Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes not updating AFTER hardcore cleaning..


  • This topic is locked This topic is locked
7 replies to this topic

#1 Amebix

Amebix

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 06 May 2016 - 09:59 PM

EDIT: I also forgot to add that I had to create a new login on his machine to give myself ADMIN, don't know if this info will help with what was going on in order to clean it and what It could be infecting it...

 

 

My friends PC was INFECTED to the eyeballs with junk and god knows what else. I cleaned it the best I could, but now his internet seems to be SLOW as all hell while the rest of his machine runs better than it did and boots up pretty fast now. Being new to this and learning as I go I am sure I did not get everything, I would like some help on things I missed. Plus Malwarebytes wont update all the way...I have to keep hitting the update when it stops to make the status bar go a sliver at a time...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016 03
Ran by amebi (administrator) on JAYME (06-05-2016 22:47:02)
Running from C:\Users\amebi\Downloads
Loaded Profiles: amebi (Available Profiles: amebi)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-04-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-15] (AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-04-05] (Plays.tv, LLC)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-3133744223-911963526-3349633446-1001\...\Run: [Google Update] => C:\Users\amebi\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-04-21] (Google Inc.)
HKU\S-1-5-21-3133744223-911963526-3349633446-1001\...\MountPoints2: F - "F:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-24]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181 192.168.1.1
Tcpip\..\Interfaces\{7bec3f81-9791-41a4-b56c-bb926f04f1f8}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{fa36c685-3a93-4d06-9586-dd4766c06833}: [DhcpNameServer] 167.206.13.180 167.206.13.181 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3133744223-911963526-3349633446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.4.0.508&pid=safeguard&sg=&sap=hp
HKU\S-1-5-21-3133744223-911963526-3349633446-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3133744223-911963526-3349633446-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3133744223-911963526-3349633446-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3133744223-911963526-3349633446-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.3.0.491&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-17] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\amebi\AppData\Roaming\Mozilla\Firefox\Profiles\tyru0q6a.default
FF DefaultSearchEngine: AVG Secure Search
FF DefaultSearchEngine.US: Google
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-09] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin HKU\S-1-5-21-3133744223-911963526-3349633446-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\amebi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3133744223-911963526-3349633446-1001: @talk.google.com/O1DPlugin -> C:\Users\amebi\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3133744223-911963526-3349633446-1001: @tools.google.com/Google Update;version=3 -> C:\Users\amebi\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3133744223-911963526-3349633446-1001: @tools.google.com/Google Update;version=9 -> C:\Users\amebi\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\amebi\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\amebi\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Adblock Plus - C:\Users\amebi\AppData\Roaming\Mozilla\Firefox\Profiles\tyru0q6a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: Steel Cut 1.0.1 - C:\Users\amebi\AppData\Roaming\Mozilla\Firefox\Profiles\tyru0q6a.default\Extensions\{f7898a19-9078-4699-b642-596049d244f6}.xpi [2016-04-17] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-09]
CHR Extension: (Google Docs) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-09]
CHR Extension: (Google Drive) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-09]
CHR Extension: (YouTube) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-09]
CHR Extension: (Google Sheets) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-09]
CHR Extension: (Google Docs Offline) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (Avast Online Security) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Gmail) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-04-03] (Advanced Micro Devices) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-08] (AVAST Software)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-04-05] (Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [465088 2016-04-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-04-04] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-13] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102400 2016-04-03] (Advanced Micro Devices)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
U0 giniuu; C:\Windows\System32\drivers\yweuxyd.sys [79064 2016-05-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-06] (Malwarebytes)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R1 RegHiveRecovery; C:\WINDOWS\system32\drivers\RegHiveRecovery.sys [48304 2014-02-20] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek                                            )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40552 2013-08-22] (Microsoft Corporation)
S3 dtultrascsibus; \SystemRoot\System32\drivers\dtultrascsibus.sys [X]
S3 dtultrausbbus; \SystemRoot\System32\drivers\dtultrausbbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-06 22:47 - 2016-05-06 22:47 - 00016080 _____ C:\Users\amebi\Downloads\FRST.txt
2016-05-06 22:46 - 2016-05-06 22:47 - 00000000 ____D C:\FRST
2016-05-06 22:43 - 2016-05-06 22:46 - 02379264 _____ (Farbar) C:\Users\amebi\Downloads\FRST64.exe
2016-05-06 22:34 - 2016-05-06 22:38 - 02003180 _____ C:\Users\amebi\Downloads\adwcleaner_5.115.exe.part
2016-05-06 22:27 - 2016-05-06 22:27 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\yweuxyd.sys
2016-05-06 21:52 - 2016-05-06 21:52 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-06 21:52 - 2016-05-06 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-06 21:52 - 2016-05-06 21:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-06 21:52 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-06 21:52 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-06 21:52 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-06 21:47 - 2016-05-06 21:48 - 00321848 _____ (Malwarebytes Corporation) C:\Users\amebi\Downloads\mbam-clean-2.1.1.1001.exe
2016-05-06 21:11 - 2016-05-06 21:11 - 00281460 _____ C:\WINDOWS\Minidump\050616-29921-01.dmp
2016-05-06 21:03 - 2016-05-06 21:03 - 00000000 ____D C:\Users\amebi\AppData\Local\Introversion
2016-05-06 20:59 - 2016-05-06 21:02 - 00000000 ____D C:\Users\amebi\Documents\HPL3
2016-05-06 17:46 - 2016-05-06 17:46 - 00000000 __SHD C:\Users\amebi\AppData\Local\ms-drivers
2016-05-06 17:46 - 2016-05-06 17:46 - 00000000 __SHD C:\Users\amebi\AppData\Local\icsxml
2016-05-06 17:45 - 2016-05-06 17:45 - 00000000 ____D C:\Users\amebi\AppData\Local\MetaGeek,_LLC
2016-05-06 17:43 - 2016-05-06 17:43 - 00002499 _____ C:\Users\Public\Desktop\inSSIDer 4.lnk
2016-05-06 17:43 - 2016-05-06 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2016-05-06 17:43 - 2016-05-06 17:43 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2016-05-06 07:40 - 2016-05-06 07:40 - 00000759 _____ C:\Users\Public\Desktop\Mad Max.lnk
2016-05-06 07:40 - 2016-05-06 07:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mad Max
2016-05-05 23:54 - 2016-05-06 19:43 - 00000104 _____ C:\Users\amebi\Desktop\Fallout4Custom.ini
2016-05-05 21:31 - 2016-05-05 21:31 - 00000000 ____D C:\Users\amebi\Documents\SkidRow
2016-05-05 21:16 - 2016-05-05 21:16 - 00000933 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-05-05 21:16 - 2016-05-05 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-05-05 21:16 - 2016-05-05 21:16 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-05-05 21:14 - 2016-05-05 21:15 - 06356696 _____ (Black Tree Gaming ) C:\Users\amebi\Downloads\Nexus Mod Manager-0.61.22.exe
2016-05-05 19:48 - 2016-03-30 11:09 - 00000000 ____D C:\Users\amebi\Desktop\Fallout 4_RePack by SEYTER
2016-05-04 02:57 - 2016-05-04 02:57 - 00001018 _____ C:\Users\amebi\Desktop\Dreamfall Chapters Special Edition.lnk
2016-05-04 02:57 - 2016-05-04 02:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dreamfall Chapters Special Edition
2016-05-04 02:30 - 2016-05-04 02:38 - 00000000 ____D C:\Users\amebi\Documents\PlanetExplorers
2016-05-03 20:54 - 2016-05-03 20:54 - 00000837 _____ C:\Users\amebi\Desktop\Launch X Rebirth (2).lnk
2016-05-03 12:57 - 2016-05-03 12:57 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\Red Thread Games
2016-05-03 12:41 - 2016-05-05 23:23 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-05-02 22:25 - 2016-05-03 13:01 - 00000000 ____D C:\Users\amebi\Documents\Egosoft
2016-05-02 22:25 - 2016-05-02 22:25 - 00000807 _____ C:\Users\Public\Desktop\X Rebirth.lnk
2016-05-02 22:25 - 2016-05-02 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X Rebirth [GOG.com]
2016-05-01 21:35 - 2016-05-01 21:43 - 27655909 _____ C:\Users\amebi\Downloads\OrganTrailDC2.0.4.apk.part
2016-05-01 03:00 - 2016-05-01 03:00 - 00001050 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-05-01 03:00 - 2016-05-01 03:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-05-01 02:59 - 2016-05-01 15:41 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Winamp
2016-05-01 02:59 - 2016-05-01 03:00 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-05-01 02:57 - 2016-05-01 02:59 - 10328598 _____ (Nullsoft, Inc.) C:\Users\amebi\Downloads\winamp5666_full_en-us_redux.exe
2016-04-30 03:54 - 2016-04-30 04:00 - 00000000 ____D C:\Users\amebi\Downloads\Kill or Be Killed.2015.HDRip.XViD-ETRG
2016-04-29 23:54 - 2016-04-29 23:54 - 00000000 ____D C:\Users\amebi\Documents\CPY_SAVES
2016-04-29 21:38 - 2016-04-29 22:42 - 00000000 ____D C:\Users\amebi\Desktop\Mameui64
2016-04-29 20:53 - 2016-04-29 20:55 - 39697628 _____ C:\Users\amebi\Downloads\mame0173b_64bit.exe
2016-04-29 20:45 - 2016-04-29 20:45 - 00255583 _____ C:\Users\amebi\Downloads\gauntleg12.zip
2016-04-29 20:38 - 2016-05-06 18:36 - 00000000 ____D C:\Users\amebi\Desktop\gauntleg
2016-04-29 13:03 - 2016-04-29 13:05 - 00000000 ____D C:\Users\amebi\Downloads\Lucifer.S01E04.HDTV.x264-LOL[ettv]
2016-04-29 13:00 - 2016-04-29 13:02 - 00000000 ____D C:\Users\amebi\Downloads\Lucifer.S01E03.HDTV.x264-LOL[ettv]
2016-04-29 11:21 - 2016-04-29 12:58 - 00000000 ____D C:\Users\amebi\Downloads\Lucifer.S01E02.HDTV.x264-LOL[ettv]
2016-04-29 11:19 - 2016-04-29 11:21 - 00000000 ____D C:\Users\amebi\Downloads\Lucifer.S01E01.HDTV.x264-LOL[ettv]
2016-04-29 01:03 - 2016-04-29 10:52 - 00000000 ____D C:\Users\amebi\Downloads\The Departed (2006)
2016-04-29 01:02 - 2016-04-29 01:10 - 00000000 ____D C:\Users\amebi\Downloads\Pandemic.2016.BDRip.x264.AC3.RoSubbed-playSD
2016-04-29 00:50 - 2016-04-29 10:58 - 00000000 ____D C:\Users\amebi\Downloads\[AC] Fate Zero Complete [720p][Dual Audio][Lucifer22]
2016-04-29 00:12 - 2016-04-29 00:12 - 00001011 _____ C:\Users\Public\Desktop\Fahrenheit Indigo Prophecy Remastered.lnk
2016-04-29 00:12 - 2016-04-29 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fahrenheit Indigo Prophecy Remastered
2016-04-28 21:49 - 2016-04-29 00:29 - 833162051 _____ C:\Users\amebi\Downloads\FB_Alpha_v0.2.97.08_CPS-2_ROM_Collection_(Capcom_CPS2_ROMs)_by_Lovok.rar
2016-04-28 21:49 - 2016-04-28 23:19 - 873313308 _____ C:\Users\amebi\Downloads\FBANext_r455_Capcom_CPS2_ROM_Collection_(CPS-2_ROMs)_by_Lovok.rar
2016-04-28 20:31 - 2016-04-28 20:31 - 00000000 ____D C:\Users\amebi\Desktop\burn
2016-04-28 04:16 - 2016-04-28 04:18 - 378685830 _____ C:\Users\amebi\Downloads\Steve-O.Guilty.As.Charged.2016.HDTV.x264-BATV.mp4
2016-04-27 00:31 - 2016-04-27 00:32 - 00000000 ____D C:\Users\amebi\Downloads\Containment.2015.DVDRip.XViD-ETRG
2016-04-26 23:58 - 2016-04-27 00:06 - 00000000 ____D C:\Users\amebi\Downloads\Containment.S01E02.HDTV.x264-LOL[ettv]
2016-04-26 23:57 - 2016-04-27 00:31 - 892658411 _____ C:\Users\amebi\Downloads\The.5th.Wave.2016.720p.WEB-DL.850MB.MkvCage.mkv
2016-04-26 17:38 - 2016-04-26 17:40 - 00000000 ____D C:\Users\amebi\Downloads\Boyz n The Hood (1991)
2016-04-26 17:31 - 2016-04-26 17:37 - 733311314 _____ C:\Users\amebi\Downloads\Chappelle's Show The Lost Episodes.avi
2016-04-26 17:25 - 2016-04-26 17:30 - 00000000 ____D C:\Users\amebi\Downloads\Retreat (2011)
2016-04-26 16:15 - 2016-04-26 17:03 - 00000000 ____D C:\Users\amebi\Downloads\Dawn Of The Planet of The Apes 2014 720p WEB-DL x264 AC3-JYK
2016-04-26 13:51 - 2016-04-26 13:52 - 00000000 ____D C:\Users\amebi\Downloads\The Last Ship Season 1 Complete
2016-04-26 01:47 - 2016-04-26 01:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-26 01:33 - 2016-04-26 17:39 - 906264276 _____ C:\Users\amebi\Downloads\The.Thin.Red.Line.1998.Criterion.720p.BRrip.x265.HEVC.10bit.PoOlLa.mkv
2016-04-26 01:01 - 2016-04-26 01:13 - 00000000 ____D C:\Users\amebi\Downloads\47.Ronin.2013.720p.BluRay.H264.AAC-RARBG
2016-04-25 20:57 - 2016-04-25 20:57 - 00000000 ____D C:\Users\amebi\AppData\Local\Hinterland
2016-04-25 15:49 - 2016-04-25 15:55 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Notepad++
2016-04-25 15:49 - 2016-04-25 15:49 - 04203840 _____ C:\Users\amebi\Downloads\npp.6.9.1.Installer.exe
2016-04-25 15:49 - 2016-04-25 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-04-25 15:49 - 2016-04-25 15:49 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-04-25 15:25 - 2016-05-05 01:55 - 00000000 ____D C:\Users\amebi\AppData\Roaming\mIRC
2016-04-25 15:25 - 2016-04-25 15:25 - 02731704 _____ (mIRC Co. Ltd.) C:\Users\amebi\Downloads\mirc745.exe
2016-04-25 15:25 - 2016-04-25 15:25 - 00001022 _____ C:\Users\Public\Desktop\mIRC.lnk
2016-04-25 15:25 - 2016-04-25 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-04-25 15:25 - 2016-04-25 15:25 - 00000000 ____D C:\Program Files (x86)\mIRC
2016-04-25 03:45 - 2016-04-25 03:49 - 00000000 ____D C:\Users\amebi\Downloads\Game.of.Thrones.S06E01.INTERNAL.HDTV.x264-KILLERS[ettv]
2016-04-24 14:58 - 2016-04-24 15:42 - 00000000 ____D C:\Users\amebi\Downloads\[ www.torrenting.com ] - CKY-The.Greatest.Hits.2014.XviD-AFG
2016-04-24 14:58 - 2016-04-24 15:02 - 00000000 ____D C:\Users\amebi\Downloads\CKY 1-4 [xvid]
2016-04-24 02:49 - 2016-04-24 02:53 - 00000000 ____D C:\Users\amebi\Downloads\Baskin.2015.720p.WEBRip.x264.Turkish.AAC-ETRG
2016-04-24 02:35 - 2016-04-24 02:48 - 00000000 ____D C:\Users\amebi\Downloads\Phoenix.Incident.2015.DOCU.DVDRip.x264.AC3-FGT
2016-04-24 02:11 - 2016-04-24 02:16 - 00000000 ____D C:\Users\amebi\Downloads\Family.Therapy.S01E04.I.Am.In.Crisis.HDTV.x264-[NY2]
2016-04-24 02:06 - 2016-04-24 02:11 - 394223511 _____ C:\Users\amebi\Downloads\Family.Therapy.With.Dr.Jenn.S01E03.Ive.Got.The.Power.WEBRIP-MEGATV.mp4
2016-04-24 02:01 - 2016-04-24 02:06 - 347982328 _____ C:\Users\amebi\Downloads\Family.Therapy.With.Dr.Jenn.S01E04.I.Am.In.Crisis.HDTV-MEGATV.mp4
2016-04-24 01:55 - 2016-04-24 02:01 - 369291278 _____ C:\Users\amebi\Downloads\Family.Therapy.With.Dr.Jenn.S01E05.Secrets.HDTV-MEGATV.mp4
2016-04-24 01:50 - 2016-04-24 01:50 - 00000000 ____D C:\Users\amebi\Downloads\YouTube Downloader (YTD) Pro 5.4.0.1 + Crack [KaranPC]
2016-04-23 23:12 - 2016-04-23 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-04-23 23:12 - 2016-04-23 23:12 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-04-23 23:11 - 2016-04-23 23:12 - 07878008 _____ (Microsoft Corporation) C:\Users\amebi\Downloads\Xbox360_64Eng(2).exe
2016-04-23 21:54 - 2016-04-23 21:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_xusb21_01001.Wdf
2016-04-23 21:38 - 2016-04-23 21:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2016-04-23 21:21 - 2016-04-23 21:22 - 07878008 _____ (Microsoft Corporation) C:\Users\amebi\Downloads\Xbox360_64Eng(1).exe
2016-04-23 20:07 - 2016-04-24 01:21 - 00000000 ____D C:\Users\amebi\Downloads\Mad Max [RePack]
2016-04-23 19:17 - 2016-05-06 10:41 - 00000000 ____D C:\Users\amebi\Documents\WB Games
2016-04-23 16:53 - 2016-04-23 16:53 - 00000951 _____ C:\Users\amebi\Desktop\Middle Earth Shadow of Mordor.lnk
2016-04-23 16:53 - 2016-04-23 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
2016-04-23 16:46 - 2016-04-23 16:46 - 00000855 _____ C:\Users\Public\Desktop\NEO Scavenger.lnk
2016-04-23 16:46 - 2016-04-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEO Scavenger [GOG.com]
2016-04-23 16:32 - 2016-04-23 16:39 - 00000000 ____D C:\Users\amebi\Downloads\Neo.Scavenger.v2.5.0.6-GOG
2016-04-23 00:55 - 2016-04-23 01:16 - 785102795 _____ C:\Users\amebi\Downloads\The.Boy.2016.720p.HDRiP.750MB.ShAaNiG.mkv
2016-04-23 00:13 - 2016-05-06 21:11 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-23 00:13 - 2016-04-23 00:14 - 00281140 _____ C:\WINDOWS\Minidump\042316-23656-01.dmp
2016-04-22 20:37 - 2016-04-22 21:37 - 00000000 ____D C:\Users\amebi\Documents\Assessment Results
2016-04-22 20:37 - 2016-04-22 20:37 - 00000000 ____D C:\Users\amebi\Documents\Windows Assessment Console
2016-04-22 20:37 - 2016-04-22 20:37 - 00000000 ____D C:\Users\amebi\AppData\Local\Windows Assessment Console
2016-04-22 20:37 - 2016-04-22 20:37 - 00000000 ____D C:\Users\amebi\AppData\Local\Microsoft_Corporation
2016-04-22 18:44 - 2014-02-20 05:52 - 00048304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RegHiveRecovery.sys
2016-04-22 18:43 - 2016-04-22 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-04-22 18:43 - 2016-04-22 18:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-04-22 17:14 - 2016-04-22 17:14 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KrView
2016-04-22 17:14 - 2016-04-22 17:14 - 00000000 ____D C:\Program Files (x86)\KrView
2016-04-22 17:13 - 2016-04-22 17:13 - 01388544 ____N (Microsoft Corporation) C:\WINDOWS\msvbvm60.dll
2016-04-22 17:13 - 2016-04-22 17:13 - 00327680 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2016-04-22 17:13 - 2016-04-22 17:13 - 00198656 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2016-04-22 17:13 - 2016-04-22 17:13 - 00151622 ____N (Microsoft Corporation) C:\WINDOWS\modcas.dll
2016-04-22 17:13 - 2016-04-22 17:13 - 00101888 ____N (Microsoft Corporation) C:\WINDOWS\odestkit.dll
2016-04-22 17:13 - 2016-04-22 17:13 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\ODEUNST.EXE
2016-04-22 17:13 - 2016-04-22 17:13 - 00003945 ____N C:\WINDOWS\SysWOW64\ospfilelist.txt
2016-04-22 17:08 - 2016-04-22 17:09 - 06056720 _____ C:\Users\amebi\Downloads\KrView_100-82.exe
2016-04-22 16:56 - 2016-04-22 16:57 - 01435680 _____ (Microsoft Corporation) C:\Users\amebi\Downloads\adksetup.exe
2016-04-22 14:57 - 2016-04-23 19:14 - 00000000 ____D C:\Users\amebi\Downloads\Roms.MAME.v0.139.Full.Arcade.Set.Roms-OneUp
2016-04-22 14:56 - 2016-04-28 19:35 - 00000000 ____D C:\Users\amebi\Downloads\Neo-Geo Arcade Perfect Set (20080101) [Misc. Genres1990]
2016-04-22 13:10 - 2016-04-23 20:56 - 00000000 ____D C:\Program Files\PeerBlock
2016-04-22 13:10 - 2016-04-22 13:10 - 00001779 _____ C:\Users\amebi\Desktop\PeerBlock.lnk
2016-04-22 13:10 - 2016-04-22 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2016-04-22 13:05 - 2016-04-22 13:09 - 02374320 _____ (PeerBlock, LLC ) C:\Users\amebi\Downloads\PeerBlock-Setup_v1.2_r693.exe
2016-04-22 04:03 - 2016-04-22 04:03 - 00000000 ____D C:\Users\amebi\Downloads\Southbound 2015 UNRATED.HDRip.XViD-ETRG
2016-04-22 03:29 - 2016-04-22 03:38 - 00000000 ____D C:\Users\amebi\Downloads\Midnight.Special.2016.HC.HDRip.XviD.AC3-EVO
2016-04-22 00:23 - 2016-04-22 00:23 - 00000949 _____ C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-22 00:23 - 2016-04-22 00:23 - 00000901 _____ C:\Users\amebi\Desktop\Start Tor Browser.lnk
2016-04-22 00:22 - 2016-04-22 00:22 - 00000000 ____D C:\Users\amebi\Desktop\Tor Browser
2016-04-22 00:07 - 2016-04-22 00:22 - 43786008 _____ C:\Users\amebi\Downloads\torbrowser-install-5.5.4_en-US.exe
2016-04-21 18:49 - 2016-05-06 21:54 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001UA.job
