9E6CB351D86A0C318B37E14B97656    196608    ----a-w-    C:\WINDOWS\Sysnative\fwpolicyiomgr.dll
2016-03-09 14:51:18    0FEE16BB03B1A97A70121165E7414903    67584    ----a-w-    C:\WINDOWS\Sysnative\profext.dll
2016-03-09 14:51:17    BF0B4D43097A7FEFE3F7F9EEC13C31FB    764928    ----a-w-    C:\WINDOWS\Sysnative\Chakradiag.dll
2016-03-09 14:51:17    BE8C62B0B7BBA8F1152A6A7FCF248404    915456    ----a-w-    C:\WINDOWS\Sysnative\configurationclient.dll
2016-03-09 14:51:17    B37F21B4C25BF10605A196791F93E324    360448    ----a-w-    C:\WINDOWS\Sysnative\vaultsvc.dll
2016-03-09 14:51:17    A74CEC306AB99D74559F7075EDB60A9B    451584    ----a-w-    C:\WINDOWS\Sysnative\werui.dll
2016-03-09 14:51:17    703430E9FFF072334B247B5E88428331    288768    ----a-w-    C:\WINDOWS\Sysnative\vaultcli.dll
2016-03-09 14:51:17    2C8130AFF9C3F0E99DE4B52A0A187CB3    118272    ----a-w-    C:\WINDOWS\Sysnative\fontsub.dll
2016-03-09 14:51:17    2771EBB565F5C121E66060B173991D4D    1490432    ----a-w-    C:\WINDOWS\Sysnative\UserDataService.dll
2016-03-09 14:51:17    023338E1DA5B6E5C2EFC7E5ADA7929C5    685568    ----a-w-    C:\WINDOWS\Sysnative\scapi.dll
2016-03-09 14:51:16    52623F9ED4D00357F3874DD31BB232FD    45568    ----a-w-    C:\WINDOWS\Sysnative\atmlib.dll
2016-03-07 06:13:01    BAC8747AF9AED386A89231BEFD5AAEEB    1924152    ----a-w-    C:\WINDOWS\Sysnative\nvdispco6436200.dll
2016-03-07 06:13:01    1FF05212EB6AB1F5F0D1945DE6518AC4    1571776    ----a-w-    C:\WINDOWS\Sysnative\nvdispgenco6436200.dll
2016-03-06 21:25:31    54CFBC46B064972BB4334788DC743B49    36746    ----a-w-    C:\WINDOWS\Sysnative\license.rtf
2016-03-06 21:23:36    FEBBA212353E4FA90C6164AA970B772F    536256    ----a-w-    C:\WINDOWS\Sysnative\AudioSes.dll
2016-03-06 21:23:36    F5DC166DC9D533651B83B83CD70FD14C    88392    ----a-w-    C:\WINDOWS\Sysnative\remoteaudioendpoint.dll
2016-03-06 21:23:36    F3B1BFB19C6A47DE7706A9CF1A177028    526856    ----a-w-    C:\WINDOWS\Sysnative\mfreadwrite.dll
2016-03-06 21:23:36    EF94C4BB5DDCEB9F0A092122582CF4E5    516544    ----a-w-    C:\WINDOWS\Sysnative\AudioEng.dll
2016-03-06 21:23:36    EB05F5368F8BBF75157B87FD1F689167    2581504    ----a-w-    C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-03-06 21:23:36    D79FFE2219AE3BA3B871BA2D39B16519    1152328    ----a-w-    C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2016-03-06 21:23:36    D1824F779289CA26635A186FF30C0F92    858952    ----a-w-    C:\WINDOWS\Sysnative\mfnetcore.dll
2016-03-06 21:23:36    D12D3DD397A35EF06CDF41C1A9E3EE45    613376    ----a-w-    C:\WINDOWS\Sysnative\SettingSync.dll
2016-03-06 21:23:36    CCFE330C465256D5D835E9248C676E9E    245840    ----a-w-    C:\WINDOWS\Sysnative\mfps.dll
2016-03-06 21:23:36    C9BFE1D6420BFADB249162039C321F63    1131520    ----a-w-    C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
2016-03-06 21:23:36    C3F15E167CB84E2E6027AF17D49D5904    372224    ----a-w-    C:\WINDOWS\Sysnative\MDEServer.exe
2016-03-06 21:23:36    BD70B866034C1366D74CCBB5CA97395E    2544264    ----a-w-    C:\WINDOWS\Sysnative\mfcore.dll
2016-03-06 21:23:36    BC767AD01E4DAFD08C21D5D07CC290C9    567808    ----a-w-    C:\WINDOWS\Sysnative\MCRecvSrc.dll
2016-03-06 21:23:36    9D9A25E3E658EAC6FA9BC1BC23168516    1092456    ----a-w-    C:\WINDOWS\Sysnative\mfplat.dll
2016-03-06 21:23:36    9C4C3EB6A2371A2038E2BB3A9D54CDE0    498448    ----a-w-    C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2016-03-06 21:23:36    9610CE53A9ED0789C8B669A5F86008F7    1054208    ----a-w-    C:\WINDOWS\Sysnative\audiosrv.dll
2016-03-06 21:23:36    95B9A9F4D41A54FD421CF6F7323B87FF    126464    ----a-w-    C:\WINDOWS\Sysnative\dialserver.dll
2016-03-06 21:23:36    903F7858A69A95836B0C1D36CBEC5E5B    387072    ----a-w-    C:\WINDOWS\Sysnative\qdvd.dll
2016-03-06 21:23:36    8E3B324D6479A63B6F23D663307D53A1    477696    ----a-w-    C:\WINDOWS\Sysnative\srcore.dll
2016-03-06 21:23:36    815D17429CBDA7DD5D11AA57B379E94B    119320    ----a-w-    C:\WINDOWS\Sysnative\MP3DMOD.DLL
2016-03-06 21:23:36    6E76BB89EED6C2BD7B1E7B5F9A1C41F0    320000    ----a-w-    C:\WINDOWS\Sysnative\MSFlacDecoder.dll
2016-03-06 21:23:36    6E0BFE7FAFAC7B5D0C13062D5884B135    369912    ----a-w-    C:\WINDOWS\Sysnative\audiodg.exe
2016-03-06 21:23:36    67C00AEDBE4B3AD408A4910A357E046F    786696    ----a-w-    C:\WINDOWS\Sysnative\WMADMOD.DLL
2016-03-06 21:23:36    669F733F85FEBE6F7438C66CBF7FD3FD    1062480    ----a-w-    C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2016-03-06 21:23:36    63F861960D2EA541831072D88E08EABA    3425792    ----a-w-    C:\WINDOWS\Sysnative\Windows.Media.dll
2016-03-06 21:23:36    63B9376F17E6DE7DE8B25BC6F3319A98    671472    ----a-w-    C:\WINDOWS\Sysnative\advapi32.dll
2016-03-06 21:23:36    5CB2CB9410BD09BE144D64BF447D6582    1299504    ----a-w-    C:\WINDOWS\Sysnative\mfnetsrc.dll
2016-03-06 21:23:36    503FFDCC4319F7419DE2B201B03BDB54    305664    ----a-w-    C:\WINDOWS\Sysnative\ksproxy.ax
2016-03-06 21:23:36    48E90F12346EE70764CEE435826ABD31    493568    ----a-w-    C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
2016-03-06 21:23:36    468D29ECE0AD7700B790A20FA2765313    408120    ----a-w-    C:\WINDOWS\Sysnative\AUDIOKSE.dll
2016-03-06 21:23:36    42BF7FA295F453618104B5A50BEE105B    275456    ----a-w-    C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2016-03-06 21:23:36    36208F250EE9B93B87AD6384237373A9    110032    ----a-w-    C:\WINDOWS\Sysnative\EncDump.dll
2016-03-06 21:23:36    350CFCC870E30BEE151F3DFB83BD0178    1017032    ----a-w-    C:\WINDOWS\Sysnative\mfsrcsnk.dll
2016-03-06 21:23:36    2EC83C9326B6731398674C0C0CB1636F    1674240    ----a-w-    C:\WINDOWS\Sysnative\quartz.dll
2016-03-06 21:23:36    29A61BF9EAB31507C36060CFAFEBE154    234504    ----a-w-    C:\WINDOWS\Sysnative\mftranscode.dll
2016-03-06 21:23:36    28343B7C30E6AF073B02288EB579D984    476728    ----a-w-    C:\WINDOWS\Sysnative\msvproc.dll
2016-03-06 21:23:36    218CEC10714AF029BF4D8BCE600AD1DA    819648    ----a-w-    C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2016-03-06 21:23:33    F9B6E75F16F92CB79F68DA3ABCB576E0    989536    ----a-w-    C:\WINDOWS\Sysnative\SecConfig.efi
2016-03-06 21:23:33    E0932D924DA7C363F40E5B90DC9D2669    129536    ----a-w-    C:\WINDOWS\Sysnative\flvprophandler.dll
2016-03-06 21:23:33    C6F9333F6C5F326B075CBC062E33793D    7680    ----a-w-    C:\WINDOWS\Sysnative\readingviewresources.dll
2016-03-06 21:23:33    C3D11EE0D07D6CAF9F8D4073B9F5579E    557056    ----a-w-    C:\WINDOWS\Sysnative\PsmServiceExtHost.dll
2016-03-06 21:23:33    BB2DD53E90A958FDB1254839F30329D5    803840    ----a-w-    C:\WINDOWS\Sysnative\jscript.dll
2016-03-06 21:23:33    B83CCF1BEECF4BCDE71FC431BAB9A790    34304    ----a-w-    C:\WINDOWS\Sysnative\iernonce.dll
2016-03-06 21:23:33    A84812FE1FC4EAE9BBD816A2AEE4830D    383488    ----a-w-    C:\WINDOWS\Sysnative\iedkcs32.dll
2016-03-06 21:23:33    85EB31A46D618AC52726253A32539082    221696    ----a-w-    C:\WINDOWS\Sysnative\ie4uinit.exe
2016-03-06 21:23:33    844EB2280A13842B9919DCD0113F5487    343552    ----a-w-    C:\WINDOWS\Sysnative\SensorsApi.dll
2016-03-06 21:23:33    80AD89A1EF678960E13D977EF8C047A9    1750440    ----a-w-    C:\WINDOWS\Sysnative\WpcMon.exe
2016-03-06 21:23:33    7950D23F5542F6F8A9D41F046C01067F    2756096    ----a-w-    C:\WINDOWS\Sysnative\mshtml.tlb
2016-03-06 21:23:33    777F439F1E5989777805647F1684529D    2127360    ----a-w-    C:\WINDOWS\Sysnative\inetcpl.cpl
2016-03-06 21:23:33    7014B74B0F62698EC891A19A781689D5    337840    ----a-w-    C:\WINDOWS\Sysnative\MFPlay.dll
2016-03-06 21:23:33    5F8178A9C45D9C69819C63AFC5988C33    66560    ----a-w-    C:\WINDOWS\Sysnative\iesetup.dll
2016-03-06 21:23:33    5C6B3AFF685A17163315276E86CE173E    696160    ----a-w-    C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-03-06 21:23:33    55FB0D95CC3EF6A0EB40DBDBC529787A    1255936    ----a-w-    C:\WINDOWS\Sysnative\WMSPDMOE.DLL
2016-03-06 21:23:33    54E585CFCD208E460A70D1356CD489BE    13382656    ----a-w-    C:\WINDOWS\Sysnative\ieframe.dll
2016-03-06 21:23:33    549A1696E594E6939C210972B4AD9747    824320    ----a-w-    C:\WINDOWS\Sysnative\WpcWebFilter.dll
2016-03-06 21:23:33    4EB351CB5A23E0F7AB2B7137374EFB85    870400    ----a-w-    C:\WINDOWS\Sysnative\wpncore.dll
2016-03-06 21:23:33    40D666AEFB8775F25AA403EDB5D2414E    4894208    ----a-w-    C:\WINDOWS\Sysnative\jscript9.dll
2016-03-06 21:23:33    3FAD094B789D7D8C130D474A8FD479D6    785088    ----a-w-    C:\WINDOWS\Sysnative\evr.dll
2016-03-06 21:23:33    3D58D04A9269CE21B61960544A05573D    204288    ----a-w-    C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-03-06 21:23:33    38F068BA3D5CE3C53A025E1F9381CC54    115040    ----a-w-    C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-03-06 21:23:33    2985697A74DE409D53C6ACD2CD30FDAA    1818696    ----a-w-    C:\WINDOWS\Sysnative\ntdll.dll
2016-03-06 21:23:33    18CE63A5B5EB84FF7F9F575C8FE53F44    931328    ----a-w-    C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL
2016-03-06 21:23:33    0307E9C189E8FD376109265BAD5E3475    784384    ----a-w-    C:\WINDOWS\Sysnative\msfeeds.dll
2016-03-06 21:23:31    FF07BE14ED82E218C3EEE7C986118A2E    307712    ----a-w-    C:\WINDOWS\Sysnative\usbmon.dll
2016-03-06 21:23:31    FDB262D0B2C0790385B894AA4B2C0A6C    182784    ----a-w-    C:\WINDOWS\Sysnative\shutdownux.dll
2016-03-06 21:23:31    FAB5054707064EA9881954F98D9150C0    85320    ----a-w-    C:\WINDOWS\Sysnative\OpenWith.exe
2016-03-06 21:23:31    F8083C536BEDE61AFB4069D8A8C16DA7    456704    ----a-w-    C:\WINDOWS\Sysnative\ipnathlp.dll
2016-03-06 21:23:31    F40D409308162E071561049ACADF753C    80600    ----a-w-    C:\WINDOWS\Sysnative\wwapi.dll