2016-04-21 18:49 - 2016-05-06 18:54 - 00000868 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001Core.job
2016-04-21 18:49 - 2016-04-21 18:49 - 00987728 _____ (Google Inc.) C:\Users\amebi\Downloads\GoogleVoiceAndVideoSetup.exe
2016-04-21 18:49 - 2016-04-21 18:49 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001UA
2016-04-21 18:49 - 2016-04-21 18:49 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001Core
2016-04-21 18:40 - 2016-04-21 18:40 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\Unknown Worlds
2016-04-21 18:33 - 2016-04-21 18:49 - 00000000 ____D C:\Users\amebi\Downloads\Fahrenheit Indigo Prophecy Remastered [RePack]
2016-04-21 18:22 - 2016-04-21 18:25 - 00000000 ____D C:\Users\amebi\Downloads\Kerbal.Space.Program.v2.4.0.6-GOG
2016-04-20 15:04 - 2016-04-02 00:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-20 15:04 - 2016-04-01 23:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-20 15:04 - 2016-03-29 06:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-20 15:04 - 2016-03-29 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-20 15:04 - 2016-03-29 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-20 15:04 - 2016-03-29 03:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-20 15:04 - 2016-03-29 03:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-20 15:04 - 2016-03-29 03:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-20 15:04 - 2016-03-29 03:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-20 15:04 - 2016-03-29 03:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-20 15:04 - 2016-03-29 03:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-20 15:04 - 2016-03-29 02:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-20 15:04 - 2016-03-29 02:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-20 15:04 - 2016-03-29 02:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-20 15:04 - 2016-03-29 02:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-20 15:04 - 2016-03-29 02:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-20 15:04 - 2016-03-29 02:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-20 15:04 - 2016-03-29 02:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-20 15:04 - 2016-03-29 02:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-20 15:04 - 2016-03-29 02:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-20 15:04 - 2016-03-29 02:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-20 15:04 - 2016-03-29 02:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-20 15:04 - 2016-03-29 02:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-20 15:04 - 2016-03-29 02:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-20 15:04 - 2016-03-29 01:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-20 15:04 - 2016-03-29 01:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-20 15:04 - 2016-03-29 01:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-20 15:04 - 2016-03-29 01:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-20 15:04 - 2016-03-29 01:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-20 15:04 - 2016-03-29 01:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-20 15:04 - 2016-03-29 01:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-20 15:04 - 2016-03-29 01:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-20 15:04 - 2016-03-29 01:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-20 15:04 - 2016-03-29 01:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-20 15:04 - 2016-03-29 01:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-20 15:04 - 2016-02-24 05:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-20 15:04 - 2016-02-24 05:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-20 15:04 - 2016-02-24 05:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-20 15:04 - 2016-02-24 05:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-20 15:04 - 2016-02-24 04:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-20 15:04 - 2016-02-24 04:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-20 15:04 - 2016-02-24 04:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-20 15:04 - 2016-02-24 01:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-20 15:04 - 2016-02-24 01:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-20 15:04 - 2016-02-24 01:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-20 15:04 - 2016-02-24 01:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-20 15:04 - 2016-02-23 07:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-20 15:04 - 2016-02-23 06:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-20 15:04 - 2016-02-23 06:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-20 15:04 - 2016-02-23 06:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-20 15:04 - 2016-02-23 06:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-20 15:04 - 2016-02-23 06:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-20 15:04 - 2016-02-23 05:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-20 15:04 - 2016-02-23 05:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-20 15:04 - 2016-02-23 05:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-20 15:04 - 2016-02-23 04:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-20 15:04 - 2016-02-23 03:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-20 15:04 - 2016-02-23 02:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-20 15:04 - 2016-02-23 02:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-20 15:04 - 2016-02-23 02:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-20 15:04 - 2016-02-23 02:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-20 15:03 - 2016-04-01 23:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-20 15:03 - 2016-04-01 23:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-20 15:03 - 2016-04-01 23:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-20 15:03 - 2016-04-01 23:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-20 15:03 - 2016-04-01 23:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-20 15:03 - 2016-04-01 23:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-20 15:03 - 2016-04-01 23:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-20 15:03 - 2016-04-01 23:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-20 15:03 - 2016-03-29 06:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 15:03 - 2016-03-29 06:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-20 15:03 - 2016-03-29 05:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-20 15:03 - 2016-03-29 05:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-20 15:03 - 2016-03-29 05:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-20 15:03 - 2016-03-29 05:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-20 15:03 - 2016-03-29 05:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-20 15:03 - 2016-03-29 05:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-20 15:03 - 2016-03-29 05:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 15:03 - 2016-03-29 04:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-20 15:03 - 2016-03-29 04:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-20 15:03 - 2016-03-29 04:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-20 15:03 - 2016-03-29 04:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 15:03 - 2016-03-29 04:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-20 15:03 - 2016-03-29 03:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-20 15:03 - 2016-03-29 03:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-20 15:03 - 2016-03-29 03:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-20 15:03 - 2016-03-29 03:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-20 15:03 - 2016-03-29 03:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-20 15:03 - 2016-03-29 03:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-20 15:03 - 2016-03-29 03:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-20 15:03 - 2016-03-29 03:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-20 15:03 - 2016-03-29 03:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-20 15:03 - 2016-03-29 03:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-20 15:03 - 2016-03-29 03:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-20 15:03 - 2016-03-29 03:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-20 15:03 - 2016-03-29 03:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-20 15:03 - 2016-03-29 03:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-20 15:03 - 2016-03-29 03:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-20 15:03 - 2016-03-29 03:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-20 15:03 - 2016-03-29 03:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-20 15:03 - 2016-03-29 03:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-20 15:03 - 2016-03-29 03:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-20 15:03 - 2016-03-29 03:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-20 15:03 - 2016-03-29 03:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-20 15:03 - 2016-03-29 03:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-20 15:03 - 2016-03-29 03:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-20 15:03 - 2016-03-29 02:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-20 15:03 - 2016-03-29 02:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-20 15:03 - 2016-03-29 02:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-20 15:03 - 2016-03-29 02:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-20 15:03 - 2016-03-29 02:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-20 15:03 - 2016-03-29 02:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-20 15:03 - 2016-03-29 02:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-20 15:03 - 2016-03-29 02:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-20 15:03 - 2016-03-29 02:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-20 15:03 - 2016-03-29 02:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-20 15:03 - 2016-03-29 02:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-20 15:03 - 2016-03-29 02:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-20 15:03 - 2016-03-29 02:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-20 15:03 - 2016-03-29 02:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-20 15:03 - 2016-03-29 02:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-20 15:03 - 2016-03-29 02:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-20 15:03 - 2016-03-29 02:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-20 15:03 - 2016-03-29 02:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-20 15:03 - 2016-03-29 02:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-20 15:03 - 2016-03-29 02:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-20 15:03 - 2016-03-29 01:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-20 15:03 - 2016-03-29 01:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-20 15:03 - 2016-03-29 01:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-20 15:03 - 2016-03-29 01:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-20 15:03 - 2016-03-29 01:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-20 15:03 - 2016-03-29 01:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-20 15:03 - 2016-03-29 01:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-20 15:03 - 2016-03-29 01:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-20 15:03 - 2016-03-01 01:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-20 15:03 - 2016-03-01 01:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-20 15:03 - 2016-02-24 05:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-20 15:03 - 2016-02-24 05:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-20 15:03 - 2016-02-24 05:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-20 15:03 - 2016-02-24 04:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-20 15:03 - 2016-02-24 04:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-20 15:03 - 2016-02-24 04:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-20 15:03 - 2016-02-24 04:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-20 15:03 - 2016-02-24 04:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-20 15:03 - 2016-02-24 04:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-20 15:03 - 2016-02-24 04:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-20 15:03 - 2016-02-24 04:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-20 15:03 - 2016-02-24 04:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-20 15:03 - 2016-02-24 04:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-20 15:03 - 2016-02-24 03:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-20 15:03 - 2016-02-24 03:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-20 15:03 - 2016-02-24 02:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-20 15:03 - 2016-02-24 02:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-20 15:03 - 2016-02-24 02:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-20 15:03 - 2016-02-24 02:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-20 15:03 - 2016-02-24 02:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-20 15:03 - 2016-02-24 02:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-20 15:03 - 2016-02-24 02:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-20 15:03 - 2016-02-24 02:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-20 15:03 - 2016-02-24 02:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-20 15:03 - 2016-02-24 02:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-20 15:03 - 2016-02-24 02:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-20 15:03 - 2016-02-24 02:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-20 15:03 - 2016-02-24 02:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-20 15:03 - 2016-02-24 02:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-20 15:03 - 2016-02-24 02:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-20 15:03 - 2016-02-24 01:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-20 15:03 - 2016-02-24 01:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-20 15:03 - 2016-02-23 06:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-20 15:03 - 2016-02-23 06:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-20 15:03 - 2016-02-23 06:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-20 15:03 - 2016-02-23 06:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-20 15:03 - 2016-02-23 06:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-20 15:03 - 2016-02-23 06:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-20 15:03 - 2016-02-23 06:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-20 15:03 - 2016-02-23 06:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-20 15:03 - 2016-02-23 05:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-20 15:03 - 2016-02-23 05:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-20 15:03 - 2016-02-23 05:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-20 15:03 - 2016-02-23 05:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-20 15:03 - 2016-02-23 05:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-20 15:03 - 2016-02-23 05:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-20 15:03 - 2016-02-23 05:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-20 15:03 - 2016-02-23 04:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-20 15:03 - 2016-02-23 04:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-20 15:03 - 2016-02-23 04:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-20 15:03 - 2016-02-23 04:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-20 15:03 - 2016-02-23 04:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-20 15:03 - 2016-02-23 04:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-20 15:03 - 2016-02-23 04:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-20 15:03 - 2016-02-23 04:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-20 15:03 - 2016-02-23 04:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-20 15:03 - 2016-02-23 04:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-20 15:03 - 2016-02-23 04:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-20 15:03 - 2016-02-23 04:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-20 15:03 - 2016-02-23 04:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-20 15:03 - 2016-02-23 04:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-20 15:03 - 2016-02-23 04:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-20 15:03 - 2016-02-23 04:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-20 15:03 - 2016-02-23 04:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-20 15:03 - 2016-02-23 04:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-20 15:03 - 2016-02-23 04:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-20 15:03 - 2016-02-23 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-20 15:03 - 2016-02-23 04:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-20 15:03 - 2016-02-23 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-20 15:03 - 2016-02-23 04:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-20 15:03 - 2016-02-23 04:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-20 15:03 - 2016-02-23 03:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-20 15:03 - 2016-02-23 03:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-20 15:03 - 2016-02-23 03:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-20 15:03 - 2016-02-23 03:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-20 15:03 - 2016-02-23 03:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-20 15:03 - 2016-02-23 03:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-20 15:03 - 2016-02-23 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-20 15:03 - 2016-02-23 03:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-20 15:03 - 2016-02-23 03:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-20 15:03 - 2016-02-23 03:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-20 15:03 - 2016-02-23 03:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-20 15:03 - 2016-02-23 03:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-20 15:03 - 2016-02-23 03:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-20 15:03 - 2016-02-23 03:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-20 15:03 - 2016-02-23 03:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-20 15:03 - 2016-02-23 03:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-20 15:03 - 2016-02-23 02:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-20 15:03 - 2016-02-23 02:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-20 15:03 - 2016-02-23 02:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-20 15:03 - 2016-02-23 02:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-20 15:03 - 2016-02-23 02:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-20 15:03 - 2016-02-23 02:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-20 15:02 - 2016-04-02 00:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-20 15:02 - 2016-04-02 00:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-20 15:02 - 2016-04-02 00:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-20 15:02 - 2016-04-01 23:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-20 15:02 - 2016-04-01 23:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-20 15:02 - 2016-04-01 23:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-20 15:02 - 2016-03-29 06:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-20 15:02 - 2016-03-29 06:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-20 15:02 - 2016-03-29 06:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-20 15:02 - 2016-03-29 06:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-20 15:02 - 2016-03-29 06:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-20 15:02 - 2016-03-29 06:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-20 15:02 - 2016-03-29 06:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-20 15:02 - 2016-03-29 06:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-20 15:02 - 2016-03-29 06:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-20 15:02 - 2016-03-29 06:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-20 15:02 - 2016-03-29 05:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-20 15:02 - 2016-03-29 05:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-20 15:02 - 2016-03-29 05:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-20 15:02 - 2016-03-29 05:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-20 15:02 - 2016-03-29 05:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-20 15:02 - 2016-03-29 05:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-20 15:02 - 2016-03-29 05:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-20 15:02 - 2016-03-29 05:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-20 15:02 - 2016-03-29 05:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-20 15:02 - 2016-03-29 05:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-20 15:02 - 2016-03-29 05:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-20 15:02 - 2016-03-29 04:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-20 15:02 - 2016-03-29 04:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-20 15:02 - 2016-03-29 04:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-20 15:02 - 2016-03-29 04:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 15:02 - 2016-03-29 04:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-20 15:02 - 2016-03-29 04:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-20 15:02 - 2016-03-29 04:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-20 15:02 - 2016-03-29 04:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-20 15:02 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-20 15:02 - 2016-03-29 04:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-20 15:02 - 2016-03-29 03:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-20 15:02 - 2016-03-29 03:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-20 15:02 - 2016-03-29 03:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-20 15:02 - 2016-03-29 03:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-20 15:02 - 2016-03-29 03:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-20 15:02 - 2016-03-29 03:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-20 15:02 - 2016-03-29 03:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-20 15:02 - 2016-03-29 03:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-20 15:02 - 2016-03-29 03:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-20 15:02 - 2016-03-29 03:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-20 15:02 - 2016-03-29 03:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-20 15:02 - 2016-03-29 03:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-20 15:02 - 2016-03-29 03:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-20 15:02 - 2016-03-29 03:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-20 15:02 - 2016-03-29 03:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-20 15:02 - 2016-03-29 03:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-20 15:02 - 2016-03-29 03:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-20 15:02 - 2016-03-29 03:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-20 15:02 - 2016-03-29 03:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-20 15:02 - 2016-03-29 03:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-20 15:02 - 2016-03-29 03:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-20 15:02 - 2016-03-29 03:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-20 15:02 - 2016-03-29 03:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-20 15:02 - 2016-03-29 03:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-20 15:02 - 2016-03-29 03:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-20 15:02 - 2016-03-29 03:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-20 15:02 - 2016-03-29 03:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-20 15:02 - 2016-03-29 03:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-20 15:02 - 2016-03-29 03:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-20 15:02 - 2016-03-29 03:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-20 15:02 - 2016-03-29 03:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-20 15:02 - 2016-03-29 03:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-20 15:02 - 2016-03-29 03:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 15:02 - 2016-03-29 03:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-20 15:02 - 2016-03-29 02:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-20 15:02 - 2016-03-29 02:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-20 15:02 - 2016-03-29 02:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-20 15:02 - 2016-03-29 02:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-20 15:02 - 2016-03-29 02:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-20 15:02 - 2016-03-29 02:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-20 15:02 - 2016-03-29 02:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-20 15:02 - 2016-03-29 02:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-20 15:02 - 2016-03-29 02:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-20 15:02 - 2016-03-29 02:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-20 15:02 - 2016-03-29 02:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-20 15:02 - 2016-03-29 02:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-20 15:02 - 2016-03-29 02:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-20 15:02 - 2016-03-29 02:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-20 15:02 - 2016-03-29 02:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-20 15:02 - 2016-03-29 02:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-20 15:02 - 2016-03-29 02:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-20 15:02 - 2016-03-29 02:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-20 15:02 - 2016-03-29 02:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-20 15:02 - 2016-03-29 02:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-20 15:02 - 2016-03-29 02:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-20 15:02 - 2016-03-29 02:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-20 15:02 - 2016-03-29 02:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-20 15:02 - 2016-03-29 02:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-20 15:02 - 2016-03-29 02:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-20 15:02 - 2016-03-29 02:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-20 15:02 - 2016-03-29 02:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-20 15:02 - 2016-03-29 02:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-20 15:02 - 2016-03-29 02:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-20 15:02 - 2016-03-29 02:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-20 15:02 - 2016-03-29 01:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-20 15:02 - 2016-03-29 01:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-20 15:02 - 2016-02-24 04:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-20 15:02 - 2016-02-24 04:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-20 15:02 - 2016-02-24 04:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-20 15:02 - 2016-02-24 04:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-20 15:02 - 2016-02-24 04:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-20 15:02 - 2016-02-24 04:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-20 15:02 - 2016-02-24 03:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-20 15:02 - 2016-02-24 03:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-20 15:02 - 2016-02-24 03:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-20 15:02 - 2016-02-24 03:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-20 15:02 - 2016-02-24 03:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-20 15:02 - 2016-02-24 03:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-20 15:02 - 2016-02-24 03:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-20 15:02 - 2016-02-24 03:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-20 15:02 - 2016-02-24 03:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-20 15:02 - 2016-02-24 03:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-20 15:02 - 2016-02-24 03:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-20 15:02 - 2016-02-24 03:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-20 15:02 - 2016-02-24 03:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-20 15:02 - 2016-02-24 03:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-20 15:02 - 2016-02-24 02:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-20 15:02 - 2016-02-24 02:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-20 15:02 - 2016-02-24 02:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-20 15:02 - 2016-02-24 02:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-20 15:02 - 2016-02-24 02:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-20 15:02 - 2016-02-24 02:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-20 15:02 - 2016-02-24 02:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-20 15:02 - 2016-02-24 02:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-20 15:02 - 2016-02-24 02:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-20 15:02 - 2016-02-24 02:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-20 15:02 - 2016-02-24 02:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-20 15:02 - 2016-02-24 02:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-20 15:02 - 2016-02-24 02:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-20 15:02 - 2016-02-24 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-20 15:02 - 2016-02-24 02:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-20 15:02 - 2016-02-24 02:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-20 15:02 - 2016-02-24 02:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-20 15:02 - 2016-02-24 02:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-20 15:02 - 2016-02-24 02:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-20 15:02 - 2016-02-24 02:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-20 15:02 - 2016-02-24 02:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-20 15:02 - 2016-02-24 02:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-20 15:02 - 2016-02-24 02:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-20 15:02 - 2016-02-24 02:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-20 15:02 - 2016-02-24 02:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-20 15:02 - 2016-02-24 02:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-20 15:02 - 2016-02-24 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-20 15:02 - 2016-02-23 07:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-20 15:02 - 2016-02-23 07:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-20 15:02 - 2016-02-23 06:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-20 15:02 - 2016-02-23 06:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-20 15:02 - 2016-02-23 06:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-20 15:02 - 2016-02-23 05:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-20 15:02 - 2016-02-23 05:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-20 15:02 - 2016-02-23 05:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-20 15:02 - 2016-02-23 05:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-20 15:02 - 2016-02-23 05:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-20 15:02 - 2016-02-23 05:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-20 15:02 - 2016-02-23 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-20 15:02 - 2016-02-23 04:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-20 15:02 - 2016-02-23 04:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-20 15:02 - 2016-02-23 04:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-20 15:02 - 2016-02-23 04:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-20 15:02 - 2016-02-23 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-20 15:02 - 2016-02-23 04:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-20 15:02 - 2016-02-23 04:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-20 15:02 - 2016-02-23 04:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-20 15:02 - 2016-02-23 04:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-20 15:02 - 2016-02-23 03:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-20 15:02 - 2016-02-23 03:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-20 15:02 - 2016-02-08 23:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-20 15:02 - 2016-02-08 23:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-20 15:02 - 2016-02-08 23:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-20 15:01 - 2016-04-01 23:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-20 15:01 - 2016-04-01 23:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-20 15:01 - 2016-04-01 23:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-20 15:01 - 2016-04-01 23:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-20 15:01 - 2016-04-01 23:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-20 15:01 - 2016-04-01 23:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-20 15:01 - 2016-04-01 23:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-20 15:01 - 2016-03-29 04:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-20 15:01 - 2016-03-29 04:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-20 15:01 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-20 15:01 - 2016-03-29 04:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-20 15:01 - 2016-03-29 04:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-20 15:01 - 2016-03-29 04:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-20 15:01 - 2016-03-29 04:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-20 15:01 - 2016-03-29 04:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-20 15:01 - 2016-03-29 04:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-20 15:01 - 2016-03-29 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-20 15:01 - 2016-03-29 04:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-20 15:01 - 2016-03-29 03:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-20 15:01 - 2016-03-29 03:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-20 15:01 - 2016-03-29 03:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-20 15:01 - 2016-03-29 03:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-20 15:01 - 2016-03-29 03:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-20 15:01 - 2016-03-29 03:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-20 15:01 - 2016-03-29 03:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-20 15:01 - 2016-03-29 03:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-20 15:01 - 2016-03-29 03:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-20 15:01 - 2016-03-29 03:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-20 15:01 - 2016-03-29 03:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-20 15:01 - 2016-03-29 03:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-20 15:01 - 2016-03-29 03:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-20 15:01 - 2016-03-29 03:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-20 15:01 - 2016-03-29 03:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-20 15:01 - 2016-03-29 03:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-20 15:01 - 2016-03-29 03:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-20 15:01 - 2016-03-29 03:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-20 15:01 - 2016-03-29 03:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-20 15:01 - 2016-03-29 03:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-20 15:01 - 2016-03-29 03:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-20 15:01 - 2016-03-29 03:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 15:01 - 2016-03-29 03:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-20 15:01 - 2016-03-29 03:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-20 15:01 - 2016-03-29 03:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-20 15:01 - 2016-03-29 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-20 15:01 - 2016-03-29 03:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-20 15:01 - 2016-03-29 03:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-20 15:01 - 2016-03-29 03:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-20 15:01 - 2016-03-29 03:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-20 15:01 - 2016-03-29 03:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-20 15:01 - 2016-03-29 03:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-20 15:01 - 2016-03-29 03:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-20 15:01 - 2016-03-29 03:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-20 15:01 - 2016-03-29 03:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-20 15:01 - 2016-03-29 03:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-20 15:01 - 2016-03-29 03:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-20 15:01 - 2016-03-29 02:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-20 15:01 - 2016-03-29 02:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-20 15:01 - 2016-03-29 02:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-20 15:01 - 2016-03-29 02:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-20 15:01 - 2016-03-29 02:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-20 15:01 - 2016-03-29 02:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 15:01 - 2016-03-29 02:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-20 15:01 - 2016-03-29 02:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-20 15:01 - 2016-03-29 02:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-20 15:01 - 2016-03-29 02:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-20 15:01 - 2016-03-29 02:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-20 15:01 - 2016-03-29 02:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-20 15:01 - 2016-03-29 02:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-20 15:01 - 2016-03-29 01:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-20 15:01 - 2016-03-29 01:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-20 15:01 - 2016-03-29 01:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-20 15:01 - 2016-03-29 01:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-20 15:01 - 2016-03-29 01:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-20 15:01 - 2016-03-29 01:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-20 15:01 - 2016-02-24 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-20 15:01 - 2016-02-24 03:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-20 15:01 - 2016-02-24 03:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-20 15:01 - 2016-02-24 03:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-20 15:01 - 2016-02-24 03:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-20 15:01 - 2016-02-24 03:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-20 15:01 - 2016-02-24 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-20 15:01 - 2016-02-24 03:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-20 15:01 - 2016-02-24 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-20 15:01 - 2016-02-24 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-20 15:01 - 2016-02-24 03:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-20 15:01 - 2016-02-24 03:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-20 15:01 - 2016-02-24 03:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-20 15:01 - 2016-02-24 03:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-20 15:01 - 2016-02-24 03:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-20 15:01 - 2016-02-24 02:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-20 15:01 - 2016-02-24 02:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-20 15:01 - 2016-02-24 02:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-20 15:01 - 2016-02-24 02:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-20 15:01 - 2016-02-24 02:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-20 15:01 - 2016-02-24 02:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-20 15:01 - 2016-02-24 02:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-20 15:01 - 2016-02-24 02:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-20 15:01 - 2016-02-24 02:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-20 15:01 - 2016-02-24 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-20 15:01 - 2016-02-24 02:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-20 15:01 - 2016-02-24 02:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-20 15:01 - 2016-02-24 02:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-20 15:01 - 2016-02-24 02:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-20 15:01 - 2016-02-24 01:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-20 15:01 - 2016-02-23 05:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-20 15:01 - 2016-02-23 05:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-20 15:01 - 2016-02-23 05:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-20 15:01 - 2016-02-23 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-20 15:01 - 2016-02-23 04:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-20 15:01 - 2016-02-23 04:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-20 15:01 - 2016-02-23 04:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-20 15:01 - 2016-02-23 04:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-20 15:01 - 2016-02-23 03:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-20 14:20 - 2016-04-20 10:50 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-20 14:17 - 2016-04-20 14:17 - 00000000 ____D C:\Windows.old