2016-03-06 21:23:31    F3FE9C939D684607118E306B98CEBBBC    22564328    ----a-w-    C:\WINDOWS\Sysnative\shell32.dll
2016-03-06 21:23:31    F232BE986A85BA857E7C5FDBEFC71653    1415200    ----a-w-    C:\WINDOWS\Sysnative\msctf.dll
2016-03-06 21:23:31    F2232A78D975E8F1B99DAC4873CBDC89    414720    ----a-w-    C:\WINDOWS\Sysnative\bcastdvr.exe
2016-03-06 21:23:31    F0D97E9816795E1AAA17396ABD2660C4    4827136    ----a-w-    C:\WINDOWS\Sysnative\ExplorerFrame.dll
2016-03-06 21:23:31    F07301C282AA222C33F8C28B4F545275    591872    ----a-w-    C:\WINDOWS\Sysnative\SmsRouterSvc.dll
2016-03-06 21:23:31    EFA47480BEB0968E3A18479593B2E60C    18944    ----a-w-    C:\WINDOWS\Sysnative\wshrm.dll
2016-03-06 21:23:31    EA30B6E587862DF15E35525C60CCAFA9    838144    ----a-w-    C:\WINDOWS\Sysnative\uDWM.dll
2016-03-06 21:23:31    E9A0D466F6D8EC349DB526146618BCB6    606720    ----a-w-    C:\WINDOWS\Sysnative\wcmsvc.dll
2016-03-06 21:23:31    E7588419770BDDB510741F734D290E27    1318912    ----a-w-    C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2016-03-06 21:23:31    E104F46B2E0C4F760382CF95E248E0AD    43520    ----a-w-    C:\WINDOWS\Sysnative\bcastdvr.proxy.dll
2016-03-06 21:23:31    DD723E3E44BBD7A1B94D8914B7E72549    623616    ----a-w-    C:\WINDOWS\Sysnative\PhoneProviders.dll
2016-03-06 21:23:31    DA81241A3493CD3B7EEF3AFD6BBE38B6    92352    ----a-w-    C:\WINDOWS\Sysnative\acmigration.dll
2016-03-06 21:23:31    D7ED1ADDC1D19A9D6A1C583A938F4AF4    465920    ----a-w-    C:\WINDOWS\Sysnative\wwanconn.dll
2016-03-06 21:23:31    D60BA4C76D194472D6602FF3D2D51ADE    106496    ----a-w-    C:\WINDOWS\Sysnative\rasauto.dll
2016-03-06 21:23:31    D20C52607024BD08A88CF1CA6B339C9B    517632    ----a-w-    C:\WINDOWS\Sysnative\winspool.drv
2016-03-06 21:23:31    D1BB4122E41E04E2D8D57702396AE031    412512    ----a-w-    C:\WINDOWS\Sysnative\wifitask.exe
2016-03-06 21:23:31    D1241DFC397FA8CCFB4BB4B63AAD31AC    755712    ----a-w-    C:\WINDOWS\Sysnative\spoolsv.exe
2016-03-06 21:23:31    D0E812616609B1E6E3317FF46B9177C8    44032    ----a-w-    C:\WINDOWS\Sysnative\wsplib.dll
2016-03-06 21:23:31    C177128E60700E43109584F33D0430F9    258048    ----a-w-    C:\WINDOWS\Sysnative\iassam.dll
2016-03-06 21:23:31    BF53DA0A9C4BC6A0D8DCF529154DBF74    538632    ----a-w-    C:\WINDOWS\Sysnative\WWanAPI.dll
2016-03-06 21:23:31    BAAB5AE1EC2A970C16FDA670882EEE39    79360    ----a-w-    C:\WINDOWS\Sysnative\cfgbkend.dll
2016-03-06 21:23:31    BA4DB0DDCF88E0D609E085130773A034    2597888    ----a-w-    C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2016-03-06 21:23:31    B8F17AB618578B9024D949DE8308B95A    14336    ----a-w-    C:\WINDOWS\Sysnative\dciman32.dll
2016-03-06 21:23:31    B84FEAB09387BECCA1900E4BFBD899A9    1009152    ----a-w-    C:\WINDOWS\Sysnative\WMSPDMOD.DLL
2016-03-06 21:23:31    B46D8BBF27B186B0AE7C57C88A1A6D93    6572032    ----a-w-    C:\WINDOWS\Sysnative\wwanmm.dll
2016-03-06 21:23:31    AE46FC3FC01DA2DC876D75776F5943B0    86528    ----a-w-    C:\WINDOWS\Sysnative\AppCapture.dll
2016-03-06 21:23:31    A9073B21B807C28A5A2246BB1440E823    1030416    ----a-w-    C:\WINDOWS\Sysnative\winresume.efi
2016-03-06 21:23:31    A80237F337639402450C5F6CE9B75C94    474624    ----a-w-    C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-03-06 21:23:31    A78E76034D230AFE6B74B57BAF8C8BF2    27648    ----a-w-    C:\WINDOWS\Sysnative\WiFiConfigSP.dll
2016-03-06 21:23:31    A6E666BC673DD38C3ECDB53FD83138E7    3993600    ----a-w-    C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2016-03-06 21:23:31    9CEBBE3FB11718F2B2B2086102711C2E    19456    ----a-w-    C:\WINDOWS\Sysnative\rasautou.exe
2016-03-06 21:23:31    9BE5ECE2F17B3BEDE6FDE1175BD23266    376536    ----a-w-    C:\WINDOWS\Sysnative\Windows.Media.MediaControl.dll
2016-03-06 21:23:31    9AEEB769F72EF13134BC21BA1465CCE3    134656    ----a-w-    C:\WINDOWS\Sysnative\wificonnapi.dll
2016-03-06 21:23:31    9822B613AEB1CF24E05EFEE748160637    25088    ----a-w-    C:\WINDOWS\Sysnative\irmon.dll
2016-03-06 21:23:31    91038CB7820CFB27E7C9D10320307301    1390080    ----a-w-    C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-03-06 21:23:31    8C86CB7C7725B196773451DE66602199    75776    ----a-w-    C:\WINDOWS\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-06 21:23:31    8AF0CBE3FC6129C42D7A2A73B681F226    1118208    ----a-w-    C:\WINDOWS\Sysnative\localspl.dll
2016-03-06 21:23:31    8A0BAD6F9EEFB0FCD1629F6366394380    1814528    ----a-w-    C:\WINDOWS\Sysnative\pnidui.dll
2016-03-06 21:23:31    8938F957903BBA18ED242AE4DBF419FD    73728    ----a-w-    C:\WINDOWS\Sysnative\wwancfg.dll
2016-03-06 21:23:31    84ADBF35DAF6404148AE85973BE26D59    48640    ----a-w-    C:\WINDOWS\Sysnative\wfdprov.dll
2016-03-06 21:23:31    7E1AE9B225DEA8A142BAE7AFFC2A78F5    160768    ----a-w-    C:\WINDOWS\Sysnative\SimAuth.dll
2016-03-06 21:23:31    7CDB2034A13C7009CFF479C170E21C90    55808    ----a-w-    C:\WINDOWS\Sysnative\rilproxy.dll
2016-03-06 21:23:31    79F73D66F612FE53C8E5E607FCDCFAB1    884736    ----a-w-    C:\WINDOWS\Sysnative\rasdlg.dll
2016-03-06 21:23:31    717FDDACE38C314CA5A517E12162CC6D    216576    ----a-w-    C:\WINDOWS\Sysnative\QuickActionsDataModel.dll
2016-03-06 21:23:31    716E299C1058C9F2030F31BC7270A210    52224    ----a-w-    C:\WINDOWS\Sysnative\Wwanpref.dll
2016-03-06 21:23:31    70E822EC30C93426C2C51D8CB8BBCDDF    2587696    ----a-w-    C:\WINDOWS\Sysnative\msxml6.dll
2016-03-06 21:23:31    6D7BC576DEC9750D5F8AED361E687384    704000    ----a-w-    C:\WINDOWS\Sysnative\CellularAPI.dll
2016-03-06 21:23:31    6CA51117CDDB89DB6AE9F196B01C3491    389992    ----a-w-    C:\WINDOWS\Sysnative\wlanapi.dll
2016-03-06 21:23:31    6ABAC83AD594B0390C470F9C1C017382    3072    ----a-w-    C:\WINDOWS\Sysnative\lpk.dll
2016-03-06 21:23:31    69E727F94BEA64E66C284F3C482F33E6    1035776    ----a-w-    C:\WINDOWS\Sysnative\XboxNetApiSvc.dll
2016-03-06 21:23:31    69B4974176206D7276B733B30BCE442E    1717248    ----a-w-    C:\WINDOWS\Sysnative\GdiPlus.dll
2016-03-06 21:23:31    6817CD1A33EB94CDE8FBBCB7E3C4E469    1317640    ----a-w-    C:\WINDOWS\Sysnative\winload.efi
2016-03-06 21:23:31    610D0502400BDAFD4BB8EA10713234C7    74240    ----a-w-    C:\WINDOWS\Sysnative\SMSRouter.dll
2016-03-06 21:23:31    6072C7DB85FD3FE8D308EE44865C04DE    305664    ----a-w-    C:\WINDOWS\Sysnative\wifiprofilessettinghandler.dll
2016-03-06 21:23:31    57C2033773055CEE5963EBCB999337F8    210432    ----a-w-    C:\WINDOWS\Sysnative\wcmcsp.dll
2016-03-06 21:23:31    57606281E23B0F53347527691E947B2B    749056    ----a-w-    C:\WINDOWS\Sysnative\PhoneService.dll
2016-03-06 21:23:31    557496EE056CEF8D1D569D2663BC701F    988160    ----a-w-    C:\WINDOWS\Sysnative\SharedStartModel.dll
2016-03-06 21:23:31    53AC4B2658807691D2A485EE0F8A50E9    463360    ----a-w-    C:\WINDOWS\Sysnative\wlansec.dll
2016-03-06 21:23:31    52B49D01CE8F8EEC3D557D2CCD46548B    17408    ----a-w-    C:\WINDOWS\Sysnative\rasadhlp.dll
2016-03-06 21:23:31    5125BB69518578E5EDC4117BABF2A687    874968    ----a-w-    C:\WINDOWS\Sysnative\winresume.exe
2016-03-06 21:23:31    50FED971D0FAD2B990C0A05735761D62    733184    ----a-w-    C:\WINDOWS\Sysnative\rasapi32.dll
2016-03-06 21:23:31    5058E240BBD22D66CE29D9C3279C8A91    610816    ----a-w-    C:\WINDOWS\Sysnative\rastls.dll
2016-03-06 21:23:31    486C22DD70BE538B1C164AE38E130009    2352128    ----a-w-    C:\WINDOWS\Sysnative\authui.dll
2016-03-06 21:23:31    46BF56CC45F3EBE9DCF04EA702F79FF7    64000    ----a-w-    C:\WINDOWS\Sysnative\ihvrilproxy.dll
2016-03-06 21:23:31    467F2BD2CC73E322839B3AED763BA2DC    193024    ----a-w-    C:\WINDOWS\Sysnative\SimCfg.dll
2016-03-06 21:23:31    453740989239803FE363FF8B40EA2E08    2295808    ----a-w-    C:\WINDOWS\Sysnative\wlansvc.dll
2016-03-06 21:23:31    447413C46C687CF730051DD8B4EA12F6    75264    ----a-w-    C:\WINDOWS\Sysnative\wwanprotdim.dll
2016-03-06 21:23:31    417D1526811D9646A7E8779209F11361    1213440    ----a-w-    C:\WINDOWS\Sysnative\wwansvc.dll
2016-03-06 21:23:31    334A9D347CC52E7581DC21FA7CDBB261    515584    ----a-w-    C:\WINDOWS\Sysnative\LogonController.dll
2016-03-06 21:23:31    29C0CB42B16F323AB8003A73B7E81DD5    1141504    ----a-w-    C:\WINDOWS\Sysnative\winload.exe
2016-03-06 21:23:31    2989A5B700D1C706ED496CCA75DCFA67    7533568    ----a-w-    C:\WINDOWS\Sysnative\mstscax.dll
2016-03-06 21:23:31    285D92DAC2C93818615C70A5719DD1F8    440320    ----a-w-    C:\WINDOWS\Sysnative\CredProvDataModel.dll
2016-03-06 21:23:31    186BAF9C9F422E6B784E4C990585E2E3    673792    ----a-w-    C:\WINDOWS\Sysnative\Windows.UI.dll
2016-03-06 21:23:31    0ED8556CB47EC7689D0046791F3427AE    26112    ----a-w-    C:\WINDOWS\Sysnative\wlansvcpal.dll
2016-03-06 21:23:31    0D7BB44BFFFA4E153F4EA1E05522D2C3    37376    ----a-w-    C:\WINDOWS\Sysnative\LaunchWinApp.exe
2016-03-06 21:23:31    0A9C90159378EAF0F45AF2275156EF0D    264544    ----a-w-    C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll
2016-03-06 21:23:31    09918925526BC0B5B823CF1A2473D909    412672    ----a-w-    C:\WINDOWS\Sysnative\wlanmsm.dll
2016-03-06 21:23:31    096671DD1AA23C708FC4493C41D5DB82    13824    ----a-w-    C:\WINDOWS\Sysnative\rastlsext.dll
2016-03-06 21:23:31    043051E7D39381BC1DCA5B25236BBA72    11545600    ----a-w-    C:\WINDOWS\Sysnative\twinui.dll
2016-03-06 21:23:31    01AE64981A7C7AE4F84799931D8DAAD1    900608    ----a-w-    C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.dll
2016-03-06 21:23:29    FF1FF1A83425C77D1CAFF9EC7AFA8C1F    108544    ----a-w-    C:\WINDOWS\Sysnative\InputLocaleManager.dll
2016-03-06 21:23:29    FF0F6AAD313DCD878D2ECF1BA0B32478    2624512    ----a-w-    C:\WINDOWS\Sysnative\InputService.dll
2016-03-06 21:23:29    FBEFDA259F6254B6590956753421D387    89600    ----a-w-    C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll
2016-03-06 21:23:29    FB2FBCF8AD0DF4F8A50B1639F0256D83    555520    ----a-w-    C:\WINDOWS\Sysnative\SyncController.dll
2016-03-06 21:23:29    FA7FE5ECB4E0103F132BB00E526E67EF    852480    ----a-w-    C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2016-03-06 21:23:29    F93E9FA2A54843D6EC529E4754F12946    166400    ----a-w-    C:\WINDOWS\Sysnative\MusNotification.exe
2016-03-06 21:23:29    F5AF729AD65041D74FED75E02DA4A4DC    138240    ----a-w-    C:\WINDOWS\Sysnative\ETWCoreUIComponentsResources.dll
2016-03-06 21:23:29    F2E3456FD405F9BEACA0B8CF2BBDF0DE    202472    ----a-w-    C:\WINDOWS\Sysnative\wscapi.dll
2016-03-06 21:23:29    F202F182FF6046869E2995DF333C5B2A    7199232    ----a-w-    C:\WINDOWS\Sysnative\BingMaps.dll
2016-03-06 21:23:29    F0BA42C8EB6ADB733E35D2EC7714408F    49152    ----a-w-    C:\WINDOWS\Sysnative\pcaui.exe
2016-03-06 21:23:29    EBDDBFCAA0E8BF346F5DC13BC364B39E    110592    ----a-w-    C:\WINDOWS\Sysnative\Microsoft-Windows-MapControls.dll
2016-03-06 21:23:29    EAB4B1DD5E18EE57853ACD0156AE92E6    199168    ----a-w-    C:\WINDOWS\Sysnative\InstallAgent.exe
2016-03-06 21:23:29    EA195B8BC11C1CDB313CFD456EFFA0E9    997376    ----a-w-    C:\WINDOWS\Sysnative\schedsvc.dll
2016-03-06 21:23:29    E95EA71BD560BF02276DF339FA412FCB    472576    ----a-w-    C:\WINDOWS\Sysnative\DscCore.dll
2016-03-06 21:23:29    E8C7F673B75210D3F35142361923C945    157184    ----a-w-    C:\WINDOWS\Sysnative\dmcertinst.exe
2016-03-06 21:23:29    E00F94FADD6FE28F62841F8D31EF47BF    1594408    ----a-w-    C:\WINDOWS\Sysnative\gdi32.dll
2016-03-06 21:23:29    DFDA465D7D14906ECC04071E20D0F19E    644096    ----a-w-    C:\WINDOWS\Sysnative\uReFS.dll
2016-03-06 21:23:29    DEEA03E61DCE718C64BF68D446E8ABA0    1309376    ----a-w-    C:\WINDOWS\Sysnative\appraiser.dll
2016-03-06 21:23:29    DD97EF0AE9224B8C1161736E033C03F1    1399224    ----a-w-    C:\WINDOWS\Sysnative\user32.dll
2016-03-06 21:23:29    DC59D9253F50A2D329945CBDBE3B8B7A    32256    ----a-w-    C:\WINDOWS\Sysnative\wups2.dll
2016-03-06 21:23:29    DAFECF80513C6E6892BBEBB48D555A31    115712    ----a-w-    C:\WINDOWS\Sysnative\srpapi.dll
2016-03-06 21:23:29    DAB53783AD08864E873A6B7B874D1783    3671888    ----a-w-    C:\WINDOWS\Sysnative\iertutil.dll
2016-03-06 21:23:29    D974EACE921C3B1C78DD29334CC7F861    109056    ----a-w-    C:\WINDOWS\Sysnative\hlink.dll
2016-03-06 21:23:29    D754BB9E00B5D305617461E9C3CB6057    120320    ----a-w-    C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-03-06 21:23:29    D53F94A3F5DA461209C6128D5337FFF1    304752    ----a-w-    C:\WINDOWS\Sysnative\systemreset.exe
2016-03-06 21:23:29    D4170CA7268AEDE7DE43EE54D7C8F639    256512    ----a-w-    C:\WINDOWS\Sysnative\accountaccessor.dll
2016-03-06 21:23:29    D229D73154CD66884BEAD67393ABE5C7    726528    ----a-w-    C:\WINDOWS\Sysnative\wlidcli.dll
2016-03-06 21:23:29    CD2CC65DDF46F065BCC975C2BC89DD11    1648640    ----a-w-    C:\WINDOWS\Sysnative\comsvcs.dll
2016-03-06 21:23:29    C8C10002DF980C3830D103960957AA3C    1582080    ----a-w-    C:\WINDOWS\Sysnative\aitstatic.exe
2016-03-06 21:23:29    C6856D20BE1DB90407C9154B0EC319B9    77824    ----a-w-    C:\WINDOWS\Sysnative\provpackageapidll.dll
2016-03-06 21:23:29    C64B693DF26EB7BFF25F9BAD8B54D571    649216    ----a-w-    C:\WINDOWS\Sysnative\ngcsvc.dll
2016-03-06 21:23:29    C46FC25D2742C6426F6581A4C59331D9    35656    ----a-w-    C:\WINDOWS\Sysnative\mfpmp.exe
2016-03-06 21:23:29    BF1A001A4EBD005CB412E322F20DB0D7    75264    ----a-w-    C:\WINDOWS\Sysnative\EditBufferTestHook.dll
2016-03-06 21:23:29    BA45A9F29AB13A0E66BAABF9D7C30B70    523616    ----a-w-    C:\WINDOWS\Sysnative\wimserv.exe
2016-03-06 21:23:29    B94746868C7AD8F0449662E8552E55DE    145920    ----a-w-    C:\WINDOWS\Sysnative\omadmclient.exe
2016-03-06 21:23:29    B7D367ABFC188C1AC27C6C961694B5B4    1056256    ----a-w-    C:\WINDOWS\Sysnative\JpMapControl.dll
2016-03-06 21:23:29    B58CE40AC84F1B068A2004400E68245B    87040    ----a-w-    C:\WINDOWS\Sysnative\MDMAppInstaller.exe
2016-03-06 21:23:29    A74C62AE99A015CD6275F0D8D8843886    342016    ----a-w-    C:\WINDOWS\Sysnative\SensorService.dll
2016-03-06 21:23:29    A34D9229F8D3A7164247213C9A283DB0    189952    ----a-w-    C:\WINDOWS\Sysnative\WiFiDisplay.dll
2016-03-06 21:23:29    A1A4838C326E1C33AACAD537E84880D3    851456    ----a-w-    C:\WINDOWS\Sysnative\MapsStore.dll
2016-03-06 21:23:29    A0C330AAF06A36A13171A28FE4B582A2    92160    ----a-w-    C:\WINDOWS\Sysnative\policymanagerprecheck.dll
2016-03-06 21:23:29    9FCC3D4817CCA5BCEF1FB4B14E523EBC    78336    ----a-w-    C:\WINDOWS\Sysnative\BarcodeProvisioningPlugin.dll
2016-03-06 21:23:29    9F171CF4EDEB38DB4CA906ABD535DC44    13312    ----a-w-    C:\WINDOWS\Sysnative\MapsBtSvcProxy.dll
2016-03-06 21:23:29    9E55D606C3CE9A37FB2FE5A419AE9CE6    30208    ----a-w-    C:\WINDOWS\Sysnative\StorageUsage.dll
2016-03-06 21:23:29    9C17CF2D05F8DA5AC66880B6BEE64E7D    190464    ----a-w-    C:\WINDOWS\Sysnative\wscsvc.dll
2016-03-06 21:23:29    9A3D731707AC0059E0ACBD4E8CDF46E6    1731584    ----a-w-    C:\WINDOWS\Sysnative\urlmon.dll
2016-03-06 21:23:29    9972A886D911234F833A265D5D641D30    587776    ----a-w-    C:\WINDOWS\Sysnative\bisrv.dll
2016-03-06 21:23:29    9953FA89A4E3BC33296DAFB1ACFDC62F    617984    ----a-w-    C:\WINDOWS\Sysnative\StorSvc.dll
2016-03-06 21:23:29    9920C9AD4528A4396D19BC03AA2D0882    58408    ----a-w-    C:\WINDOWS\Sysnative\SensorsNativeApi.dll
2016-03-06 21:23:29    960E3DB158FC9D262EE33D928AEDA3F5    320000    ----a-w-    C:\WINDOWS\Sysnative\cryptngc.dll
2016-03-06 21:23:29    90AA1A4C3B4FF984BB33D74C23D71536    678912    ----a-w-    C:\WINDOWS\Sysnative\qedit.dll
2016-03-06 21:23:29    8EC4F381818F8A073DEC52C6D1ED9C76    86016    ----a-w-    C:\WINDOWS\Sysnative\DeviceEnroller.exe
2016-03-06 21:23:29    8CDC28FB78253481353A882FA3139FBB    2654872    ----a-w-    C:\WINDOWS\Sysnative\CoreUIComponents.dll
2016-03-06 21:23:29    8BACF65C95DA69173FA80F644502F9BC    26408    ----a-w-    C:\WINDOWS\Sysnative\wuauclt.exe
2016-03-06 21:23:29    8A48AEAACC0F44E999BEC15BF017E74B    36864    ----a-w-    C:\WINDOWS\Sysnative\ztrace_maps.dll
2016-03-06 21:23:29    88B38A7435DFA9B7E8F94F5D5FE999D2    66560    ----a-w-    C:\WINDOWS\Sysnative\moshost.dll
2016-03-06 21:23:29    87A8DD15B7DEAC51916358250E5BC7C5    122368    ----a-w-    C:\WINDOWS\Sysnative\KnobsCsp.dll
2016-03-06 21:23:29    849275D7BF36660743973B8E28542E45    51680    ----a-w-    C:\WINDOWS\Sysnative\SensorsUtilsV2.dll
2016-03-06 21:23:29    839F7EC52C8E6888C4E9120E68652438    589312    ----a-w-    C:\WINDOWS\Sysnative\MbaeApi.dll
2016-03-06 21:23:29    836DC2848B800FC890E8FCF96F5E639B    458752    ----a-w-    C:\WINDOWS\Sysnative\PlayToDevice.dll
2016-03-06 21:23:29    83365A5A2632275C7B005B7A4995DCE1    416768    ----a-w-    C:\WINDOWS\Sysnative\dmenrollengine.dll
2016-03-06 21:23:29    8321155AACF85779A42582B0CD5084A4    148992    ----a-w-    C:\WINDOWS\Sysnative\wshom.ocx
2016-03-06 21:23:29    8109C3D1CFDC7AE78605D8F3EA4EAA20    586208    ----a-w-    C:\WINDOWS\Sysnative\mf.dll
2016-03-06 21:23:29    80EEB2E91EE933EFB1384D9866BD997F    64000    ----a-w-    C:\WINDOWS\Sysnative\MosHostClient.dll
2016-03-06 21:23:29    80BF2990E01E774D64F6E13F30661942    162304    ----a-w-    C:\WINDOWS\Sysnative\tetheringservice.dll
2016-03-06 21:23:29    80021DC2AF64B92F3FA8935C0D5C81D7    69632    ----a-w-    C:\WINDOWS\Sysnative\wininetlui.dll
2016-03-06 21:23:29    7E81E3E0D7F83BFE3C3975020B6C7F12    163840    ----a-w-    C:\WINDOWS\Sysnative\TimeBrokerServer.dll
2016-03-06 21:23:29    7DD3B4B77A787E06A6B3DC9AE7B451E0    292352    ----a-w-    C:\WINDOWS\Sysnative\provengine.dll
2016-03-06 21:23:29    7C20F3EC0BA5ACB8ED40CDEF41B0AC56    779384    ----a-w-    C:\WINDOWS\Sysnative\taskschd.dll
2016-03-06 21:23:29    7BD715D15060E0B6E4AF222CA7120BD1    69632    ----a-w-    C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-03-06 21:23:29    7B24B823404D53DA4748F21AD2BF04C9    584704    ----a-w-    C:\WINDOWS\Sysnative\winlogon.exe
2016-03-06 21:23:29    79EE5C9F9DF073C315D035A1785B502F    3072    ----a-w-    C:\WINDOWS\Sysnative\MapControlStringsRes.dll
2016-03-06 21:23:29    79BD0E63A9E54ED8AFFD19F43B5B83F2    264192    ----a-w-    C:\WINDOWS\Sysnative\NmaDirect.dll
2016-03-06 21:23:29    781EFD88C2BD9A95CA6961E16AFF7332    168960    ----a-w-    C:\WINDOWS\Sysnative\mdmmigrator.dll
2016-03-06 21:23:29    7538F05A7C07DB69F6E82B67CAA67286    92160    ----a-w-    C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll
2016-03-06 21:23:29    7489ACBF86C3774E7EF0DC8C7616B07E    641536    ----a-w-    C:\WINDOWS\Sysnative\enterprisecsps.dll
2016-03-06 21:23:29    72534830694CCABA9A5CBA33F9771C63    260608    ----a-w-    C:\WINDOWS\Sysnative\MTFServer.dll
2016-03-06 21:23:29    7118498F6E48758A2EF5A7D1982E2B62    1139712    ----a-w-    C:\WINDOWS\Sysnative\XblGameSave.dll
2016-03-06 21:23:29    6FF8248F3A9D69A095C7F3F42BC29CB2    440152    ----a-w-    C:\WINDOWS\Sysnative\services.exe
2016-03-06 21:23:29    6D0F04544716C90220B58008B4422B97    459776    ----a-w-    C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-03-06 21:23:29    6D04648D2E3F42A295B6D080A948E9BA    163328    ----a-w-    C:\WINDOWS\Sysnative\provops.dll
2016-03-06 21:23:29    6BB898FE9AE437C3D9D1F4920B92B1C3    1500672    ----a-w-    C:\WINDOWS\Sysnative\RecoveryDrive.exe
2016-03-06 21:23:29    6B058785608DAB0D191575E12A45201D    406528    ----a-w-    C:\WINDOWS\Sysnative\MusUpdateHandlers.dll
2016-03-06 21:23:29    69B6B69C95E1FBDC796F5B2019A8B24D    791744    ----a-w-    C:\WINDOWS\Sysnative\generaltel.dll