2016-04-20 14:16 - 2016-04-20 14:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-20 14:15 - 2016-04-20 14:15 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-20 14:15 - 2016-04-20 14:15 - 00000000 ____D C:\Program Files\MSBuild
2016-04-20 14:15 - 2016-04-20 14:15 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-20 14:15 - 2016-04-20 14:15 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-20 14:14 - 2016-04-20 14:14 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-20 14:14 - 2016-04-20 14:14 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-20 14:14 - 2015-10-23 21:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-20 14:14 - 2015-10-23 21:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-20 14:14 - 2015-10-23 21:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-20 14:14 - 2015-10-23 21:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-20 14:14 - 2015-10-23 21:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-20 14:14 - 2015-10-23 21:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-20 13:53 - 2016-04-20 13:53 - 00000000 ___RD C:\Users\amebi\3D Objects
2016-04-20 12:19 - 2016-04-20 12:19 - 00000000 ___HD C:\OneDriveTemp
2016-04-20 12:17 - 2016-04-20 12:17 - 00000000 ____D C:\Users\amebi\AppData\Local\ActiveSync
2016-04-20 12:15 - 2016-04-20 12:15 - 00000020 ___SH C:\Users\amebi\ntuser.ini
2016-04-20 11:57 - 2016-04-20 11:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default\My Documents
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-04-20 10:46 - 2016-04-20 10:46 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-04-20 10:40 - 2016-04-20 10:40 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-20 10:32 - 2016-04-20 10:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-20 10:29 - 2016-04-20 10:34 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-20 10:27 - 2016-05-05 23:40 - 00000000 ____D C:\Users\amebi
2016-04-20 10:27 - 2016-04-20 10:27 - 00000000 _SHDL C:\Users\amebi\My Documents
2016-04-20 10:27 - 2016-04-20 10:27 - 00000000 _SHDL C:\Users\amebi\Documents\My Videos
2016-04-20 10:27 - 2016-04-20 10:27 - 00000000 _SHDL C:\Users\amebi\Documents\My Pictures
2016-04-20 10:27 - 2016-04-20 10:27 - 00000000 _SHDL C:\Users\amebi\Documents\My Music
2016-04-20 10:24 - 2016-04-20 10:24 - 00319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2016-04-20 10:24 - 2016-04-20 10:24 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2016-04-20 10:24 - 2016-04-20 10:24 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2016-04-20 10:24 - 2016-04-20 10:24 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-20 10:24 - 2016-04-20 10:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-20 10:24 - 2016-04-20 10:24 - 00000000 ____D C:\Program Files\Realtek
2016-04-20 10:23 - 2016-05-06 21:48 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-04-20 10:23 - 2016-04-20 10:30 - 00000000 ____D C:\Program Files\AMD
2016-04-20 10:23 - 2016-04-20 10:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-04-20 10:23 - 2016-04-20 10:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-04-20 02:27 - 2016-04-20 02:29 - 00000000 ____D C:\Users\amebi\Downloads\400.Days.2015.BRRip.XviD.AC3-EVO
2016-04-20 01:12 - 2016-04-20 01:53 - 00000000 ____D C:\Users\amebi\Downloads\Hellions.2015.HDRip.XViD-ETRG
2016-04-20 00:59 - 2016-04-20 01:26 - 00000000 ____D C:\Users\amebi\Downloads\Avas.Possessions.2015.HDRip.XviD.AC3-EVO
2016-04-20 00:43 - 2016-05-06 21:10 - 00000000 ____D C:\Users\amebi\AppData\Roaming\uTorrent
2016-04-19 23:10 - 2016-04-20 10:34 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2016-04-19 23:10 - 2016-04-19 23:24 - 00002146 _____ C:\Users\amebi\Desktop\VirusTotal Uploader 2.2.lnk
2016-04-19 23:10 - 2016-04-19 23:24 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2016-04-19 23:09 - 2016-04-19 23:10 - 00142744 _____ C:\Users\amebi\Downloads\vtuploader2.2.exe
2016-04-19 19:01 - 2016-04-19 19:01 - 00007600 _____ C:\Users\amebi\AppData\Local\Resmon.ResmonCfg
2016-04-19 17:48 - 2016-04-19 17:48 - 00000000 ____D C:\Users\amebi\AppData\Local\ATI
2016-04-18 22:19 - 2016-04-19 18:10 - 00000000 ____D C:\Users\amebi\Desktop\proc
2016-04-18 17:06 - 2016-04-18 17:06 - 00001862 _____ C:\Users\amebi\Desktop\WNetWatcher.exe - Shortcut.lnk
2016-04-18 15:19 - 2016-04-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2016-04-18 15:18 - 2016-04-18 15:18 - 00000000 ____D C:\Users\amebi\AppData\Roaming\WildTangent
2016-04-18 14:49 - 2016-04-18 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Bow Update 5
2016-04-18 00:00 - 2016-04-18 00:00 - 00000000 ____D C:\Users\amebi\AppData\Local\DoK Manual
2016-04-17 23:51 - 2016-04-17 23:51 - 00000000 ____D C:\Users\amebi\AppData\Roaming\.mono
2016-04-17 23:51 - 2016-04-17 23:51 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\Unity
2016-04-17 22:57 - 2016-04-17 22:57 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Fran_Bow
2016-04-17 05:16 - 2016-04-20 10:39 - 00002288 _____ C:\WINDOWS\System32\Tasks\RtHDVBg
2016-04-17 05:16 - 2016-04-20 10:39 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-04-17 05:16 - 2016-04-17 05:16 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-04-17 05:16 - 2016-04-17 05:16 - 00000000 ____D C:\Program Files\Waves
2016-04-17 05:10 - 2016-04-17 05:10 - 00650752 _____ C:\Users\amebi\Downloads\MicrosoftFixit50229.msi
2016-04-17 02:57 - 2016-04-17 02:59 - 07878008 _____ (Microsoft Corporation) C:\Users\amebi\Downloads\Xbox360_64Eng.exe
2016-04-17 02:12 - 2016-04-17 02:12 - 00000780 _____ C:\Users\amebi\Desktop\downloads - Shortcut.lnk
2016-04-17 02:10 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stasis [GOG.com]
2016-04-17 02:10 - 2016-04-17 02:22 - 00000000 ____D C:\Users\amebi\AppData\Local\The Brotherhood
2016-04-17 01:59 - 2016-04-17 01:59 - 00000000 ____D C:\Users\amebi\AppData\Roaming\SmartSteamEmu
2016-04-17 01:57 - 2016-04-17 01:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-17 01:56 - 2016-04-17 01:56 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-04-17 01:56 - 2016-04-17 01:56 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-04-17 01:56 - 2016-04-17 01:56 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-04-17 01:56 - 2016-04-17 01:56 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-04-17 01:56 - 2016-04-17 01:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-17 01:56 - 2016-04-17 01:56 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-04-17 01:56 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-04-17 01:56 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-04-17 01:56 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-04-17 01:56 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-04-17 01:56 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-04-17 01:56 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-04-17 01:54 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starpoint Gemini 2 - Repack by AlexALSP
2016-04-16 21:45 - 2016-04-16 21:45 - 00001487 _____ C:\Users\amebi\Desktop\slsk.exe - Shortcut.lnk
2016-04-16 19:20 - 2016-04-20 10:40 - 00003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-04-16 19:12 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-04-16 19:12 - 2016-04-16 21:16 - 00000000 ____D C:\Users\amebi\AppData\Local\AMD
2016-04-16 19:12 - 2016-04-16 19:12 - 00000000 ____D C:\Program Files (x86)\AMD
2016-04-16 18:54 - 2016-04-16 18:56 - 01094066 _____ C:\Users\amebi\Downloads\DDUv96-[Guru3D.com](1).exe
2016-04-16 17:22 - 2016-04-24 01:19 - 00086528 ___SH C:\Users\amebi\Desktop\Thumbs.db
2016-04-16 17:18 - 2016-04-16 17:18 - 00000000 ____D C:\Users\amebi\Documents\DyingLight
2016-04-16 03:17 - 2016-04-16 03:17 - 00001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-16 03:17 - 2016-04-16 03:17 - 00001014 _____ C:\Users\Public\Desktop\µTorrent.lnk
2016-04-16 03:17 - 2016-04-16 03:17 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-04-16 03:16 - 2016-04-16 03:16 - 00000697 _____ C:\Users\amebi\AppData\Local\recently-used.xbel
2016-04-16 03:13 - 2016-04-16 03:16 - 00399736 _____ (BitTorrent, Inc.) C:\Users\amebi\Downloads\utorrent_2.2.1_build_25302.exe
2016-04-16 03:12 - 2016-04-16 03:12 - 00399224 _____ (BitTorrent, Inc.) C:\Users\amebi\Downloads\utorrent_2.2.1.exe
2016-04-16 03:11 - 2016-04-16 03:12 - 00399224 _____ (BitTorrent, Inc.) C:\Users\amebi\Downloads\utorrent_2.2.1(1).exe
2016-04-16 03:03 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light
2016-04-15 17:20 - 2016-04-15 17:20 - 17837152 _____ C:\Users\amebi\Downloads\pcsx2-1.4.0-setup.exe
2016-04-15 16:14 - 2016-04-19 19:10 - 00000000 ____D C:\Users\amebi\AppData\Local\CrashDumps
2016-04-15 16:14 - 2016-04-15 17:28 - 00000000 ____D C:\Users\amebi\Documents\PCSX2
2016-04-15 16:11 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-04-15 16:11 - 2016-04-15 20:11 - 00000000 ____D C:\Users\amebi\AppData\Local\AVG SafeGuard toolbar
2016-04-15 16:10 - 2016-04-17 19:23 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
2016-04-15 16:10 - 2016-04-15 16:11 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\AVG SafeGuard toolbar
2016-04-15 16:10 - 2016-04-15 16:11 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2016-04-15 16:10 - 2016-04-15 16:10 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-04-15 13:56 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everybodys Gone to the Rapture
2016-04-15 01:20 - 2016-04-15 01:20 - 00000000 ____D C:\Users\amebi\Documents\Soulseek Chat Logs
2016-04-14 23:28 - 2016-04-16 01:56 - 00000000 ____D C:\Users\amebi\AppData\Roaming\deluge
2016-04-14 23:27 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-04-14 23:26 - 2016-04-14 23:27 - 00000000 ____D C:\Program Files (x86)\Deluge
2016-04-14 23:25 - 2016-04-14 23:26 - 14758443 _____ (Deluge Team) C:\Users\amebi\Downloads\deluge-1.3.12-1-win32-py2.6-setup.exe
2016-04-14 21:05 - 2016-04-20 10:34 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2016-04-14 21:05 - 2016-04-14 21:05 - 00343648 _____ C:\Users\amebi\Downloads\wnetwatcher_setup.exe
2016-04-14 21:05 - 2016-04-14 21:05 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-04-14 21:02 - 2016-04-14 21:02 - 00000000 ____D C:\Users\amebi\AppData\Local\GlassWire
2016-04-14 21:00 - 2016-04-14 21:00 - 00000000 ____D C:\ProgramData\GlassWire
2016-04-14 20:47 - 2016-04-14 21:00 - 22400328 _____ (SecureMix LLC) C:\Users\amebi\Downloads\GlassWireSetup.exe
2016-04-14 18:47 - 2016-04-17 01:42 - 00000000 ____D C:\Users\amebi\AppData\Roaming\PlaysTV
2016-04-14 18:43 - 2016-04-18 15:19 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-14 18:43 - 2016-04-14 18:43 - 00000000 ____D C:\Users\amebi\AppData\Roaming\library_dir
2016-04-14 18:40 - 2016-04-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-04-14 18:40 - 2016-04-14 18:40 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-14 18:40 - 2016-02-15 19:27 - 00125720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-04-14 18:40 - 2016-02-15 19:26 - 00126232 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-04-14 18:40 - 2016-02-15 19:25 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-04-14 18:40 - 2016-02-15 19:25 - 00042264 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-04-14 18:34 - 2016-04-14 18:34 - 00000000 ____D C:\Users\amebi\Downloads\x64
2016-04-14 18:34 - 2016-04-14 18:34 - 00000000 ____D C:\Users\amebi\Downloads\DDU Logs
2016-04-14 18:33 - 2013-11-18 15:09 - 01864704 _____ C:\Users\amebi\Downloads\Display Driver Uninstaller.exe
2016-04-14 18:33 - 2013-11-18 15:09 - 00140800 _____ C:\Users\amebi\Downloads\Display Driver Uninstaller.pdb
2016-04-14 18:33 - 2013-11-18 15:09 - 00001071 _____ C:\Users\amebi\Downloads\Display Driver Uninstaller.exe.config
2016-04-14 18:33 - 2013-11-12 15:18 - 00000000 ____D C:\Users\amebi\Downloads\settings
2016-04-14 18:27 - 2016-04-14 18:33 - 01094066 _____ C:\Users\amebi\Downloads\DDUv96-[Guru3D.com].exe
2016-04-14 18:08 - 2016-04-14 18:08 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\amebi\Downloads\autodetectutility.exe
2016-04-14 17:50 - 2016-04-14 18:35 - 334415392 _____ (AMD Inc.) C:\Users\amebi\Downloads\non-whql-64bit-radeon-software-crimson-16.4.1-win10-win8.1-win7-apr4.exe
2016-04-14 15:27 - 2016-04-14 15:27 - 00000000 ____D C:\ProgramData\Steam
2016-04-14 14:24 - 2016-04-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2016-04-14 12:44 - 2016-04-14 12:44 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\Evernote
2016-04-14 01:05 - 2016-04-14 01:05 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Fran Bow
2016-04-14 00:39 - 2016-04-20 10:34 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0
2016-04-14 00:27 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
2016-04-14 00:25 - 2016-04-25 20:57 - 00000000 ____D C:\Users\amebi\AppData\LocalLow\Hinterland
2016-04-14 00:07 - 2016-05-05 21:12 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Foxit Software
2016-04-14 00:07 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-04-14 00:07 - 2016-04-14 00:07 - 00000000 ____D C:\Users\Public\Foxit Software
2016-04-14 00:07 - 2016-04-14 00:07 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Foxit AgentInformation
2016-04-14 00:07 - 2016-04-14 00:07 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-04-14 00:06 - 2016-04-14 00:06 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-04-14 00:05 - 2016-04-14 00:05 - 01043664 _____ (Foxit) C:\Users\amebi\Downloads\FoxitReader.exe
2016-04-14 00:03 - 2016-04-14 00:04 - 24308870 _____ C:\Users\amebi\Desktop\PDX7605US_CK II_Onlinemanual.pdf
2016-04-13 23:44 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings II
2016-04-13 23:38 - 2016-04-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-04-13 04:48 - 2016-05-06 00:57 - 00000000 ____D C:\ProgramData\Soulseek
2016-04-13 04:47 - 2016-04-20 10:34 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
2016-04-13 04:47 - 2016-04-13 04:47 - 01028938 _____ C:\Users\amebi\Downloads\slsk157NS13e.exe
2016-04-13 04:47 - 2016-04-13 04:47 - 00000000 ____D C:\Program Files (x86)\SoulseekNS
2016-04-13 00:49 - 2016-04-13 00:49 - 00000000 ____D C:\Users\amebi\AppData\Roaming\PowerISO
2016-04-13 00:40 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-04-13 00:40 - 2016-04-13 00:40 - 00000000 ____D C:\Program Files\PowerISO
2016-04-13 00:40 - 2015-10-08 03:00 - 00127760 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-04-12 21:50 - 2016-04-12 21:50 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-1BA9FC2_amebi_HistoryPrediction.bin
2016-04-12 17:42 - 2016-04-12 17:42 - 03878112 _____ (Husdawg, LLC) C:\Users\amebi\Downloads\Detection(1).exe
2016-04-12 15:42 - 2016-04-18 15:25 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Acrylic Wi-Fi Professional
2016-04-12 15:41 - 2016-04-12 15:41 - 08819560 _____ (Tarlogic Security S.L. ) C:\Users\amebi\Downloads\Acrylic_WiFi_Professional_v3.1.5925.23318-Setup.exe
2016-04-12 06:51 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-12 06:27 - 2016-05-06 16:15 - 00000000 ____D C:\Users\amebi\AppData\Roaming\vlc
2016-04-12 05:38 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebel Galaxy [GOG.com]
2016-04-12 04:42 - 2016-04-12 06:50 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-04-12 04:41 - 2016-04-12 04:41 - 30510920 _____ C:\Users\amebi\Downloads\vlc-2.2.2-win32.exe
2016-04-12 02:15 - 2016-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 00:31 - 2016-04-12 00:31 - 00000000 ____D C:\Users\amebi\Documents\Zen Studios
2016-04-12 00:31 - 2016-04-12 00:31 - 00000000 ____D C:\ProgramData\SkidRow
2016-04-12 00:29 - 2016-04-20 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2016-04-11 23:50 - 2016-05-02 22:05 - 00000000 ____D C:\Users\amebi\AppData\Local\SKIDROW
2016-04-11 22:19 - 2016-05-06 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-04-11 16:41 - 2016-04-11 16:41 - 00000000 ____D C:\ProgramData\REVOLT
2016-04-11 14:44 - 2016-04-19 01:10 - 00000000 ____D C:\WINDOWS\Prey
2016-04-11 14:43 - 2016-04-11 14:44 - 07425120 _____ C:\Users\amebi\Downloads\prey-windows-1.5.1-x86.exe
2016-04-11 12:50 - 2016-05-05 16:43 - 00000000 ____D C:\Users\amebi\Desktop\games
2016-04-10 17:39 - 2016-05-06 21:10 - 671676515 _____ C:\WINDOWS\MEMORY.DMP
2016-04-09 22:13 - 2016-04-11 16:41 - 00000000 ____D C:\Users\amebi\Documents\Telltale Games
2016-04-09 21:56 - 2016-05-06 22:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-09 21:55 - 2016-05-06 21:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-09 21:55 - 2016-04-09 21:56 - 22851472 _____ (Malwarebytes ) C:\Users\amebi\Downloads\mbam-setup-2.2.1.1043(1).exe
2016-04-09 21:53 - 2016-04-09 21:55 - 22851472 _____ (Malwarebytes ) C:\Users\amebi\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-09 16:43 - 2016-04-09 16:43 - 00000000 ____D C:\Users\amebi\AppData\Local\Macromedia
2016-04-09 16:38 - 2016-05-06 21:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-09 16:38 - 2016-04-20 10:39 - 00003044 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-09 16:38 - 2016-04-09 16:39 - 00000000 ____D C:\Users\amebi\AppData\Local\Adobe
2016-04-09 16:36 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead - Michonne
2016-04-09 15:43 - 2016-04-09 15:43 - 00002012 _____ C:\Users\amebi\Downloads\README
2016-04-09 15:34 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipFilterUpdater
2016-04-09 15:34 - 2016-04-09 15:36 - 00000000 ____D C:\Program Files (x86)\ipFilterUpdater
2016-04-09 15:26 - 2016-04-09 15:26 - 00000507 _____ C:\Users\amebi\Desktop\DATA (D) - Shortcut.lnk
2016-04-09 15:26 - 2016-04-09 15:26 - 00000420 _____ C:\Users\amebi\Desktop\This PC - Shortcut.lnk
2016-04-09 14:40 - 2016-04-09 15:34 - 00781630 _____ ( ) C:\Users\amebi\Downloads\ipFilterUpdater.2014.09.exe
2016-04-09 03:26 - 2016-05-05 21:16 - 00000000 ____D C:\Users\amebi\AppData\Local\Black_Tree_Gaming
2016-04-09 03:26 - 2016-04-09 03:26 - 00000000 ____D C:\Users\amebi\Documents\Nexus Mod Manager
2016-04-09 03:25 - 2016-04-09 03:26 - 06351472 _____ (Black Tree Gaming ) C:\Users\amebi\Downloads\Nexus Mod Manager-0.61.16.exe
2016-04-09 02:08 - 2016-04-21 18:50 - 00000000 ____D C:\Users\amebi\AppData\Local\Google
2016-04-09 01:58 - 2016-04-14 18:35 - 00000000 ____D C:\AMD
2016-04-09 01:58 - 2016-04-09 01:58 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Macromedia
2016-04-09 01:57 - 2016-05-06 21:22 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B817FCEE-262B-4489-B816-7BECD7931D08}
2016-04-09 00:55 - 2016-04-09 00:55 - 00000000 ____D C:\Users\amebi\AppData\Local\Disc_Soft_Ltd
2016-04-09 00:50 - 2016-04-09 00:53 - 00000000 ____D C:\Users\amebi\AppData\Roaming\DAEMON Tools Ultra
2016-04-09 00:50 - 2016-04-09 00:50 - 00000000 ____D C:\Users\amebi\AppData\Roaming\RPEng
2016-04-09 00:50 - 2016-04-09 00:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-04-09 00:48 - 2016-04-19 10:25 - 00000000 ____D C:\Users\amebi\Downloads\Daemon Tools Ultra v4.0.1.425
2016-04-09 00:46 - 2016-04-09 00:46 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-04-09 00:44 - 2016-04-09 00:45 - 19062208 ____R (Disc Soft Ltd) C:\Users\amebi\Downloads\DAEMON Tools Lite 10.1.0.74.exe
2016-04-08 23:53 - 2016-04-08 23:56 - 00000000 ____D C:\Users\amebi\AppData\Local\UNDERTALE
2016-04-08 23:50 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undertale [GOG.com]
2016-04-08 23:50 - 2016-04-08 23:50 - 00000000 ____D C:\GOG Games
2016-04-08 23:25 - 2016-04-08 23:29 - 34375313 _____ C:\Users\amebi\Downloads\urw-3.30p1.exe
2016-04-08 22:29 - 2016-04-08 22:30 - 03878112 _____ (Husdawg, LLC) C:\Users\amebi\Downloads\Detection.exe
2016-04-08 22:18 - 2016-04-08 22:18 - 00000014 _____ C:\Users\amebi\Documents\AutoHotkey.ahk.exe
2016-04-08 22:03 - 2016-04-08 22:05 - 00000014 _____ C:\Users\amebi\Documents\AutoHotkey.ahk
2016-04-08 22:03 - 2016-04-08 22:03 - 03081488 _____ C:\Users\amebi\Downloads\AutoHotkey112305_Install.exe
2016-04-08 22:02 - 2016-04-20 10:40 - 00002650 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1460167320
2016-04-08 22:02 - 2016-04-08 22:02 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-08 22:01 - 2016-05-02 16:11 - 00002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 22:00 - 2016-05-06 22:10 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-08 22:00 - 2016-05-06 22:10 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 22:00 - 2016-04-20 10:40 - 00003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-08 22:00 - 2016-04-20 10:39 - 00003226 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-08 22:00 - 2016-04-08 22:01 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-08 21:59 - 2016-04-08 21:59 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-04-08 21:52 - 2016-04-20 10:39 - 00003160 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-08 21:52 - 2016-04-13 21:52 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-04-08 21:52 - 2016-04-08 21:52 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-04-08 21:52 - 2016-04-08 21:52 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-08 21:52 - 2016-04-08 21:51 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-04-08 21:51 - 2016-04-08 21:51 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-04-08 21:50 - 2016-04-20 10:40 - 00002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-04-08 21:48 - 2016-04-08 21:49 - 05066104 _____ (AVAST Software) C:\Users\amebi\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2016-04-08 21:40 - 2016-04-13 19:45 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-08 21:40 - 2016-04-08 21:40 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Highresolution Enterprises
2016-04-08 21:37 - 2016-05-06 21:50 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-04-08 21:37 - 2016-04-08 21:52 - 00000000 ____D C:\Users\amebi\AppData\Roaming\AVAST Software
2016-04-08 21:28 - 2016-04-23 22:54 - 00000000 ____D C:\Program Files\Highresolution Enterprises
2016-04-08 21:27 - 2016-04-08 21:28 - 04324944 _____ C:\Users\amebi\Downloads\XMouseButtonControlSetup.2.12.1.exe
2016-04-08 19:53 - 2016-05-04 20:53 - 00000000 ____D C:\Users\amebi\Desktop\Saves
2016-04-08 19:53 - 2016-04-09 03:31 - 00000000 ____D C:\Users\amebi\AppData\Local\Fallout4
2016-04-08 19:53 - 2016-04-08 19:53 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Steam
2016-04-08 19:35 - 2016-04-13 05:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-08 19:35 - 2016-04-13 05:19 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-08 19:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-04-08 19:27 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-04-08 19:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-04-08 19:27 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-04-08 19:27 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-04-08 19:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-04-08 19:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-04-08 19:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-04-08 19:27 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-04-08 19:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-04-08 19:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-04-08 19:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-04-08 19:27 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-04-08 19:27 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-04-08 19:27 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-04-08 19:27 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-04-08 19:27 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-04-08 19:27 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-04-08 19:27 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-04-08 19:27 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-04-08 19:27 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-04-08 19:27 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-04-08 19:27 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-04-08 19:27 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-04-08 19:27 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-04-08 19:27 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-04-08 19:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-04-08 19:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-04-08 19:27 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-04-08 19:27 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-04-08 19:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-04-08 19:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-04-08 19:27 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-04-08 19:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-04-08 19:27 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-04-08 19:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-04-08 19:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-04-08 19:27 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-04-08 19:27 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-04-08 19:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-04-08 19:27 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-04-08 19:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-04-08 19:27 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-04-08 19:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-04-08 19:27 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-04-08 19:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-04-08 19:27 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-04-08 19:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-04-08 19:27 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-04-08 19:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-04-08 19:27 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-04-08 19:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-04-08 19:26 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-04-08 19:26 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-04-08 19:26 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-04-08 19:26 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-04-08 19:26 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-04-08 19:26 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-04-08 19:26 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-04-08 19:26 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-04-08 19:26 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-04-08 19:26 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-04-08 19:26 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-04-08 19:26 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-04-08 19:26 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-04-08 19:26 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-04-08 19:26 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-04-08 19:26 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-04-08 19:26 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-04-08 19:26 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-04-08 19:26 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-04-08 19:26 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-04-08 19:26 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-04-08 19:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-04-08 19:26 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-04-08 19:26 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-04-08 19:26 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-04-08 19:26 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-04-08 19:26 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-04-08 19:26 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-04-08 19:26 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-04-08 19:26 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-04-08 19:26 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-04-08 19:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-04-08 19:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-04-08 19:26 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-04-08 19:26 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-04-08 19:26 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-04-08 19:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-04-08 19:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-04-08 19:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-04-08 19:26 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-04-08 19:26 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-04-08 19:26 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-04-08 19:26 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-04-08 19:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-04-08 19:26 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-04-08 19:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-04-08 19:26 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-04-08 19:26 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-04-08 19:26 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-04-08 19:26 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-04-08 19:26 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-04-08 19:26 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-04-08 19:26 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-04-08 19:26 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-04-08 19:26 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-04-08 19:26 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-04-08 19:26 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-04-08 19:26 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-04-08 19:26 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-04-08 19:26 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-04-08 19:26 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-04-08 19:26 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-04-08 18:28 - 2016-04-22 17:13 - 00000000 ____D C:\games
2016-04-08 18:04 - 2016-04-08 18:04 - 00000000 ____D C:\Users\amebi\Downloads\StartIsBack 2.1.2  StartIsBack+ 1.7.5  StartIsBack+ 1.1.7 Final Multilanguage Nov2015 Seven7i
2016-04-08 17:56 - 2016-04-08 17:56 - 00000000 ____D C:\Users\amebi\AppData\Roaming\WinRAR
2016-04-08 17:48 - 2016-04-20 10:34 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-08 17:48 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-08 17:48 - 2016-04-08 17:48 - 00000000 ____D C:\Program Files\WinRAR
2016-04-08 17:47 - 2016-04-08 17:47 - 01992496 _____ C:\Users\amebi\Downloads\winrar-x64-531.exe
2016-04-08 16:24 - 2016-04-08 16:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-04-08 16:15 - 2016-04-08 16:16 - 01959424 _____ (BitTorrent Inc.) C:\Users\amebi\Downloads\uTorrent.exe
2016-04-08 16:07 - 2016-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-08 16:07 - 2016-04-21 18:50 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Mozilla
2016-04-08 16:07 - 2016-04-08 16:14 - 00000000 ____D C:\Users\amebi\AppData\Local\Mozilla
2016-04-08 16:07 - 2016-04-08 16:07 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-08 16:07 - 2016-04-08 16:07 - 00001218 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-08 16:05 - 2016-04-08 16:05 - 00242128 _____ C:\Users\amebi\Downloads\Firefox Setup Stub 45.0.1 (1).exe
2016-04-08 15:49 - 2016-05-06 18:25 - 00000000 ____D C:\Users\amebi\AppData\Local\ElevatedDiagnostics
2016-04-08 15:43 - 2016-04-08 15:45 - 00242128 _____ C:\Users\amebi\Downloads\Firefox Setup Stub 45.0.1.exe
2016-04-08 15:34 - 2016-04-20 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2016-04-08 15:11 - 2016-04-08 15:11 - 00000000 ____D C:\Users\amebi\AppData\Local\NetworkTiles
2016-04-08 15:05 - 2016-05-05 23:41 - 00000000 ____D C:\Users\amebi\Documents\My Games
2016-04-08 15:04 - 2016-04-08 15:04 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2016-04-08 15:04 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-04-08 15:04 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-04-08 15:02 - 2016-04-08 15:02 - 00000000 ____D C:\Users\amebi\AppData\Roaming\awsRun
2016-04-08 15:01 - 2016-04-08 15:04 - 09293208 _____ (Grinding Gear Games) C:\Users\amebi\Downloads\PathOfExileInstaller.exe
2016-04-08 14:59 - 2016-04-08 14:59 - 00000000 ____D C:\Users\amebi\AppData\Local\MicrosoftEdge
2016-04-08 14:58 - 2016-05-06 12:23 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-04-08 14:58 - 2016-05-06 12:23 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-04-08 14:58 - 2016-04-20 12:19 - 00002402 _____ C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-08 14:57 - 2016-04-20 12:19 - 00000000 ___RD C:\Users\amebi\OneDrive
2016-04-08 14:55 - 2016-04-20 10:39 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-04-08 14:55 - 2016-04-08 19:19 - 00000000 ____D C:\Users\amebi\AppData\Local\Publishers
2016-04-08 14:55 - 2016-04-08 14:57 - 00000000 ____D C:\Users\amebi\AppData\Local\Comms
2016-04-08 14:54 - 2016-04-18 15:24 - 00000000 ____D C:\Users\amebi\AppData\Roaming\DropboxOEM
2016-04-08 14:54 - 2016-04-08 14:54 - 00000000 ____D C:\Users\amebi\AppData\Local\DropboxOEM
2016-04-08 14:53 - 2016-05-06 21:50 - 00000164 _____ C:\Users\amebi\AppData\Roaming\sp_data.sys
2016-04-08 14:53 - 2016-05-03 06:42 - 00000000 ____D C:\Users\amebi\AppData\Local\Packages
2016-04-08 14:53 - 2016-04-09 02:10 - 00000000 ____D C:\Users\amebi\AppData\Local\VirtualStore
2016-04-08 14:53 - 2016-04-08 14:53 - 00065648 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2016-04-08 14:53 - 2016-04-08 14:53 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-1BA9FC2_defaultuser0_HistoryPrediction.bin
2016-04-08 14:53 - 2016-04-08 14:53 - 00000000 ____D C:\Users\amebi\AppData\Roaming\WebStorage
2016-04-08 14:53 - 2016-04-08 14:53 - 00000000 ____D C:\Users\amebi\AppData\Roaming\Adobe
2016-04-08 14:53 - 2016-04-08 14:53 - 00000000 ____D C:\Users\amebi\AppData\Local\TileDataLayer
2016-04-08 14:53 - 2016-04-08 14:53 - 00000000 ____D C:\ProgramData\SetupTPDriver
2016-04-08 14:50 - 2016-04-08 14:53 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-04-08 14:49 - 2016-04-08 14:49 - 00000000 ____D C:\ProgramData\ASUS
2016-04-06 10:12 - 2016-04-06 10:12 - 00137728 _____ C:\WINDOWS\f2f03b90d5a915bd636001b8ba678df2.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-06 22:27 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Resources
2016-05-06 22:27 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-06 21:54 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-06 21:54 - 2015-08-18 04:36 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-06 21:49 - 2016-02-13 09:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-06 21:49 - 2015-10-30 02:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-06 20:44 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-06 18:25 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-27 13:23 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-23 22:54 - 2015-08-18 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-04-23 22:54 - 2015-08-18 04:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-04-23 13:39 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-23 00:36 - 2016-02-13 09:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-23 00:20 - 2016-02-13 09:11 - 00203432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-23 00:18 - 2016-02-13 09:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-23 00:18 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-23 00:18 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-23 00:18 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-22 18:43 - 2015-10-24 07:27 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-21 03:09 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-20 14:20 - 2015-10-30 03:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-20 10:45 - 2015-10-24 07:56 - 00027078 _____ C:\WINDOWS\diagerr.xml
2016-04-20 10:45 - 2015-10-24 07:56 - 00024768 _____ C:\WINDOWS\diagwrn.xml
2016-04-20 10:44 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-20 10:44 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-20 10:40 - 2015-10-24 07:36 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-04-20 10:40 - 2015-10-24 07:36 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-04-20 10:39 - 2015-10-30 03:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-20 10:39 - 2015-10-24 07:42 - 00002926 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2016-04-20 10:39 - 2015-10-24 07:42 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-04-20 10:39 - 2015-10-24 07:41 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-04-20 10:39 - 2015-10-24 07:39 - 00002612 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-04-20 10:39 - 2015-10-24 07:31 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-04-20 10:34 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 10:34 - 2015-10-30 02:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-20 10:34 - 2015-10-24 07:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-04-20 10:34 - 2015-10-24 07:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2016-04-20 10:34 - 2015-10-24 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-20 10:32 - 2015-07-10 05:05 - 00000000 ____D C:\Users\Default.migrated
2016-04-20 10:31 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-20 10:30 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-20 10:30 - 2015-08-18 04:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-20 10:30 - 2015-08-18 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-04-20 10:26 - 2015-10-30 02:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-20 09:56 - 2016-02-13 10:21 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 15:18 - 2015-08-18 04:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-04-18 15:05 - 2015-07-10 07:04 - 00000194 _____ C:\WINDOWS\win.ini
2016-04-17 05:15 - 2015-10-24 07:30 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-04-17 05:15 - 2015-10-24 07:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-17 05:15 - 2015-10-24 07:30 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-08 21:59 - 2015-10-24 07:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-08 21:59 - 2015-10-24 07:42 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-08 14:54 - 2015-10-24 07:39 - 00000000 ____D C:\Program Files\DIFX
2016-04-06 14:32 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 14:32 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-04-08 14:53 - 2016-05-06 21:50 - 0000164 _____ () C:\Users\amebi\AppData\Roaming\sp_data.sys
2016-04-16 03:16 - 2016-04-16 03:16 - 0000697 _____ () C:\Users\amebi\AppData\Local\recently-used.xbel
2016-04-19 19:01 - 2016-04-19 19:01 - 0007600 _____ () C:\Users\amebi\AppData\Local\Resmon.ResmonCfg
2016-04-20 10:24 - 2016-04-20 10:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\amebi\AppData\Local\Temp\Nexus Mod Manager-0.61.21.exe
C:\Users\amebi\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-01 12:15