2016-03-06 21:23:29    6807A6D971AA7A26245397ADDFE3B5D8    2755584    ----a-w-    C:\WINDOWS\Sysnative\wininet.dll
2016-03-06 21:23:29    67C1D042FA62E2294973FD0CD1F1BC36    192000    ----a-w-    C:\WINDOWS\Sysnative\provisioningcsp.dll
2016-03-06 21:23:29    671DA2607117AC3BC7C028C0A6F4555E    210432    ----a-w-    C:\WINDOWS\Sysnative\aepic.dll
2016-03-06 21:23:29    66312F4AFEFB1AE0B80051F8A5E5B26B    698208    ----a-w-    C:\WINDOWS\Sysnative\wimgapi.dll
2016-03-06 21:23:29    63A71E0B8BEF5FC3A5C9669B5C771A1C    286208    ----a-w-    C:\WINDOWS\Sysnative\provhandlers.dll
2016-03-06 21:23:29    5B7B6AF7E94E972DCE4BF892ABD466B6    115200    ----a-w-    C:\WINDOWS\Sysnative\win32k.sys
2016-03-06 21:23:29    561B71EE613240D3CC643E2E308BD3F7    248832    ----a-w-    C:\WINDOWS\Sysnative\UserMgrProxy.dll
2016-03-06 21:23:29    559E4E19F481FBB9AF622E23772533CC    52736    ----a-w-    C:\WINDOWS\Sysnative\RemovableMediaProvisioningPlugin.dll
2016-03-06 21:23:29    54C5C6E962A873A1D05394DFF553FD18    149504    ----a-w-    C:\WINDOWS\Sysnative\FilterDS.dll
2016-03-06 21:23:29    54051585F9E1A644C3ED024B639C0E32    231936    ----a-w-    C:\WINDOWS\Sysnative\KnobsCore.dll
2016-03-06 21:23:29    5358F9A3A5C55ED1395BBFFCFA65F551    28672    ----a-w-    C:\WINDOWS\Sysnative\mapsupdatetask.dll
2016-03-06 21:23:29    50007CDB0F9801A7186F3E81D3377D12    2773096    ----a-w-    C:\WINDOWS\Sysnative\d3d11.dll
2016-03-06 21:23:29    4E5B496EBD95AEE005F54EA49EECAAC6    72704    ----a-w-    C:\WINDOWS\Sysnative\MosStorage.dll
2016-03-06 21:23:29    4DAAEB83744362082EA91B05C9CC13F3    604672    ----a-w-    C:\WINDOWS\Sysnative\vbscript.dll
2016-03-06 21:23:29    4BCE40BC42A874A57B0E1B3E0FED0ABA    475648    ----a-w-    C:\WINDOWS\Sysnative\DDDS.dll
2016-03-06 21:23:29    4AAD96366A51B26F50113A6393CB5587    42496    ----a-w-    C:\WINDOWS\Sysnative\mapstoasttask.dll
2016-03-06 21:23:29    46668562A5BDD2D2F383CAD6D35DCB15    89088    ----a-w-    C:\WINDOWS\Sysnative\MapsCSP.dll
2016-03-06 21:23:29    45B88D0BBAB3EAA10883097C14C33678    1281376    ----a-w-    C:\WINDOWS\Sysnative\LicenseManager.dll
2016-03-06 21:23:29    446E107CFCFECA7EF4A79414E882D8C8    574976    ----a-w-    C:\WINDOWS\Sysnative\Windows.Networking.UX.EapRequestHandler.dll
2016-03-06 21:23:29    43B6BF7F95CF7D60599740EF2BF0DDD8    938496    ----a-w-    C:\WINDOWS\Sysnative\MapControlCore.dll
2016-03-06 21:23:29    3FDFB93023689FBA65741B9D92C2D75A    7979008    ----a-w-    C:\WINDOWS\Sysnative\mos.dll
2016-03-06 21:23:29    3DF7BD7E0E0CFCF8D8856B639FD46C3C    30720    ----a-w-    C:\WINDOWS\Sysnative\tetheringconfigsp.dll
2016-03-06 21:23:29    3C9066503DE3E45CB98C8584DE19C186    28160    ----a-w-    C:\WINDOWS\Sysnative\nativemap.dll
2016-03-06 21:23:29    3B36AFC1B127B13A82752A3F02CE9D8C    543232    ----a-w-    C:\WINDOWS\Sysnative\StoreAgent.dll
2016-03-06 21:23:29    3A1FCBE9103770CF17F81EBD9809FE1B    697856    ----a-w-    C:\WINDOWS\Sysnative\PlayToManager.dll
2016-03-06 21:23:29    380A4E413E227A6445FDB5244181BAFF    1087488    ----a-w-    C:\WINDOWS\Sysnative\reseteng.dll
2016-03-06 21:23:29    36EC82F0E399F36BD25F593D63DC144A    912384    ----a-w-    C:\WINDOWS\Sysnative\usermgr.dll
2016-03-06 21:23:29    3690FAA19C6D3C68C033D0E5CB3BDB03    28160    ----a-w-    C:\WINDOWS\Sysnative\Windows.Management.Provisioning.ProxyStub.dll
2016-03-06 21:23:29    35F9920E5B9757E2047C024063C9A279    988160    ----a-w-    C:\WINDOWS\Sysnative\NMAA.dll
2016-03-06 21:23:29    33F4AE1E913D7F865D0CFA716BDC9032    10240    ----a-w-    C:\WINDOWS\Sysnative\Microsoft-Windows-MosTrace.dll
2016-03-06 21:23:29    301A917544D10E9F28A946BA0E84C407    160768    ----a-w-    C:\WINDOWS\Sysnative\enrollmentapi.dll
2016-03-06 21:23:29    2E165E1CF278FC2B4959B825642A595B    558080    ----a-w-    C:\WINDOWS\Sysnative\MBMediaManager.dll
2016-03-06 21:23:29    2DDEA2BEDD3169F483C9BE610ADFE8B1    8705672    ----a-w-    C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
2016-03-06 21:23:29    2DA8708EB1FCB83375A450D401A1ED09    74240    ----a-w-    C:\WINDOWS\Sysnative\mssign32.dll
2016-03-06 21:23:29    2B91178DE30EF92DD383486485B0C97D    523776    ----a-w-    C:\WINDOWS\Sysnative\catsrvut.dll
2016-03-06 21:23:29    28CFFDB411375B2BBB0EBF295ABAEF29    382464    ----a-w-    C:\WINDOWS\Sysnative\wuuhext.dll
2016-03-06 21:23:29    26DFF195B1A59942541CE199C586F0D4    43520    ----a-w-    C:\WINDOWS\Sysnative\usermgrcli.dll
2016-03-06 21:23:29    266B9C1CC212C255ED61CB13CE3A98A4    13824    ----a-w-    C:\WINDOWS\Sysnative\sscoreext.dll
2016-03-06 21:23:29    25DA92A03FFF1A620A950ED6209CDC8F    77312    ----a-w-    C:\WINDOWS\Sysnative\ProvPluginEng.dll
2016-03-06 21:23:29    25C9F417FA6FE9073392BD34630A89B4    17408    ----a-w-    C:\WINDOWS\Sysnative\IcsEntitlementHost.exe
2016-03-06 21:23:29    25086E02B6C3F34BC4646C134C3E1769    1042432    ----a-w-    C:\WINDOWS\Sysnative\BingOnlineServices.dll
2016-03-06 21:23:29    23B32FD7B58007D0407B8A4191AB76BB    28672    ----a-w-    C:\WINDOWS\Sysnative\WordBreakers.dll
2016-03-06 21:23:29    2362BCA98EAF8CE0487664467F720861    178176    ----a-w-    C:\WINDOWS\Sysnative\psmsrv.dll
2016-03-06 21:23:29    20E6B1B1F23615B5CF21AC3CE0A2E227    52224    ----a-w-    C:\WINDOWS\Sysnative\jsproxy.dll
2016-03-06 21:23:29    2031A1DA09AFF8A8BADFFF73511AF306    58368    ----a-w-    C:\WINDOWS\Sysnative\MosResource.dll
2016-03-06 21:23:29    1D445E497D7BE9566D51BD60CA8B8CE7    175616    ----a-w-    C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll
2016-03-06 21:23:29    1C671129864880F66678D3B80316074E    56320    ----a-w-    C:\WINDOWS\Sysnative\provtool.exe
2016-03-06 21:23:29    1C375486D1F6D0DD5281B76C750EEFA3    147456    ----a-w-    C:\WINDOWS\Sysnative\mtxoci.dll
2016-03-06 21:23:29    1A0945D67F0499600E7B43A69210EC5B    41984    ----a-w-    C:\WINDOWS\Sysnative\TimeBrokerClient.dll
2016-03-06 21:23:29    18DF88220B196D0D45644BC2730D6757    55296    ----a-w-    C:\WINDOWS\Sysnative\MusNotificationUx.exe
2016-03-06 21:23:29    186B00E5849DA43B2CEF58252105F3CE    5503488    ----a-w-    C:\WINDOWS\Sysnative\d2d1.dll
2016-03-06 21:23:29    156963089DF9C18AF330E08BFE41884D    165376    ----a-w-    C:\WINDOWS\Sysnative\provdatastore.dll
2016-03-06 21:23:29    140201A765860592F320B6AD6AA35155    235008    ----a-w-    C:\WINDOWS\Sysnative\MTF.dll
2016-03-06 21:23:29    1083375C70D529AA1C8224E13D9E6F40    334736    ----a-w-    C:\WINDOWS\Sysnative\policymanager.dll
2016-03-06 21:23:29    08F0E6B466F44EA24CA1601F3196E43E    9728    ----a-w-    C:\WINDOWS\Sysnative\Microsoft-Windows-MosHost.dll
2016-03-06 21:23:29    04BB77409644685810DBD63D86F5720E    99328    ----a-w-    C:\WINDOWS\Sysnative\ngckeyenum.dll
2016-03-06 21:23:29    0161DABC5CDB2BE6D0B91BEB5386B47D    52736    ----a-w-    C:\WINDOWS\Sysnative\tetheringclient.dll
2016-03-06 21:23:29    0053C878CDBA8F8D55339547EC2E99E8    269824    ----a-w-    C:\WINDOWS\Sysnative\moshostcore.dll
2016-03-06 21:23:28    FFD04E8263FC9CDB89BAD8C27C337223    794112    ----a-w-    C:\WINDOWS\Sysnative\winhttp.dll
2016-03-06 21:23:28    F6D1F548315E07F98B6294940CCBE7FB    97280    ----a-w-    C:\WINDOWS\Sysnative\winhttpcom.dll
2016-03-06 21:23:28    E48BBF1363F843E030757EC190DD33E6    2057216    ----a-w-    C:\WINDOWS\Sysnative\wlidsvc.dll
2016-03-06 21:23:28    E0FBBE85A7DC215F97F7B81236CE2674    60928    ----a-w-    C:\WINDOWS\Sysnative\XblAuthTokenBrokerExt.dll
2016-03-06 21:23:28    D02F3E132E6AD02F2CB4F9991FB77B56    1270072    ----a-w-    C:\WINDOWS\Sysnative\WinTypes.dll
2016-03-06 21:23:28    C7A6CC05D5D1BE5A863F858D963F7E0C    628736    ----a-w-    C:\WINDOWS\Sysnative\MessagingDataModel2.dll
2016-03-06 21:23:28    C402B84B789382748EEEC04284781732    2606824    ----a-w-    C:\WINDOWS\Sysnative\combase.dll
2016-03-06 21:23:28    BEF109D45139E2646C116DD9B6E53E3C    847360    ----a-w-    C:\WINDOWS\Sysnative\netlogon.dll
2016-03-06 21:23:28    B67BE37DB6E01693A8529DBC4B2A1C88    970752    ----a-w-    C:\WINDOWS\Sysnative\kerberos.dll
2016-03-06 21:23:28    ABC346A1CD915DEE6231BB4A7F0B96EC    204800    ----a-w-    C:\WINDOWS\Sysnative\Microsoft-Windows-AppModelExecEvents.dll
2016-03-06 21:23:28    A407435633C74CB1D6911DC05A90D939    2912256    ----a-w-    C:\WINDOWS\Sysnative\CertEnroll.dll
2016-03-06 21:23:28    93373D10F0F00D1DEE2EB822654735A5    275968    ----a-w-    C:\WINDOWS\Sysnative\facecredentialprovider.dll
2016-03-06 21:23:28    8C8161E40F42E437161972E8866025D5    3355136    ----a-w-    C:\WINDOWS\Sysnative\msftedit.dll
2016-03-06 21:23:28    8AA095B5A4826840B348D0A94969CE1A    1268736    ----a-w-    C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll
2016-03-06 21:23:28    85031015C1F1B9A7DAA002DAAEE341AA    2444288    ----a-w-    C:\WINDOWS\Sysnative\twinui.appcore.dll
2016-03-06 21:23:28    80D6AF1D9BE30E386322E9E723F7B6DE    1387520    ----a-w-    C:\WINDOWS\Sysnative\lsasrv.dll
2016-03-06 21:23:28    7890990143812A452858058BBD52149F    297472    ----a-w-    C:\WINDOWS\Sysnative\thumbcache.dll
2016-03-06 21:23:28    7677EA28D43C73FBD58BFA7C8E21FE97    479232    ----a-w-    C:\WINDOWS\Sysnative\schannel.dll
2016-03-06 21:23:28    6D7B4647F5FB25CE88E2555A9DFF1D2E    70656    ----a-w-    C:\WINDOWS\Sysnative\XblAuthManagerProxy.dll
2016-03-06 21:23:28    642EFABF900374FA85639D83B5533AFD    621568    ----a-w-    C:\WINDOWS\Sysnative\wbiosrvc.dll
2016-03-06 21:23:28    5CBB046266CD7CD1593354C93BCDBE91    870400    ----a-w-    C:\WINDOWS\Sysnative\modernexecserver.dll
2016-03-06 21:23:28    5B5F518D6487FDCC9C40A74D3C72B8EE    828928    ----a-w-    C:\WINDOWS\Sysnative\Windows.AccountsControl.dll
2016-03-06 21:23:28    4F83D9D2478E3421BFA7B7F13FAD614B    130560    ----a-w-    C:\WINDOWS\Sysnative\winbio.dll