==================== End of FRST.txt ============================

Attached Files


Edited by Amebix, 06 May 2016 - 10:09 PM.


BC AdBot (Login to Remove)

 


#2 Amebix

Amebix
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 06 May 2016 - 10:03 PM

.


Edited by Amebix, 06 May 2016 - 10:04 PM.


#3 Amebix

Amebix
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 06 May 2016 - 10:08 PM

I tried to upload the txt file but was not sure if it showed up or not...so I will try again...sorry for the double posts....

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:12 PM

Posted 07 May 2016 - 08:28 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Enable the Windows Firewall and AVASTS if not already done.
Windows Firewall is disabled.
AV: avast! Antivirus (Disabled - Up to date)

===


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

HKU\S-1-5-21-3133744223-911963526-3349633446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.4.0.508&pid=safeguard&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3133744223-911963526-3349633446-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.3.0.491&pid=safeguard&sg=&sap=dsp&q={searchTerms}
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-17] (AVG Secure Search)
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [No File]
FF Extension: Steel Cut 1.0.1 - C:\Users\amebi\AppData\Roaming\Mozilla\Firefox\Profiles\tyru0q6a.default\Extensions\{f7898a19-9078-4699-b642-596049d244f6}.xpi [2016-04-17] [not signed]
CHR Extension: (Avast Online Security) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-08]
U0 giniuu; C:\Windows\System32\drivers\yweuxyd.sys [79064 2016-05-06] (Malwarebytes)
S3 dtultrascsibus; \SystemRoot\System32\drivers\dtultrascsibus.sys [X]
S3 dtultrausbbus; \SystemRoot\System32\drivers\dtultrausbbus.sys [X]
C:\Windows\System32\drivers\yweuxyd.sys
C:\WINDOWS\f2f03b90d5a915bd636001b8ba678df2.exe
C:\WINDOWS\MEMORY.DMP

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download to your Desktop the Junkware Removal Tool Download from this link.
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Shutdown your antivirus to avoid any conflicts.
Right click the icon - disable for say 20 mins.
Right-mouse click JRT.exe and select Run as administrator (If using XP just double click on the icon to run it.)
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
======

Please post the logs and let me know what problem persists.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:12 PM

Posted 08 May 2016 - 07:44 AM

Nothing suspicious was identified.

Lets try this scan.
If the process is longer than one hour stop it and let me know.

ttLR1ki.jpg
  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.


#6 Amebix

Amebix
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 09 May 2016 - 10:07 PM

Cool beans.

 

Extras.txt

 

OTL Extras logfile created on: 5/9/2016 10:51:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\amebi\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.95 Gb Total Physical Memory | 5.21 Gb Available Physical Memory | 75.03% Memory free
8.07 Gb Paging File | 6.31 Gb Available in Paging File | 78.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 371.85 Gb Total Space | 145.73 Gb Free Space | 39.19% Space Free | Partition Type: NTFS
Drive D: | 558.91 Gb Total Space | 65.91 Gb Free Space | 11.79% Space Free | Partition Type: NTFS
Drive E: | 107.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: JAYME | User Name: amebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 4E DD 72 D8 60 66 D1 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D34C6C-621D-47B0-BE10-9636FA15246F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0229A4D8-CBCF-40DE-B50B-33088F773B44}" = dir=out | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{027A0DD8-1DDE-4C27-8D48-4B039909F4B9}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{0403380E-1DB9-412E-B473-8D6BF8289A5B}" = dir=out | name=candy crush soda saga |
"{06258A9A-D5A5-45D7-A7B4-0C6A38C07D7D}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{076A9CA3-1E0F-4D26-9227-C9A7DB313D0B}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{090BFA9B-DD1F-476B-95DE-AC8D8E6499BF}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{09B96E2D-6FCC-4C17-9EEF-76D26E6D6872}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\playstv\playstv.exe |
"{0B029B2C-17B6-4DFD-B06C-296238AB7BF8}" = dir=out | name=@{microsoft.bingsports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{0B998D5C-4675-4A19-9276-2BFACF0D7552}" = dir=out | name=@{microsoft.windowsmaps_4.1601.10150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{0D41C7EC-54C5-43C9-9F3D-79ACD765183D}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{0E708493-069D-4882-883B-524C4A8A9EAA}" = dir=out | name=asus giftbox |
"{0F48044C-CA2A-4185-B2D1-3C2A7317DC57}" = dir=out | name=iheartradio |
"{0F72450E-9625-4C8A-93B7-A524150BEC7F}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{13A1B828-3CB0-40DC-97E7-4A71CA783D96}" = dir=out | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{165F4AB4-5DC7-450B-B394-69FC78413236}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{173B40CD-5946-4E3E-97F9-2DA32AA40062}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1768D5A9-170C-4D39-A18A-3C71BBC4BD34}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\playstv\playstv.exe |
"{19425B82-1D56-41B9-881D-988E8A71C4EB}" = dir=out | name=asus welcome |
"{1A18E893-0242-4C78-8812-8D7BF1FB4946}" = dir=in | name=onenote |
"{1C823CF1-B5DD-4D92-B4B9-1F0C4290C148}" = dir=out | name=@{microsoft.bingfinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{1D5E90AA-3605-4AAF-839F-97830B437A0C}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{2005DC9E-2397-45CA-B2B8-67CCE24856FD}" = dir=in | name=@{microsoft.bingweather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{22C5D272-6710-4B37-B868-D2BE988718B6}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{23070826-F198-41DB-854A-B9BF76AE6042}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{248C6ADD-01CD-49A6-814F-FEF1B8C67232}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{2DFF67ED-8599-48D0-A621-A3ACEA79CE8D}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2F2347AA-4007-4EB3-9B26-2F22ED8B684A}" = dir=in | name=@{microsoft.bingfinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{2F757575-13EB-4238-879D-3E14B8593C97}" = dir=out | name=twitter |
"{33FD6370-2563-497D-9CA0-D79DC64E7A14}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{34C58565-0287-482D-A677-7929D649C595}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr_im.exe |
"{36FAA8A1-1117-4D78-99EC-54738A250930}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{39A36085-4E03-4032-8ACD-8C3E469CB178}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr_im.exe |
"{3A6821D0-2E1D-4525-9F1C-954E82A2A2C9}" = dir=out | name=@{microsoft.getstarted_3.5.11.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{3FA84B7D-F5BE-4F0C-8935-F195357E944B}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{404E1384-694F-418D-AFBA-D1E368D14349}" = protocol=6 | dir=in | app=c:\program files (x86)\grinding gear games\path of exile\pathofexile.exe |
"{4255FA4E-792F-49AE-AC53-605E538ADD79}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{43064C43-3A97-4CFA-A06D-703372F8F4D8}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{46017F75-DA05-4E93-94E1-FACDF8762300}" = dir=in | app=c:\program files\cyberlink\powerdirector12\pdr10.exe |
"{491D86DD-5753-4598-ACB5-240000884061}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{4CAEFD29-B582-4CCB-9816-5EF53E329D59}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{508F5DF7-2B7B-426C-B59A-C44346A30314}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{52977F92-C995-4945-B4D7-F82871C19251}" = dir=in | name=microsoft solitaire collection |
"{52AA90A1-A3BB-4F82-9F9D-12BD42065CC9}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{56E4E230-BF24-4AB8-A97E-2C08B4913B56}" = protocol=17 | dir=in | app=c:\program files\acrylic wi-fi professional\acrylic.exe |
"{56E5B2D4-17EF-4E04-9B72-CC6B8C7D7EC9}" = dir=in | name=@{microsoft.microsoftofficehub_17.6927.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{5F3709DB-6A00-402F-B29C-80E58FCB6907}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{6314D35E-08A6-4DBC-9DD0-3D863967CF01}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{6521A60F-D3A9-467C-BA20-8374E6A52900}" = dir=in | name=@{microsoft.commsphone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{65B70C13-BFE0-44B2-A26A-145CFE410A4C}" = dir=out | name=@{microsoft.bingweather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{67350C27-6BF2-408C-B32F-F11566879E13}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{6736CC53-9B8E-4145-8EC1-97CBE042934B}" = dir=in | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{76572400-99B9-459D-9D2D-49024E38BF23}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{7899EE87-6660-4FA3-983F-8A345A20F72F}" = dir=in | app=c:\program files (x86)\glasswire\gwctlsrv.exe |
"{7B573E9B-C8A7-4A35-8C41-BCEB56BB10A5}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{7D656A60-EBEF-424E-8A89-6D6C54F890C7}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{7DB3BF44-9E00-48A1-BBF3-8069E72D1231}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{81BEBCC7-CA17-4A10-ADFB-3123F24BD8EB}" = dir=out | name=microsoft solitaire collection |
"{82AE929E-5E04-4825-8E9D-75D83B328FA3}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{840FC248-6B7F-49BE-8BA0-18F26E2C96FA}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{8523C4EE-372A-4B99-888D-601347CD0488}" = dir=out | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{86C9F35A-E873-4FD1-848D-20101A207E1A}" = dir=in | name=@{microsoft.bingsports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{87858F55-DE64-4358-98A8-127D2EF4735A}" = dir=out | name=@{microsoft.3dbuilder_10.10.38.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{88598119-772A-4BFA-B14E-643F39464967}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{89392510-79BC-45EB-8B94-21618ACF70D2}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{8C2B1CE2-AEC1-408F-B356-F2A7FCE772B0}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{8CD8377F-D3E9-4537-81BA-DAD9FEB5D9E2}" = dir=out | name=windows_ie_ac_001 |
"{8CF2172A-4D76-4839-BD56-4DA69838C5B5}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{8DDE78BD-C154-4ECF-AA06-B674222A13A0}" = protocol=6 | dir=in | app=c:\program files\acrylic wi-fi professional\acrylic.exe |
"{8E8B2818-4CE5-4256-9D69-80EA9155B571}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr.exe |
"{918CCAE9-9D4D-44BF-801C-596603933342}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{919DAD3A-67DE-4C6A-9D9B-DC82726BB807}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{92380A89-B0DA-4216-BE98-EFEC04AE082F}" = dir=in | name=@{microsoft.zunevideo_3.6.19761.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{93835B7A-5AA2-46A4-BDFB-AE54035A098A}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{9680142A-EE28-4739-A7C1-932B583240EA}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{969A8558-1941-4DDE-B669-41CBC117404E}" = dir=out | name=windows_ie_ac_001 |
"{9C161841-70B5-4E63-8493-66FB0CF7E7EB}" = dir=out | name=windows_ie_ac_001 |
"{9D279A2C-5E50-48D4-9F23-7E6D337AC92E}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{9DD16700-3FA6-4B1E-A4B8-92C59591CE60}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{9FAB108A-5853-4284-891B-56A4F89EB0D5}" = dir=out | app=c:\program files (x86)\glasswire\gwctlsrv.exe |
"{A0C123F4-CFD5-4CCC-AD68-4465B91F528B}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{A1CD9CAC-4E65-420B-9082-EC13E5CEE653}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A3D6DE94-853A-4B61-AEBB-94E8FA7F8681}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{A452A8BF-A61B-4665-9E82-5DD02D7A86CE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{A698356B-0520-4FDD-8F14-8ED2D3E711B3}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{A850F003-7C58-427D-84A4-F51A2A0CBA2C}" = dir=out | name=@{microsoft.people_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{AC161843-8876-4662-B745-4217D48F227E}" = dir=in | name=@{microsoft.bingnews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{AF37288F-EFC1-4107-8E2E-F9C5A30427C7}" = dir=in | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{B1F9BD03-A24F-47B1-943C-A8BB8BBFCD6F}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{B3B9C58C-A453-47C0-9802-B44670E1FAFF}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B4AD7154-DD52-40F4-BFD8-C02CAF0578A5}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{B567029A-EB1B-4047-B275-B3C35A89D1AE}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B750D996-4EB8-4F4F-BDD7-FE0F3D5D11E1}" = protocol=17 | dir=in | app=d:\games\crusader kings ii\ck2game.exe |
"{B930F02C-B673-4015-A7CA-5CE100A8D014}" = dir=in | name=xbox |
"{BDD3FE5E-447D-4181-9100-806E7D1DEDC4}" = dir=out | name=@{microsoft.windowsphone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{BFBCA42C-526E-4EAD-9480-2B1A9A93AD44}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{C087E6C5-A55C-4AEC-B9D9-20B1BC7C9661}" = dir=in | name=@{microsoft.windows.photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{C27E657E-38F6-491D-BBD0-20B78720E771}" = dir=out | name=@{microsoft.commsphone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{C30B5322-A3DD-46BB-BE51-A27F99AF813F}" = dir=out | name=@{microsoft.zunevideo_3.6.19761.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C38C2471-E707-4DCF-B79F-398DD8B93775}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{C43A97D5-7040-49F8-B696-A60F28126CC7}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C7230CF2-6AA6-4A16-93F8-FCC3EF2F615B}" = dir=out | name=@{microsoft.windows.photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{CAC31204-A110-43CE-BC9A-9636F121CFE4}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{CAD5116B-F1A4-49A6-A38F-64AC23B33DF8}" = dir=in | name=iheartradio |
"{CB104A19-AF3F-41C6-8BDE-8FACCFB702CF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{CB55E322-4961-425C-BD4F-BFF493CE15EB}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{CCFB2A0F-27A1-4D0D-BAFE-A01FFE897AED}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{CE98BDB2-FC79-4411-AA80-AD9E9F86AF4D}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{CEC45D4F-6172-4A6A-81A4-92844C680551}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{CEEB65F9-483C-4D4D-849E-8DDC77790DCE}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D1E9CEA8-28C6-4E47-AA7B-A42E7F6AA8D9}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{D2240D53-C277-4EF3-8384-FD3A90F68BFE}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{D30DE76C-F58A-478C-9F49-B8EC269D1F6F}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{D3B206AB-6688-49C7-8F44-EB24261F7F4B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{D5CCF768-6B45-4DBC-B3AC-D44A9E0A20CB}" = dir=out | name=netflix |
"{D5E65261-ADB0-4757-A00D-E9C793663833}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{D6BD138F-CF06-46D8-9275-0A93F86B1DFA}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{DA48F1D5-16F8-4193-B32A-240D24AC6442}" = dir=in | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{DB61A59C-30A6-411F-914D-0770BA9673C2}" = dir=out | name=@{microsoft.microsoftofficehub_17.6927.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{DD362A7E-0D5D-466C-85FC-0C56207AB76D}" = dir=out | name=tripadvisor hotels flights restaurants |
"{DD4CE98C-17CE-408E-81E1-96FD37BAB1E3}" = protocol=6 | dir=in | app=d:\games\crusader kings ii\ck2game.exe |
"{DDED4E40-83BA-4AF2-974B-3B38536D09D5}" = dir=out | name=onenote |
"{E15D47E4-E2C2-4519-AFFD-4AC55E578921}" = dir=in | name=netflix |
"{E19446FC-4986-46C8-B051-93298CA077C0}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E35C7E0E-27DA-4913-A272-CF2506703532}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EA35C04E-7DDA-47E3-9BD2-D67BA2002610}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EC74679B-4D34-4770-B79F-C68234AF9AC2}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{EDD8FACF-D4B0-4D7A-AC87-1E0DF89D61BD}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{EEAE5A9C-D9A3-41C3-B1C5-FA10481A101C}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr.exe |
"{EEB0C766-899A-44FE-9DA7-856792CBA107}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F166A525-F5B4-4A0F-A0E8-4E89774736E3}" = dir=out | name=sway |
"{F273E01C-9CFB-448D-8F74-925EE2C8F51B}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{F41DDC75-DC5E-4C3E-A25E-196235257695}" = dir=out | name=flipboard |
"{F5959D50-C875-4DE0-AAC9-8AB7CC08E415}" = dir=out | name=xbox |
"{F697AB01-0B6A-4214-A31D-675096F3B432}" = dir=in | name=sway |
"{F6F50727-9308-45FB-8498-498EA64C3D5A}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{F9186F5F-D22E-40C2-9CDA-B2D9C783799B}" = dir=out | name=@{microsoft.bingnews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{FB488233-50B7-488A-A43C-926A9A26DF6A}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{FD708514-9E37-40B4-A18B-D07D6AEEE34D}" = protocol=17 | dir=in | app=c:\program files (x86)\grinding gear games\path of exile\pathofexile.exe |
"TCP Query User{CCF7447D-9406-4299-804A-90049AC1D21B}C:\program files (x86)\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
"UDP Query User{AB122101-2612-4D6C-9C2C-DB98979FD7A9}C:\program files (x86)\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{027C76C5-56C6-379A-6AE0-009495E47B7A}" = Catalyst Control Center Next Localization HU
"{04738FBA-7865-DD5A-A99A-2003532E4E5C}" = Catalyst Control Center Next Localization DE
"{0A37C9FF-C302-398E-52AF-D53336C81B5C}" = Catalyst Control Center Next Localization EL
"{12491C0B-119E-6E0C-444D-F664E3DB51BF}" = Catalyst Control Center Next Localization TH
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
"{26071265-5B56-E1BD-07E3-50FFAE47FFA2}" = Catalyst Control Center Next Localization RU
"{28DA82B8-2420-7D93-A3E6-1873FE8A436D}" = Catalyst Control Center Next Localization CHT
"{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1" = Avast SecureLine for Asustek
"{2F00E596-119B-4C2B-95F3-847BCC418AD5}" = Catalyst Control Center Next Localization PL
"{307032B2-6AF2-46D7-B933-62438DEB2B9A}" = Maxx Audio Installer (x64)
"{3159CDBD-7139-E044-3ECF-6A8D4620744D}" = Catalyst Control Center Next Localization KO
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3F62FA58-2980-138F-2FC3-7F9F909E8EF0}" = Catalyst Control Center Next Localization DA
"{4228ED6A-545D-EB64-7E47-33BCE078DC31}" = Catalyst Control Center Next Localization JA
"{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector 5
"{60EC2E2A-3C43-B5D6-382E-205D5E6C3A44}" = Catalyst Control Center Next Localization ES
"{77E6694B-FAD1-FF2C-1EF6-42BFAF548865}" = Catalyst Control Center Next Localization NL
"{78ACE60E-0CB7-4935-BCD4-F33422105607}" = AMD Settings - Branding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8B13D211-0BCF-D7C6-4C96-11FD7EE045F9}" = Catalyst Control Center Next Localization BR
"{90E54AF6-25EF-94C1-EEBD-018348AAD188}" = Catalyst Control Center Next Localization SV
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9EE6146A-2CEE-53D0-FDDD-18BB92AB17D4}" = AMD Install Manager
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AC5FFA88-C684-D3F3-10A3-8619755538EC}" = AMD Radeon Settings
"{AE48978D-678A-2575-D99A-E99305E62914}" = Catalyst Control Center Next Localization TR
"{AF85D8EE-9549-9D67-19C6-586AEBC04FC8}" = Catalyst Control Center Next Localization FI
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B83BBB6A-8664-23D5-0D70-3EF040003503}" = Catalyst Control Center Next Localization FR
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D5439C07-FF9B-4628-E0B9-BF5BA0221B5E}" = ACP Application
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA20870D-E205-BB9B-9821-D75DA3F2613F}" = Catalyst Control Center Next Localization NO
"{E0E70106-2707-EF80-4F75-3D33A48433D4}" = Catalyst Control Center Next Localization CS
"{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"{F2F6DE92-2BE9-55BA-DD8A-D23213949A51}" = Catalyst Control Center Next Localization IT
"{F951DBAB-D453-674A-BF66-7E346F1CC146}" = Catalyst Control Center Next Localization CHS
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"A044C5901003C24E6891688653ABA1068D04A1A0" = Windows Driver Package - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262)
"AMD Catalyst Install Manager" = AMD Install Manager
"VulkanRT1.0.3.1" = Vulkan Run Time Libraries 1.0.3.1
"VulkanRT1.0.3.1-2" = Vulkan Run Time Libraries 1.0.3.1
"WinRAR archiver" = WinRAR 5.31 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04768366-F421-4BA5-8423-B84F644B5249}" = ASUS HiPost
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1a63c099-febd-4eaf-83ad-a82ea4fdac49}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A7D3D7-D312-4549-B349-2226AF6C6A83}" = inSSIDer 4
"{23daf363-3020-4059-b3ae-dc4ad39fed19}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{33b0f3b1-d709-45bc-a6e3-b6bce583cbc1}" = Path of Exile
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}" = ASUS GIFTBOX Desktop
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{50A1696B-27D3-42ED-A61A-CF7E35D9A21A}_is1" = ipFilterUpdater version 2014.09
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}" = WPT Redistributables
"{652DCB6A-4EE9-4E57-10F9-5717EF25C4DC}" = Windows Assessment Toolkit (AMD64 Architecture Specific)
"{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506
"{6B623E0A-8ABC-0C56-8950-57582A04F6BC}" = AMD Settings
"{6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}" = Toolkit Documentation
"{6EA3CA0C-A025-FD48-D9C2-6191B9491E43}" = Windows Deployment Customizations
"{6FDE09DB-D711-593B-0823-D99D2A757227}" = Windows PE x86 x64
"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D6B05E0-F457-408C-9D13-549334D8FAE1}" = Device Setup
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{91FCB2B7-3DE5-E01B-45EA-06C526E1C011}" = AMD Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}" = OEM Application Profile
"{b55f7208-e02b-4828-ac78-59c73ddf5bc7}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{B74E65FD-CC47-41C5-4B89-791A3F61942D}" = Kits Configuration Installer
"{B90EA26C-A5B0-BF3D-D5CB-D9716EBB5785}" = Windows Assessment Toolkit
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}" = WPTx64
"{C1C83898-5A60-AE9D-A3AB-7534375CA453}" = Assessments on Client
"{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}" = Gaming Assistant
"{C477F452-4589-BFC1-304B-22C63960FC40}" = Windows PE x86 x64 wims
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{e9e06304-a604-434b-b35f-d9beb94dc06d}" = Windows Assessment and Deployment Kit for Windows 8.1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5D2F537-A22F-41BC-8305-0EC15D570276}_is1" = Dreamfall Chapters ver. 4.2.1.8
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F79B8F11-E2CE-547F-C0B9-9A0C2EC0D51D}" = Windows System Image Manager on amd64
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEA31583-30A7-0951-718C-AF75DCB003B1}" = Windows Deployment Tools
"{FEDC7C10-EF67-11E4-9B07-00505695D7B0}" = Evernote v. 5.8.6
"1207667263_is1" = NEO Scavenger
"1435582019_is1" = Rebel Galaxy
"1439548178_is1" = STASIS
"1447763046_is1" = The Long Dark
"1455645883_is1" = X Rebirth
"1456487183_is1" = Undertale
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Avast" = Avast Free Antivirus
"BitRaider Streaming Client" = BitRaider Streaming Client
"Crusader Kings II_is1" = Crusader Kings II version 2.5.2.0
"Deluge" = Deluge 1.3.12
"Dying Light_is1" = Dying Light version 1.3.0.0
"Fahrenheit Indigo Prophecy Remastered_is1" = Fahrenheit Indigo Prophecy Remastered
"Fallout 4_is1" = Fallout 4 v.1.5.157
"Far Cry 4_is1" = Far Cry 4 version 1.10.0.0
"Foxit Reader_is1" = Foxit Reader
"Fran Bow_R.G. Mechanics_is1" = Fran Bow
"Gemini Rue_is1" = Gemini Rue
"Google Chrome" = Google Chrome
"InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector 5
"InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"Mad Max_is1" = Mad Max
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"Middle Earth Shadow of Mordor_is1" = Middle Earth Shadow of Mordor
"mIRC" = mIRC
"Mozilla Firefox 46.0.1 (x86 en-US)" = Mozilla Firefox 46.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NirSoft Wireless Network Watcher" = NirSoft Wireless Network Watcher
"Notepad++" = Notepad++
"ODEUNST #1" = KrView
"OpenAL" = OpenAL
"pcsx2" = PCSX2 - Playstation 2 Emulator
"pcsx2-r5875" = PCSX2 - Playstation 2 Emulator
"Pinball FX2 - Star Wars Pinball The Force Awakens Pack_is1" = Pinball FX2 - Star Wars Pinball The Force Awakens Pack
"PlaysTV" = PlaysTV
"PowerISO" = PowerISO
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"Soulseek2" = SoulSeek 157 NS 13e
"Starpoint Gemini 2 [+ DLC: Secrets of Aethera, O~59404EE7_is1" = Starpoint Gemini 2 [+ DLC: Secrets of Aethera, Origins and Titans] version v1.9200
"swtor_swtor" = Star Wars The Old Republic
"The Binding of Isaac Rebirth 1.0" = The Binding of Isaac Rebirth 1.0
"The Walking Dead - Michonne_is1" = The Walking Dead - Michonne version The Walking Dead - Michonne
"The Wolf Among Us_R.G. Mechanics_is1" = The Wolf Among Us
"Visual Pinball" = Visual Pinball VPInstaller 1.0.3
"VLC media player" = VLC media player
"VTUploader" = VirusTotal Uploader 2.2
"Winamp" = Winamp
"X Rebirth: Home of Light_is1" = X Rebirth - Home of Light
"X Rebirth: The Teladi Outpost_is1" = X Rebirth - The Teladi Outpost
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/9/2016 10:35:39 PM | Computer Name = Jayme | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/9/2016 10:35:42 PM | Computer Name = Jayme | Source = Application Error | ID = 1000
Description = Faulting application name: SearchUI.exe, version: 10.0.10586.218,
time stamp: 0x56ff3abe  Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.212,
 time stamp: 0x56fa191c  Exception code: 0xc000027b  Fault offset: 0x00000000006fd4eb
Faulting
 process id: 0x15a8  Faulting application start time: 0x01d1aa64a5742b61  Faulting application
 path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: 616a4e89-218b-4213-b5b5-5f08e05c9af8
Faulting
 package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting
 package-relative application ID: CortanaUI
 
Error - 5/9/2016 10:35:42 PM | Computer Name = Jayme | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/9/2016 10:35:44 PM | Computer Name = Jayme | Source = Application Error | ID = 1000
Description = Faulting application name: SearchUI.exe, version: 10.0.10586.218,
time stamp: 0x56ff3abe  Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.212,
 time stamp: 0x56fa191c  Exception code: 0xc000027b  Fault offset: 0x00000000006fd4eb
Faulting
 process id: 0x1788  Faulting application start time: 0x01d1aa64a715e23b  Faulting application
 path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: d15b7e78-0f89-4f22-b495-c1081b91cad3
Faulting
 package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting
 package-relative application ID: CortanaUI
 
Error - 5/9/2016 10:35:45 PM | Computer Name = Jayme | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/9/2016 10:35:47 PM | Computer Name = Jayme | Source = Application Error | ID = 1000
Description = Faulting application name: SearchUI.exe, version: 10.0.10586.218,
time stamp: 0x56ff3abe  Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.212,
 time stamp: 0x56fa191c  Exception code: 0xc000027b  Fault offset: 0x00000000006fd4eb
Faulting
 process id: 0xfd0  Faulting application start time: 0x01d1aa64a8cbee72  Faulting application
 path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: a771fe56-e952-4039-9cc4-0f9dcacdf401
Faulting
 package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting
 package-relative application ID: CortanaUI
 
Error - 5/9/2016 10:35:49 PM | Computer Name = Jayme | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/9/2016 10:35:51 PM | Computer Name = Jayme | Source = Application Error | ID = 1000
Description = Faulting application name: SearchUI.exe, version: 10.0.10586.218,
time stamp: 0x56ff3abe  Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.212,
 time stamp: 0x56fa191c  Exception code: 0xc000027b  Fault offset: 0x00000000006fd4eb
Faulting
 process id: 0x1668  Faulting application start time: 0x01d1aa64aadb0857  Faulting application
 path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: d1aa0cea-ace4-4ce8-8f90-47fa73ee72d0
Faulting
 package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting
 package-relative application ID: CortanaUI
 
Error - 5/9/2016 10:35:52 PM | Computer Name = Jayme | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
 failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 5/9/2016 10:42:54 PM | Computer Name = Jayme | Source = Application Error | ID = 1000
Description = Faulting application name: SearchUI.exe, version: 10.0.10586.218,
time stamp: 0x56ff3abe  Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.212,
 time stamp: 0x56fa191c  Exception code: 0xc000027b  Fault offset: 0x00000000006fd4eb
Faulting
 process id: 0x1ca4  Faulting application start time: 0x01d1aa65a6dcb812  Faulting application
 path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: 0ec1bb83-419d-41d9-89d5-f88b15dcb928
Faulting
 package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting
 package-relative application ID: CortanaUI
 
[ System Events ]
Error - 5/9/2016 3:07:15 AM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
Error - 5/9/2016 8:00:00 AM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
Error - 5/9/2016 4:02:33 PM | Computer Name = Jayme | Source = NetBT | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the interface
 with IP address 192.168.1.127.  The computer with the IP address 192.168.1.117 did
 not allow the name to be claimed by  this computer.
 
Error - 5/9/2016 4:04:05 PM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
Error - 5/9/2016 7:45:27 PM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
Error - 5/9/2016 10:33:25 PM | Computer Name = Jayme | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:25:47 PM on ?5/?9/?2016 was unexpected.
 
Error - 5/9/2016 10:34:21 PM | Computer Name = Jayme | Source = BugCheck | ID = 1001
Description =
 
Error - 5/9/2016 10:37:49 PM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
Error - 5/9/2016 10:38:08 PM | Computer Name = Jayme | Source = Service Control Manager | ID = 7022
Description = The Delivery Optimization service hung on starting.
 
Error - 5/9/2016 10:40:11 PM | Computer Name = Jayme | Source = DCOM | ID = 10016
Description =
 
[ Windows Assessment Console Events ]
Error - 4/22/2016 8:43:41 PM | Computer Name = Jayme | Source = Windows Assessment Console | ID = 0
Description =
 
Error - 4/22/2016 8:43:41 PM | Computer Name = Jayme | Source = Windows Assessment Console | ID = 0
Description =
 
 
< End of report >
 

OTL.txt

 