2016-03-06 21:23:28    4F0263646FF401695E0C14FE81D3E6A5    16986112    ----a-w-    C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-03-06 21:23:28    4EA244C67F3D3B0EB0CC694443D3F5AA    167936    ----a-w-    C:\WINDOWS\Sysnative\ProximityCommon.dll
2016-03-06 21:23:28    4B4970CB5FF1D25B444F95A18ED8AF22    114688    ----a-w-    C:\WINDOWS\Sysnative\offlinelsa.dll
2016-03-06 21:23:28    405A419F4CDAC3C18F91FEDBD146C0A8    948736    ----a-w-    C:\WINDOWS\Sysnative\XblAuthManager.dll
2016-03-06 21:23:28    3EEB5260D4321F7F124955E1D228FDF2    274944    ----a-w-    C:\WINDOWS\Sysnative\DisplayManager.dll
2016-03-06 21:23:28    1CC123FE215B7FFBA4B7889FD13B32D5    36864    ----a-w-    C:\WINDOWS\Sysnative\BackgroundTransferHost.exe
2016-03-06 21:23:28    1C8474EF741ABA77E53BE94DE8E89D26    990720    ----a-w-    C:\WINDOWS\Sysnative\SettingSyncCore.dll
2016-03-06 21:23:28    1A9A77ACDAC29C39F50D2A492FD0DB16    87040    ----a-w-    C:\WINDOWS\Sysnative\tzautoupdate.dll
2016-03-06 21:23:28    183B210A411E23AC9C5374AEE5645312    36352    ----a-w-    C:\WINDOWS\Sysnative\UIAutomationCoreRes.dll
2016-03-06 21:23:28    0DC4BEB16161362B4E46D117204D8566    2843136    ----a-w-    C:\WINDOWS\Sysnative\cdp.dll
2016-03-06 21:23:28    03EB1EBAB72BB8322C30D070C346EA33    1395200    ----a-w-    C:\WINDOWS\Sysnative\UIAutomationCore.dll
2016-03-06 21:23:27    E853D5823793FE6E5FB0351F256DC1F2    223232    ----a-w-    C:\WINDOWS\Sysnative\fveapibase.dll
2016-03-06 21:23:27    C62ACC8B1B1136464583F871EBB4ACE1    1946624    ----a-w-    C:\WINDOWS\Sysnative\dwmcore.dll
2016-03-06 21:23:27    B174232356859EBB0CF8FA950119DA1E    159232    ----a-w-    C:\WINDOWS\Sysnative\DeviceCensus.exe
2016-03-06 21:23:27    AD37B56D53795944240011FF4EEBBD30    911648    ----a-w-    C:\WINDOWS\Sysnative\dcomp.dll
2016-03-06 21:23:27    55A629331D5EB924A1926C18E5028243    764928    ----a-w-    C:\WINDOWS\Sysnative\fveapi.dll
2016-03-06 21:23:27    11B74BAF9BD95FC3B7F17658A8CDBF3C    1804664    ----a-w-    C:\WINDOWS\Sysnative\WMALFXGFXDSP.dll
2016-03-06 21:23:27    0319FFA35F366D2FD1C9776DAA98FE96    299008    ----a-w-    C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll
2016-03-06 21:20:17    E91942A0D00C6AA014B2EA33EE0ED0A3    35480    ----a-w-    C:\WINDOWS\Sysnative\TsWpfWrp.exe
2016-03-06 21:20:17    E2296A6174894682DF8F0FF29FDDCC82    1166520    ----a-w-    C:\WINDOWS\Sysnative\PresentationNative_v0300.dll
2016-03-06 21:20:17    C5FEF4B4A7FB961ECDB0AB07DBCF379E    124624    ----a-w-    C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 18:36:29    44FF99399BE5832E10B7528BD9CA79F5    881036    ----a-w-    C:\WINDOWS\Sysnative\PerfStringBackup.INI
2016-03-06 18:30:44    72166F62A0A9A16E5A4A181B251EC350    22744    ----a-w-    C:\WINDOWS\Sysnative\emptyregdb.dat
2016-03-06 18:27:15    F0D603ACC978904D7A749E5CA6921795    71224    ----a-w-    C:\WINDOWS\Sysnative\nvshext.dll
2016-03-06 18:27:15    9FC91DC57AC7BD56F9F459BF5E11F9F1    2992576    ----a-w-    C:\WINDOWS\Sysnative\nvsvc64.dll
2016-03-06 18:27:15    6E24B145DB69E4D06A9BDA314CABAD85    6371384    ----a-w-    C:\WINDOWS\Sysnative\nvcpl.dll
2016-03-06 18:27:15    6598E96991B04FA7B49E87C5D2136D37    393784    ----a-w-    C:\WINDOWS\Sysnative\nvmctray.dll
2016-03-06 18:27:15    54A171F783F38F27E921698E2DA79892    2563128    ----a-w-    C:\WINDOWS\Sysnative\nvsvcr.dll
2016-03-06 18:27:15    38885AE14957B271496CD7DA19CF2697    1264064    ----a-w-    C:\WINDOWS\Sysnative\nvvsvc.exe
2016-03-06 18:27:15    1EF44296211AAF675AFB9D5EF9DA3386    6203411    ----a-w-    C:\WINDOWS\Sysnative\nvcoproc.bin
2016-03-06 18:26:57    E7806F4DF276CFBF72C72F8CF1F3626B    99848    ----a-w-    C:\WINDOWS\Sysnative\OpenCL.DLL
2016-03-06 18:26:57    5C5A797761421CF9B72087F3BC8A5259    180    ----a-w-    C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-06 18:26:57    1373F6562D5E4C715D5D3583E350093E    200    ----a-w-    C:\WINDOWS\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-06 18:25:57    C4FF5C39EC98F953B7F7003DB85C94CA    206624    ----a-w-    C:\WINDOWS\Sysnative\FNTCACHE.DAT
====== C:\WINDOWS\Sysnative\drivers =====
2016-03-09 14:51:36    F45665E77D11F3C1552EDBEAD1559DC8    1997152    ----a-w-    C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-03-09 14:51:33    33190E86460C4FF7382848187463DC28    576864    ----a-w-    C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-03-09 14:51:29    64D4F5DE44B64B8284BADE5819B5195A    394080    ----a-w-    C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-03-09 14:51:22    8949F77132A4F8F3BA17C6727099F002    127840    ----a-w-    C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-03-06 21:23:36    1A490555FD330CA2764D89191177C867    285696    ----a-w-    C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
2016-03-06 21:23:33    91D3F2A6253EF83EFBD7903028F58C4D    118624    ----a-w-    C:\WINDOWS\Sysnative\drivers\tdx.sys
2016-03-06 21:23:33    70148EFA9A562E7185B75BBE7D376BF7    578912    ----a-w-    C:\WINDOWS\Sysnative\drivers\afd.sys
2016-03-06 21:23:33    58BFFEF692A47FCE3FAAEDBC8F3DCBBB    2152288    ----a-w-    C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-03-06 21:23:31    E3C82823B22463BC38AA4F8ADA852624    104960    ----a-w-    C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-03-06 21:23:31    DBBACE77DDE8CCFD85B37B114965C385    147968    ----a-w-    C:\WINDOWS\Sysnative\drivers\rmcast.sys
2016-03-06 21:23:31    A4411C522D41707D5BCA817A5BB9E30B    114688    ----a-w-    C:\WINDOWS\Sysnative\drivers\bridge.sys
2016-03-06 21:23:31    0B3B0C1D86050355676640488FA897D3    430944    ----a-w-    C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2016-03-06 21:23:29    EF536C54AB9281FDC4E83B07279FCFC4    35680    ----a-w-    C:\WINDOWS\Sysnative\drivers\wimmount.sys
2016-03-06 21:23:29    EDDB0D726DBECDFC1DBCC6DB464E5A13    146272    ----a-w-    C:\WINDOWS\Sysnative\drivers\appid.sys
2016-03-06 21:23:29    BF6CA7EA5ECD6CF72D3D76652A9B8280    144384    ----a-w-    C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2016-03-06 21:23:29    318E816717431D3C23DC82779900C744    1089880    ----a-w-    C:\WINDOWS\Sysnative\drivers\http.sys
2016-03-06 21:23:28    A1105260EEEE3DBD8D38FD054B22BD00    604928    ----a-w-    C:\WINDOWS\Sysnative\drivers\cng.sys
2016-03-06 21:23:28    7D8B9214692C4D0F1646215D9984E19A    161632    ----a-w-    C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-03-06 21:23:27    F871CE85AF64D81A9CB6C361CF797144    185184    ----a-w-    C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-03-06 21:23:27    F279536122B83FD0D8E158AA753E1B7C    238592    ----a-w-    C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-03-06 21:23:27    F259A45D6B555B14CC8365AA6BC8DC20    67072    ----a-w-    C:\WINDOWS\Sysnative\drivers\usbser.sys
2016-03-06 21:23:27    DE6D7DC78D956928F59F7415A0F41E13    95072    ----a-w-    C:\WINDOWS\Sysnative\drivers\sdstor.sys
2016-03-06 21:23:27    DBACD4E4FE191D0CE7C624ACA389535E    29696    ----a-w-    C:\WINDOWS\Sysnative\drivers\xinputhid.sys
2016-03-06 21:23:27    C24C27FDF93B85A4EFCF25F830253AA2    117248    ----a-w-    C:\WINDOWS\Sysnative\drivers\capimg.sys
2016-03-06 21:23:27    B7E1CAA9429E4C3E7E01CB35B97E1536    534368    ----a-w-    C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-03-06 21:23:27    70165A0A2653FB8AFDE3D85000727F29    277856    ----a-w-    C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-03-06 21:23:27    469441BAE3FF8A16826FC62C51EF5E18    563552    ----a-w-    C:\WINDOWS\Sysnative\drivers\acpi.sys
2016-03-06 19:01:37    0A65CF342CA85A725575DD7D7C9BC80E    295160    ----a-w-    C:\WINDOWS\Sysnative\drivers\EasyAntiCheat.sys
2016-03-06 18:27:22    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\WINDOWS\Sysnative\drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2016-03-06 18:26:20    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-03-06 18:26:18    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-03-01 21:41:56    D812362E8AF615B521AD4DF19A93BD5A    205456    ----a-w-    C:\WINDOWS\Sysnative\drivers\nvhda64v.sys
2016-02-22 16:54:05    C4AB79ACB70AAF0AC8B68A9018AA9625    47200    ----a-w-    C:\WINDOWS\Sysnative\drivers\libusbK.sys
====== C:\WINDOWS\Tasks ======
2016-02-29 05:34:11    31351FAE85AC65721E42D7D927429543    2966    ----a-w-    C:\WINDOWS\Sysnative\Tasks\updater
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-03-06 21:20:31    --------    d-----w-    C:\Program Files\Reference Assemblies
2016-03-06 21:20:31    --------    d-----w-    C:\Program Files\MSBuild
2016-03-06 18:27:20    --------    d---a-w-    C:\Program Files\Microsoft LifeCam
2016-03-06 18:27:06    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2016-03-06 18:26:58    --------    d-----w-    C:\Program Files\Realtek
2016-03-06 18:26:26    --------    d-----w-    C:\Program Files\Intel
2016-03-06 18:26:20    --------    d-----w-    C:\Program Files\Synaptics
2016-02-29 23:53:19    96    ----a-w-    C:\Program Files\HiPatchService.config
2016-02-29 23:53:18    --------    d-----w-    C:\Program Files\hireztemp
2016-02-29 23:53:18    --------    d-----w-    C:\Program Files\HiRezGames
2016-02-29 23:53:15    8192    ----a-w-    C:\Program Files\VideoCardCompatibility.exe
2016-02-29 23:53:15    4468736    ----a-w-    C:\Program Files\Qt5Widgets.dll
2016-02-29 23:53:15    355328    ----a-w-    C:\Program Files\ssleay32.dll
2016-02-29 23:53:15    230912    ----a-w-    C:\Program Files\Qt5WinExtras.dll
2016-02-29 23:53:15    23040    ----a-w-    C:\Program Files\ReduxDecompress.exe
2016-02-29 23:53:15    199168    ----a-w-    C:\Program Files\Qt5WebKitWidgets.dll
2016-02-29 23:53:15    --------    d-----w-    C:\Program Files\Skins
2016-02-29 23:53:15    --------    d-----w-    C:\Program Files\platforms
2016-02-29 23:53:15    --------    d-----w-    C:\Program Files\imageformats
2016-02-29 23:53:15    --------    d-----w-    C:\Program Files\audio
2016-02-29 23:53:14    88576    ----a-w-    C:\Program Files\Qt5MultimediaWidgets.dll
2016-02-29 23:53:14    86472    ----a-w-    C:\Program Files\PatcherMisc.dll
2016-02-29 23:53:14    839680    ----a-w-    C:\Program Files\Qt5Network.dll
2016-02-29 23:53:14    75264    ----a-w-    C:\Program Files\Qt5WebChannel.dll
2016-02-29 23:53:14    674760    ----a-w-    C:\Program Files\PatcherEngine.dll
2016-02-29 23:53:14    537088    ----a-w-    C:\Program Files\Qt5Multimedia.dll
2016-02-29 23:53:14    4604416    ----a-w-    C:\Program Files\Qt5Gui.dll
2016-02-29 23:53:14    4088320    ----a-w-    C:\Program Files\Qt5Core.dll
2016-02-29 23:53:14    32768    ----a-w-    C:\Program Files\PatcherData.dll
2016-02-29 23:53:14    271872    ----a-w-    C:\Program Files\Qt5OpenGL.dll
2016-02-29 23:53:14    264192    ----a-w-    C:\Program Files\Qt5PrintSupport.dll
2016-02-29 23:53:14    2600960    ----a-w-    C:\Program Files\Qt5Qml.dll
2016-02-29 23:53:14    250880    ----a-w-    C:\Program Files\Qt5Svg.dll
2016-02-29 23:53:14    2393088    ----a-w-    C:\Program Files\Qt5Quick.dll
2016-02-29 23:53:14    21529088    ----a-w-    C:\Program Files\icudt53.dll
2016-02-29 23:53:14    1961472    ----a-w-    C:\Program Files\icuin53.dll
2016-02-29 23:53:14    17519616    ----a-w-    C:\Program Files\Qt5WebKit.dll
2016-02-29 23:53:14    157184    ----a-w-    C:\Program Files\Qt5Positioning.dll
2016-02-29 23:53:14    151552    ----a-w-    C:\Program Files\Qt5Sql.dll
2016-02-29 23:53:14    145920    ----a-w-    C:\Program Files\Qt5Sensors.dll
2016-02-29 23:53:14    1359872    ----a-w-    C:\Program Files\libeay32.dll
2016-02-29 23:53:14    1316352    ----a-w-    C:\Program Files\icuuc53.dll
2016-02-29 23:53:13    9728    ----a-w-    C:\Program Files\HiPatchService.exe
2016-02-29 23:53:13    72704    ----a-w-    C:\Program Files\HiManagedBridge.dll
2016-02-29 23:53:13    67072    ----a-w-    C:\Program Files\HiManagedPatchClient.dll
2016-02-29 23:53:13    653256    ----a-w-    C:\Program Files\HiRezGamesDiagAndSupport.exe
2016-02-29 23:53:13    34304    ----a-w-    C:\Program Files\HiPatchSelfUpdateWindow.exe
2016-02-29 23:53:13    2422216    ----a-w-    C:\Program Files\HirezLauncherUI.exe
2016-02-29 23:53:13    235352    ----a-w-    C:\Program Files\expapply64.dll
2016-02-29 23:53:13    20480    ----a-w-    C:\Program Files\HiRezLauncherControls.dll
2016-02-29 23:53:13    201560    ----a-w-    C:\Program Files\expapply.dll
2016-02-29 23:53:13    200704    ----a-w-    C:\Program Files\ICSharpCode.SharpZipLib.dll
2016-02-29 23:53:13    13824    ----a-w-    C:\Program Files\HiPatchInstHelper.exe
2016-02-29 23:53:13    100352    ----a-w-    C:\Program Files\HirezUtils.dll
2016-02-22 23:03:12    --------    d---a-w-    C:\Program Files\Adblock Plus for IE
2016-02-22 16:52:52    --------    d-----w-    C:\Program Files\Nefarius Software Solutions
======= C:\PROGRA~2 =====
2016-03-14 19:54:46    --------    d-----w-    C:\PROGRA~2\AdwCleaner
2016-03-10 15:29:18    --------    d-----w-    C:\PROGRA~2\VulkanRT
2016-03-06 21:20:31    --------    d-----w-    C:\PROGRA~2\Reference Assemblies
2016-03-06 21:20:31    --------    d-----w-    C:\PROGRA~2\MSBuild
2016-03-06 18:27:21    --------    d---a-w-    C:\PROGRA~2\Microsoft LifeCam
2016-03-06 18:27:15    --------    d--h--w-    C:\PROGRA~2\Uninstall Information
2016-03-06 18:27:06    --------    d-----w-    C:\PROGRA~2\NVIDIA Corporation
2016-03-06 18:26:24    --------    d-----w-    C:\PROGRA~2\COMMON~1\Intel
2016-02-28 22:04:25    --------    d-----w-    C:\PROGRA~2\H&R Block
2016-02-24 21:46:06    --------    d-----w-    C:\PROGRA~2\COMMON~1\BattlEye
2016-02-23 02:41:02    --------    d-----w-    C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\Dee\AppData\Roaming ======
2016-03-13 03:10:32    --------    d-----w-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2016-03-07 19:58:34    --------    d-----w-    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-03-06 18:35:53    --------    d-----w-    C:\Users\Dee\AppData\Local\Publishers
2016-03-06 18:35:40    --------    d-----w-    C:\Users\Dee\AppData\Local\Comms
2016-03-06 18:35:37    --------    d-----w-    C:\Users\Dee\AppData\Local\TileDataLayer
2016-03-06 18:30:49    --------    d-----w-    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google
2016-03-06 18:30:26    --------    d-----w-    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2016-03-06 18:29:03    --------    d-----w-    C:\Users\Default\AppData\Local\Google
2016-03-06 18:29:03    --------    d-----w-    C:\Users\Default User\AppData\Local\Google
2016-03-06 18:27:54    --------    d-s---r-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-03-06 18:27:54    --------    d-s---r-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Roaming
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Local\Temp
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Local\Microsoft
2016-03-06 18:27:54    --------    d-----w-    C:\Users\User\AppData\Local
2016-03-06 18:27:54    --------    d-----w-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-03-06 18:27:54    --------    d-----w-    C:\Users\Dee\AppData\Roaming
2016-03-06 18:27:54    --------    d-----w-    C:\Users\Dee\AppData\Local\Temp
2016-03-06 18:27:54    --------    d-----w-    C:\Users\Dee\AppData\Local\Microsoft
2016-03-06 18:27:54    --------    d-----w-    C:\Users\Dee\AppData\Local
2016-03-06 18:27:54    --------    d-----r-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-03-06 18:27:54    --------    d-----r-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-03-06 18:27:54    --------    d-----r-    C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-03-06 18:27:54    --------    d-----r-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-03-06 18:27:54    --------    d-----r-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-03-06 18:27:54    --------    d-----r-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-03-06 18:27:54    --------    d-----r-    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-03-06 18:27:15    --------    d-----w-    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-03-06 18:26:10    --------    d-----w-    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2016-02-28 22:04:58    --------    d-----w-    C:\Users\Dee\AppData\Local\hrblock2015
2016-02-28 22:04:55    --------    d-----w-    C:\Users\Dee\AppData\Local\hrb
2016-02-23 02:41:08    --------    d-----w-    C:\Users\Dee\AppData\Local\Mozilla
2016-02-22 21:22:23    705F912CB09D38C73F63541EDE6F908D    210296    ----a-w-    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
====== C:\Users\Dee ======
2016-03-17 06:26:52    D9D59BD0D90893F9AE9F875B30A382AE    2374144    ----a-w-    C:\Users\Dee\Desktop\FRST64.exe
2016-03-14 19:54:33    83EA34120B0F4A5C693252C41F144B1C    1527296    ----a-w-    C:\Users\Dee\Downloads\adwcleaner_5.102.exe
2016-03-10 15:29:18    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-06 18:37:19    --------    d-----w-    C:\ProgramData\Microsoft OneDrive
2016-03-06 18:35:38    --------    d--h--r-    C:\Users\Public\AccountPictures
2016-03-06 18:35:35    6FC234AD3752E1267B34FB12BCD6718B    20    --sh--w-    C:\Users\Dee\ntuser.ini
2016-03-06 18:32:07    --------    d-----w-    C:\ProgramData\USOShared
2016-03-06 18:27:54    --------    d--h--w-    C:\Users\User\AppData
2016-03-06 18:27:54    --------    d--h--w-    C:\Users\Dee\AppData
2016-03-06 18:27:16    --------    d-----w-    C:\ProgramData\NVIDIA
2016-03-06 18:27:10    --------    d-----w-    C:\ProgramData\NVIDIA Corporation
2016-03-06 18:27:03    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\ProgramData\DP45977C.lfl
2016-03-06 18:26:10    --------    d-----w-    C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-03-06 18:25:59    --------    d--h--w-    C:\WINDOWS\serviceprofiles\networkservice\AppData
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\networkservice\Saved Games
2016-03-06 18:25:59    --------    d-----w-    C:\WINDOWS\serviceprofiles\Localservice\Saved Games
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Videos
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Pictures
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Music
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Links
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Favorites
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Downloads
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Documents
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\networkservice\Desktop
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Videos
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Pictures
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Music
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Links
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Favorites
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Downloads
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Documents
2016-03-06 18:25:59    --------    d-----r-    C:\WINDOWS\serviceprofiles\Localservice\Desktop
2016-02-29 23:53:17    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-02-29 23:53:15    --------    d-----w-    C:\ProgramData\Hi-Rez Studios
2016-02-29 15:00:00    --------    d-----w-    C:\ProgramData\Nefarius Software Solutions
2016-02-29 05:34:11    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
2016-02-28 22:04:25    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block
2016-02-22 16:54:06    075B0DA82E23780FA2DD7F2EA0464FD4    258    --sha-r-    C:\ProgramData\ntuser.pol

====== C: exe-files ==
2016-03-17 15:27:47    F82C8D9429432739EAB2D2E69D2ECFC8    100    ----a-w-    C:\$Recycle.Bin\S-1-5-21-3311186725-2389629427-1582189158-1002\$I4MBJLA.exe
2016-03-17 15:20:32    89144ED117C1D506AE3AB6D0E12F4D4B    2094080    ----a-w-    C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy\updates\3.4.5_41865.exe
2016-03-17 15:20:32    25B6F764C7201ABD6672AAB425F48019    335872    ----a-w-    C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy\updates\3.4.5_41865\utorrentie.exe
2016-03-17 15:20:31    89144ED117C1D506AE3AB6D0E12F4D4B    2094080    ----a-w-    C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy\uTorrent.exe
2016-03-17 06:26:52    D9D59BD0D90893F9AE9F875B30A382AE    2374144    ----a-w-    C:\Users\Dee\Desktop\FRST64.exe
2016-03-15 16:00:25    9168DDF9AA663530BC4617ED6AA0185E    7458800    ----a-w-    C:\Users\Dee\AppData\Local\NVIDIA\NvBackend\Packages\0000881a\DAO.20541475.exe
2016-03-15 13:45:42    F7DEE0862B7D1808FBE81F4CB61EAF31    630200    ----a-w-    C:\Users\Dee\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2016-03-15 13:45:40    1B2E6F67B3976EE6C5AA8CE57B2F0748    172984    ----a-w-    C:\Users\Dee\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2016-03-15 02:04:33    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\3B7376FF-4891-479B-A748-7F80DEB2FB02\DismHost.exe
2016-03-14 20:56:11    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\5CD13AE2-DEA4-47A7-8B73-0BA7B180D9A3\DismHost.exe
2016-03-14 20:51:14    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\340012EA-FE18-40A8-BC67-3212BDE39203\DismHost.exe
2016-03-14 19:54:33    83EA34120B0F4A5C693252C41F144B1C    1527296    ----a-w-    C:\Users\Dee\Downloads\adwcleaner_5.102.exe
2016-03-14 19:37:05    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\3016379C-D85B-41E6-A9CD-CA383CF37C9E\DismHost.exe
2016-03-14 19:31:40    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\1F2F076E-B568-49C5-9B69-6A9C99C637DB\DismHost.exe
2016-03-14 15:32:03    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\C0ACA97D-39A3-4804-BC8D-77E6D8C4DA1A\DismHost.exe
2016-03-13 15:01:10    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Windows\Temp\E4AED514-C140-40A2-A28D-71F5DF516173\DismHost.exe
2016-03-13 03:10:41    75285E6D7FD68E30EF72CEE62D906B6E    14222712    ----a-w-    C:\Users\Dee\AppData\Local\Temp\DSOClient\dlcache\dro_client.exe
2016-03-13 03:10:13    2D42A3A5E036CF9B791751CADA6D92AC    22279040    ----a-w-    C:\Users\Dee\AppData\Local\Temp\DSOClient\dlcache\dro_setup.exe
2016-03-12 16:59:05    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\0A74B582-0381-4B52-AF03-E9C4F7F216C8\DismHost.exe
2016-03-12 15:33:23    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\053F4AF2-80C0-4CC7-AED8-3A79B99F3D9D\DismHost.exe
2016-03-12 04:12:36    D1AF2914A06A82C25102CC5CD91FBB05    142336    ------w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exe
2016-03-12 04:06:45    6D1CFE8F3D130BA4466653335EDE7779    59392    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe
2016-03-12 04:06:29    D1AF2914A06A82C25102CC5CD91FBB05    142336    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop.exe
2016-03-12 04:05:57    DDCE338BB173B32024679D61FB4F2BA6    537432    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\DirectX\DXSETUP.exe
2016-03-12 04:05:57    BF3F290275C21BDD3951955C9C3CF32C    517976    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\_CommonRedist\DirectX\Jun2010\DXSETUP.exe
2016-03-12 04:05:57    919E20DBE576E0D61AD16EF50CE833FE    315120    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\crashlogger.exe
2016-03-12 04:05:57    88C9CA17FA9F0944A574EA2932DA6FE2    642800    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsync.exe
2016-03-12 04:05:57    6E14F9BA3DC8B46912C0C1D7B1A80658    389416    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
2016-03-12 04:05:57    4629D9EC664B0699FE45F829C8EB2057    4184304    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hng.exe
2016-03-11 18:55:54    E4D26B91BBDC51ADF460F371323AECD1    8076992    ----a-w-    C:\Users\Dee\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2016-03-11 18:55:54    E4D26B91BBDC51ADF460F371323AECD1    8076992    ----a-w-    C:\Users\Dee\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\OneDriveSetup.exe
2016-03-11 18:55:50    1E9D2587344160BB2AF16C503F062868    171712    ----a-w-    C:\Users\Dee\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe
2016-03-11 18:55:50    092405FB2D6BC20668BEA02647FE2393    164040    ----a-w-    C:\Users\Dee\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileSyncConfig.exe
2016-03-11 04:06:50    14D16020608F824C799A79E492A41C9D    103424    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2016-03-11 04:06:44    BF3F290275C21BDD3951955C9C3CF32C    517976    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\directx_installer\dxsetup.exe
2016-03-11 04:06:44    7C1FC2021CF57FED3C25C9B03CD0C31A    100271992    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\directx_installer\directx_jun2010_redist.exe
2016-03-10 18:52:16    4E95AB8BEB2C8FD53B348EF4AD5121C5    149184    ----a-w-    C:\Users\Dee\AppData\Local\Temp\A5C822D1-A338-4305-BCF1-1496E9489174\DismHost.exe
=== C: other files ==
2016-03-17 15:27:55    AB1B88C235AEAABB1FE47A8B28F1F678    274    ----a-w-    C:\$Recycle.Bin\S-1-5-21-3311186725-2389629427-1582189158-1002\$IIPDM4Q.zip
2016-03-17 15:20:29    2B581428EB7B40B4103F874EF426EA64    2189969    ----a-w-    C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029\HTA\install.1458228029.zip
2016-03-17 06:31:56    CE0DCCD0373FACCC1600FFD05E12F289    74035    ----a-w-    C:\Users\Dee\Desktop\Summary.zip
2016-03-12 04:06:41    10CDBED65CE141C7F94581302E4FC6BC    427    ----a-w-    C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\uninstall.bat
2016-03-11 18:55:50    8CF4163521FDB8E53482003C7EFA7121    5850    ----a-w-    C:\Users\Dee\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3311186725-2389629427-1582189158-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Dee\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Dee\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 09:11 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA.job --a-------- C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe [2015-06-24 06:31 PM]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core" [C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002UA" [C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\IntelMemoryDiagnostic" ["%ApplicationDataFolder%\d3dx10.exe"]
"C:\WINDOWS\SysNative\tasks\pc shut down at night" [shutdown]
"C:\WINDOWS\SysNative\tasks\shut down" [shutdown]
"C:\WINDOWS\SysNative\tasks\updater" [C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{E7D86410-B9DC-4370-AEF2-46AC5231A2C7}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{EE5A38E6-E8A3-4C3A-9219-DCB56CD7E17A}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\tfca9pnf.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\tfca9pnf.default
6FE651F6E3025AD51CC1D54913AEEADC    - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll -    Shockwave Flash
AF8A94BCB98C299C49B28CC12EBC0ED2    - C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll -    Google Update
20FF20FBC1F20ADEC0AD6AF98ABE9545    - C:\Users\Dee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
57D28190C994AD5E9B1007FB2259393A    - C:\Users\Dee\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.ca/?hl=en&gws_rd=ssl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.ca/?hl=en&gws_rd=ssl"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dee\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: ScpToolkit Tray Notifications.lnk = C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files (x86)\Arc\ArcService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: SCP DSx Service (Ds3Service) - Scarlet.Crush Productions - C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\HiPatchService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dee\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Dee\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Dee\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Dee\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dee\AppData\Local\Mozilla\Firefox\Profiles\tfca9pnf.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=40 folders=52 43233051 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Dee\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 2016-03-17 at 11:48:04.21 ======================
 



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:46 AM

Posted 17 March 2016 - 03:27 PM

Thank you.

Could you update me on your computer performance?

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy
C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job
emptytemp:
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Copy/paste the following in the Search Field
GoogleUpdate.exe
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Search.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 06:17 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Dee (2016-03-17 19:15:22) Run:2
Running from C:\Users\Dee\Desktop
Loaded Profiles: Dee (Available Profiles: User & Dee)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy
C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job
emptytemp:
*****************

"C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029_permissionsCopy" => not found.
"C:\Users\Dee\AppData\Local\Temp\HYD72BC.tmp.1458228029" => not found.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3311186725-2389629427-1582189158-1002Core.job => moved successfully
EmptyTemp: => 158.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:15:29 ====



#11 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 06:20 PM

Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Dee (2016-03-17 19:19:34)
Running from C:\Users\Dee\Desktop
Boot Mode: Normal

================== Search Files: "GoogleUpdate.exe" =============

C:\Users\Dee\AppData\Local\Google\Update\GoogleUpdate.exe
[2015-07-13 11:59][2015-06-24 18:31] 0144200 ___AT (Google Inc.) 0C03FB91E17987EED93F60007B08DAA0 [File is digitally signed]

C:\Users\Dee\AppData\Local\Google\Update\1.3.29.5\GoogleUpdate.exe
[2016-02-02 02:52][2016-02-02 02:52] 0154440 ___AT (Google Inc.) 750446ED76A5D13E902174DDDDA1A62B [File is digitally signed]

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[2015-06-24 16:26][2015-08-27 21:11] 0144200 ___AT (Google Inc.) DD7423ABBE2913E70D50E9318AD57EE4 [File is digitally signed]

C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe
[2016-02-02 16:27][2016-02-02 16:27] 0154440 ___AT (Google Inc.) 750446ED76A5D13E902174DDDDA1A62B [File is digitally signed]

====== End of Search ======



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:46 AM

Posted 17 March 2016 - 06:53 PM

How is your computer running now?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 17 March 2016 - 08:34 PM

It is running a lot better than it was. Not having the small issues anymore. I got rid of U torrent and everything that i downloaded. TY for your help.


Edited by angaar, 17 March 2016 - 08:36 PM.


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:46 AM

Posted 17 March 2016 - 09:00 PM

Great but we have just a little more to do. Please do this.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Check Uninstall application on close
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 angaar

angaar
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 18 March 2016 - 11:10 AM

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=61c5ee88d34d564bbb9bbf1e9e8743c4
# end=init
# utc_time=2016-03-18 05:19:27
# local_time=2016-03-18 01:19:27 (-0500, Eastern Daylight Time)
# country="Canada"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28536
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=61c5ee88d34d564bbb9bbf1e9e8743c4
# end=updated
# utc_time=2016-03-18 05:21:55
# local_time=2016-03-18 01:21:55 (-0500, Eastern Daylight Time)
# country="Canada"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=61c5ee88d34d564bbb9bbf1e9e8743c4
# engine=28536
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-03-18 06:06:13
# local_time=2016-03-18 02:06:13 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 11170116 0 0
# scanned=338346
# found=2
# cleaned=2
# scan_time=2657
sh=D2729A4023832FB9806B688F560C41D62C5D3A1F ft=1 fh=163fe2671697fce8 vn="Java/TrojanDownloader.Agent.NLI trojan (cleaned by deleting)" ac=C fn="C:\Users\Dee\AppData\Roaming\d3dx10.exe"
sh=6F4559C9C32EFF46F10BC75E9C23F1C4423417FF ft=0 fh=0000000000000000 vn="a variant of Win32/OpenCandy.G potentially unsafe application (deleted)" ac=C fn="C:\Windows.old\Users\Dee\AppData\Local\Temp\HYD2210.tmp.1457278761\HTA\install.1457278761.zip"
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users