OTL logfile created on: 5/9/2016 10:51:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\amebi\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.95 Gb Total Physical Memory | 5.21 Gb Available Physical Memory | 75.03% Memory free
8.07 Gb Paging File | 6.31 Gb Available in Paging File | 78.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 371.85 Gb Total Space | 145.73 Gb Free Space | 39.19% Space Free | Partition Type: NTFS
Drive D: | 558.91 Gb Total Space | 65.91 Gb Free Space | 11.79% Space Free | Partition Type: NTFS
Drive E: | 107.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: JAYME | User Name: amebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2016/05/09 22:50:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\amebi\Desktop\OTL.exe
PRC - [2016/05/09 17:13:01 | 007,391,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/05/09 17:12:55 | 000,243,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/05/05 17:37:32 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/04/20 12:57:11 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2016/04/08 14:57:51 | 000,465,088 | ---- | M] () -- C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
PRC - [2016/04/05 12:48:48 | 000,032,528 | ---- | M] (Plays.tv, LLC) -- C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
PRC - [2015/07/20 16:02:32 | 000,315,704 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
PRC - [2015/07/07 18:06:56 | 000,295,736 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2015/07/07 18:06:56 | 000,123,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2015/06/09 23:25:58 | 000,062,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2015/05/25 16:20:18 | 019,782,224 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2015/05/21 17:52:36 | 000,439,096 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2015/04/22 13:28:24 | 000,222,008 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2015/04/01 21:01:32 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016/05/09 17:12:58 | 000,479,680 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/05/09 17:12:58 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/05/09 17:12:55 | 000,135,816 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/04/20 12:57:34 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/04/20 12:57:11 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/04/20 12:57:11 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2016/04/08 21:52:01 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/06/09 23:25:58 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
MOD - [2015/06/09 23:25:58 | 000,035,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016/05/09 17:12:55 | 000,243,296 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2016/04/08 14:57:51 | 000,465,088 | ---- | M] () [Auto | Running] -- C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe -- (SecureLine)
SRV:64bit: - [2016/04/03 23:18:06 | 000,121,856 | ---- | M] (Advanced Micro Devices) [Auto | Stopped] -- C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe -- (amdacpusrsvc)
SRV:64bit: - [2016/04/03 21:56:14 | 000,251,392 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2016/04/01 23:21:17 | 000,498,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016/04/01 23:15:47 | 001,090,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2016/04/01 23:07:41 | 002,158,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2016/03/29 03:51:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2016/03/29 03:50:15 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2016/03/29 03:38:23 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016/03/29 03:27:45 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016/03/29 03:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2016/03/29 03:13:03 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2016/03/29 02:32:15 | 001,098,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2016/03/29 01:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016/02/24 05:34:50 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2016/02/24 05:28:35 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2016/02/24 04:43:01 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016/02/24 03:19:10 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016/02/24 03:07:53 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2016/02/24 02:59:32 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016/02/24 02:40:53 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2016/02/24 02:18:37 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2016/02/23 05:20:41 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016/02/23 05:17:08 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2016/02/23 04:29:35 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016/02/23 04:28:32 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016/02/23 04:20:42 | 000,847,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016/02/23 04:20:36 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2016/02/23 03:58:02 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2016/02/13 08:54:41 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2016/02/13 08:54:39 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2016/02/13 08:54:39 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016/02/13 08:54:39 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016/02/13 08:54:36 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2015/10/30 03:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2015/10/30 03:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2015/10/30 03:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2015/10/30 03:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2015/10/30 03:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2015/10/30 03:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/10/30 03:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2015/10/30 03:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/10/30 03:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015/10/30 03:18:01 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2015/10/30 03:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2015/10/30 03:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2015/10/30 03:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2015/10/30 03:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2015/10/30 03:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2015/10/30 03:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2015/10/30 03:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2015/10/30 03:17:58 | 000,764,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2015/10/30 03:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2015/10/30 03:17:54 | 000,360,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2015/10/30 03:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2015/10/30 03:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2015/10/30 03:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2015/10/30 03:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2015/10/30 03:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2015/10/30 03:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_f8e094)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_5352d)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_4e730)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3a19a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_38d02)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_36946)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_359ba)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_35614)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_2d0df)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_2be9a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_f8e094)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_5352d)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_4e730)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3a19a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_38d02)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_36946)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_359ba)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_35614)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_2d0df)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_2be9a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_f8e094)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_5352d)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_4e730)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3a19a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_38d02)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_36946)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_359ba)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_35614)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_2d0df)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_2be9a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_f8e094)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_5352d)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_4e730)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_450e2)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3a19a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_38d02)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_36946)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_359ba)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_35614)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_2d0df)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_2be9a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_f8e094)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_5352d)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_4e730)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3a19a)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_38d02)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_36946)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_359ba)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_35614)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_2d0df)
SRV:64bit: - [2015/10/30 03:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_2be9a)
SRV:64bit: - [2015/10/30 03:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2015/10/30 03:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2015/10/30 03:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2015/10/30 03:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2015/10/30 03:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2015/10/30 03:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2015/10/30 03:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2015/10/30 03:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2015/10/30 03:17:43 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2015/10/30 03:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2015/10/30 03:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2015/10/30 03:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2015/10/30 03:17:37 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015/10/30 03:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/10/30 03:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2015/10/30 03:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2015/10/30 03:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015/10/30 03:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/04/14 21:59:04 | 000,389,896 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2016/05/07 23:54:43 | 000,363,208 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptStub.exe -- (BRSptStub)
SRV - [2016/05/05 17:37:31 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/04/09 16:38:48 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/04/05 12:48:48 | 000,032,528 | ---- | M] (Plays.tv, LLC) [Auto | Running] -- C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe -- (PlaysService)
SRV - [2016/02/24 02:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 03:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 03:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 03:18:29 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/10/30 03:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/10/30 03:18:21 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/10/30 03:17:21 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/07/20 16:02:32 | 000,315,704 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe -- (ASUSGiftBoxDekstop)
SRV - [2015/07/07 18:06:56 | 000,123,704 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2015/04/01 21:01:32 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016/05/09 17:13:06 | 000,465,792 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2016/05/09 17:13:06 | 000,287,528 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2016/05/09 17:13:06 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016/05/09 17:13:06 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2016/05/09 17:13:06 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2016/05/09 17:13:06 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016/05/09 17:13:05 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2016/05/09 17:12:45 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2016/05/09 17:12:45 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2016/04/04 00:10:50 | 000,023,240 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2016/04/04 00:09:38 | 026,345,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2016/04/03 23:22:28 | 000,102,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:64bit: - [2016/04/03 21:31:54 | 000,676,864 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2016/03/29 06:23:38 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016/03/29 05:25:13 | 000,258,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016/03/29 04:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016/03/29 04:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016/03/29 03:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2016/02/23 05:25:27 | 000,534,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016/02/23 05:20:35 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2016/02/13 09:03:08 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2016/02/13 09:02:50 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2016/02/13 08:54:36 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016/02/13 08:54:36 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016/02/13 08:54:36 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2015/12/17 22:28:28 | 000,056,352 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2015/12/14 14:45:00 | 000,101,368 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2015/10/30 03:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2015/10/30 03:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2015/10/30 03:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2015/10/30 03:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/10/30 03:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/10/30 03:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2015/10/30 03:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2015/10/30 03:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2015/10/30 03:18:03 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2015/10/30 03:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2015/10/30 03:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2015/10/30 03:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:64bit: - [2015/10/30 03:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2015/10/30 03:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2015/10/30 03:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2015/10/30 03:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2015/10/30 03:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2015/10/30 03:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2015/10/30 03:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2015/10/30 03:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2015/10/30 03:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2015/10/30 03:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2015/10/30 03:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2015/10/30 03:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2015/10/30 03:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2015/10/30 03:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2015/10/30 03:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2015/10/30 03:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2015/10/30 03:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/10/30 03:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2015/10/30 03:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2015/10/30 03:17:37 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2015/10/30 03:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/10/30 03:17:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2015/10/30 03:17:37 | 000,087,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2015/10/30 03:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2015/10/30 03:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2015/10/30 03:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/10/30 03:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2015/10/30 03:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2015/10/30 03:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2015/10/30 03:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2015/10/30 03:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2015/10/30 03:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2015/10/30 03:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2015/10/30 03:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2015/10/30 03:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2015/10/30 03:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2015/10/30 03:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2015/10/30 03:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2015/10/30 03:17:23 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2015/10/30 03:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2015/10/30 03:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2015/10/30 03:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2015/10/30 03:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2015/10/30 03:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2015/10/30 03:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2015/10/30 03:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2015/10/30 03:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2015/10/30 03:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2015/10/30 03:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2015/10/30 03:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2015/10/30 03:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2015/10/30 03:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2015/10/30 03:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2015/10/30 03:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2015/10/30 03:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2015/10/30 03:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2015/10/30 03:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2015/10/30 03:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2015/10/30 03:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2015/10/30 03:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2015/10/30 03:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2015/10/30 03:17:22 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015/10/30 03:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2015/10/30 03:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2015/10/30 03:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2015/10/30 03:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2015/10/30 03:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2015/10/30 03:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2015/10/30 03:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2015/10/30 03:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2015/10/30 03:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2015/10/30 03:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2015/10/30 03:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2015/10/30 03:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2015/10/30 03:17:22 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2015/10/30 03:17:21 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2015/10/30 03:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2015/10/30 03:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2015/10/30 03:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2015/10/30 03:17:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2015/10/30 03:17:18 | 000,081,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2015/10/30 03:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2015/10/30 03:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/10/30 03:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2015/10/30 03:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2015/10/30 03:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2015/10/30 03:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2015/10/30 03:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2015/10/30 03:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2015/10/30 03:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2015/10/30 03:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2015/10/30 03:17:18 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2015/10/30 03:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2015/10/30 03:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2015/10/08 03:00:24 | 000,127,760 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2015/07/28 02:01:41 | 000,888,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2015/07/14 21:04:26 | 004,317,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw10x.sys -- (athr)
DRV:64bit: - [2015/05/25 16:20:18 | 000,021,816 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2015/05/13 01:44:22 | 000,019,976 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2014/02/20 05:52:20 | 000,048,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RegHiveRecovery.sys -- (RegHiveRecovery)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2015/10/30 03:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV - [2015/05/08 13:49:58 | 000,018,048 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2015/05/08 13:07:06 | 000,020,096 | ---- | M] (ASUSTek Computer Inc.) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2013/08/22 05:17:52 | 000,040,552 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.4.0.508&pid=safeguard&sg=&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={0A5DF470-4ADE-4580-B73E-8A6A483485B5}&mid=4ca115ea355c47ccb865fd1f9af4633d-06cc0b04c4c05fa2d5ab75c90a39de3e022a9014&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2016-04-15 16:10:54&v=19.3.0.491&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en)"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\amebi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\amebi\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\amebi\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\amebi\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/05/09 17:13:09 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/05/09 17:13:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/05/09 17:13:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/05/09 17:13:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2016/04/08 16:08:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\amebi\AppData\Roaming\mozilla\Extensions
[2016/04/28 19:50:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\amebi\AppData\Roaming\mozilla\Firefox\Profiles\tyru0q6a.default\extensions
[2016/04/28 19:50:24 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\amebi\AppData\Roaming\mozilla\firefox\profiles\tyru0q6a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/04/17 15:20:24 | 000,006,424 | ---- | M] () (No name found) -- C:\Users\amebi\AppData\Roaming\mozilla\firefox\profiles\tyru0q6a.default\extensions\{f7898a19-9078-4699-b642-596049d244f6}.xpi
[2016/05/05 17:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.242_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
 
O1 HOSTS File: ([2015/07/10 07:02:42 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O4:64bit: - HKLM..\Run: [StartCN] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PlaysTV] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe (Plays.tv, LLC)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKCU..\Run: [OneDrive] C:\Users\amebi\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.13.180 167.206.13.181 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7bec3f81-9791-41a4-b56c-bb926f04f1f8}: DhcpNameServer = 167.206.13.180 167.206.13.181 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{fa36c685-3a93-4d06-9586-dd4766c06833}: DhcpNameServer = 167.206.13.180 167.206.13.181 192.168.1.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = "F:\setup_big_race_usa.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/05/09 22:50:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\amebi\Desktop\OTL.exe
[2016/05/09 20:28:58 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\Tor Browser
[2016/05/09 17:49:04 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\sega
[2016/05/09 17:47:10 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\Fusion364
[2016/05/09 17:33:05 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaunchBox
[2016/05/09 17:32:49 | 000,000,000 | ---D | C] -- C:\Users\amebi\LaunchBox
[2016/05/09 17:19:05 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr71.dll
[2016/05/09 17:18:20 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Users\amebi\Desktop\msvcr71.dll
[2016/05/09 17:13:10 | 000,398,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2016/05/09 17:12:58 | 000,052,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/05/09 17:11:48 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\vbr
[2016/05/09 17:05:36 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\sms
[2016/05/09 16:17:09 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\emulation
[2016/05/08 03:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
[2016/05/07 23:56:48 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Pinball
[2016/05/07 23:54:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BitRaider
[2016/05/07 23:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\BitRaider
[2016/05/07 23:54:22 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\SWTORPerf
[2016/05/07 23:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2016/05/07 23:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2016/05/07 23:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2016/05/07 21:22:16 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\The Wolf Among Us
[2016/05/06 22:46:57 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/06 21:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/05/06 21:52:24 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2016/05/06 21:52:24 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2016/05/06 21:52:24 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2016/05/06 21:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/05/06 21:03:51 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Introversion
[2016/05/06 20:59:06 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\HPL3
[2016/05/06 17:46:27 | 000,000,000 | -HSD | C] -- C:\Users\amebi\AppData\Local\ms-drivers
[2016/05/06 17:46:27 | 000,000,000 | -HSD | C] -- C:\Users\amebi\AppData\Local\icsxml
[2016/05/06 17:45:24 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\MetaGeek,_LLC
[2016/05/06 17:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
[2016/05/06 17:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek
[2016/05/06 07:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mad Max
[2016/05/05 21:31:17 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\SkidRow
[2016/05/05 21:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2016/05/05 21:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2016/05/04 02:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dreamfall Chapters Special Edition
[2016/05/04 02:30:23 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\PlanetExplorers
[2016/05/03 12:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx
[2016/05/02 22:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X Rebirth [GOG.com]
[2016/05/02 22:25:26 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\Egosoft
[2016/05/01 03:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2016/05/01 02:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2016/05/01 02:59:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Winamp
[2016/05/01 02:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2016/04/29 23:54:04 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\CPY_SAVES
[2016/04/29 00:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fahrenheit Indigo Prophecy Remastered
[2016/04/28 20:31:31 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\roms
[2016/04/25 20:57:47 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Hinterland
[2016/04/25 15:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2016/04/25 15:49:51 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Notepad++
[2016/04/25 15:49:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2016/04/25 15:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2016/04/25 15:25:52 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\mIRC
[2016/04/25 15:25:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2016/04/23 23:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2016/04/23 23:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2016/04/23 19:17:12 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\WB Games
[2016/04/23 16:53:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
[2016/04/23 16:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEO Scavenger [GOG.com]
[2016/04/23 00:13:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016/04/22 20:37:47 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\Assessment Results
[2016/04/22 20:37:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\Windows Assessment Console
[2016/04/22 20:37:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Microsoft_Corporation
[2016/04/22 20:37:39 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Windows Assessment Console
[2016/04/22 18:44:04 | 000,048,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RegHiveRecovery.sys
[2016/04/22 18:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2016/04/22 18:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2016/04/22 17:14:02 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KrView
[2016/04/22 17:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KrView
[2016/04/22 17:13:51 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2016/04/22 17:13:50 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvbvm60.dll
[2016/04/22 17:13:50 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comdlg32.ocx
[2016/04/22 17:13:50 | 000,151,622 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\modcas.dll
[2016/04/22 17:13:50 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\odestkit.dll
[2016/04/22 17:13:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ODEUNST.EXE
[2016/04/22 13:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2016/04/22 13:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2016/04/20 15:04:52 | 018,673,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/04/20 15:04:50 | 001,626,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/04/20 15:04:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wininetlui.dll
[2016/04/20 15:04:46 | 004,894,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/04/20 15:04:46 | 001,946,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/04/20 15:04:45 | 005,662,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/04/20 15:04:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininetlui.dll
[2016/04/20 15:04:43 | 001,818,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/04/20 15:04:42 | 022,378,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/04/20 15:04:41 | 007,836,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/04/20 15:04:40 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/04/20 15:04:39 | 007,474,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/04/20 15:04:37 | 003,592,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/04/20 15:04:36 | 006,952,088 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/04/20 15:04:35 | 008,705,672 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/04/20 15:04:33 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/04/20 15:04:33 | 000,536,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/04/20 15:04:33 | 000,369,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2016/04/20 15:04:33 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/04/20 15:04:32 | 011,545,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/04/20 15:04:29 | 005,242,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/04/20 15:04:26 | 016,985,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/04/20 15:04:25 | 006,607,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/04/20 15:04:22 | 013,018,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/04/20 15:04:20 | 000,408,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/04/20 15:04:19 | 014,252,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2016/04/20 15:04:18 | 000,513,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/04/20 15:04:17 | 001,388,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/04/20 15:04:17 | 001,173,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/04/20 15:04:17 | 000,713,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/04/20 15:04:13 | 003,449,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2016/04/20 15:04:11 | 006,972,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2016/04/20 15:04:09 | 007,533,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2016/04/20 15:04:08 | 001,944,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/04/20 15:04:08 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/04/20 15:04:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/04/20 15:04:07 | 002,624,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/04/20 15:04:05 | 012,586,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2016/04/20 15:04:01 | 005,321,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2016/04/20 15:04:00 | 006,740,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2016/04/20 15:03:59 | 003,994,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/04/20 15:03:59 | 001,318,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2016/04/20 15:03:53 | 005,202,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/04/20 15:03:51 | 002,581,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/04/20 15:03:51 | 000,848,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/04/20 15:03:51 | 000,709,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/04/20 15:03:50 | 002,544,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/04/20 15:03:50 | 002,061,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/04/20 15:03:49 | 002,912,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2016/04/20 15:03:49 | 002,773,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/04/20 15:03:48 | 002,180,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/04/20 15:03:48 | 000,576,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/04/20 15:03:47 | 002,604,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2016/04/20 15:03:46 | 004,827,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2016/04/20 15:03:46 | 002,186,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/04/20 15:03:45 | 001,297,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/04/20 15:03:44 | 001,490,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2016/04/20 15:03:44 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2016/04/20 15:03:43 | 002,158,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/04/20 15:03:43 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/04/20 15:03:42 | 001,996,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2016/04/20 15:03:41 | 004,412,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2016/04/20 15:03:40 | 000,986,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/04/20 15:03:39 | 001,707,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/04/20 15:03:39 | 001,139,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblGameSave.dll
[2016/04/20 15:03:39 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/04/20 15:03:37 | 003,575,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/04/20 15:03:37 | 000,882,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/04/20 15:03:36 | 001,714,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/04/20 15:03:36 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/04/20 15:03:36 | 000,980,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2016/04/20 15:03:36 | 000,819,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2016/04/20 15:03:34 | 001,017,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2016/04/20 15:03:34 | 000,895,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2016/04/20 15:03:34 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2016/04/20 15:03:34 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/04/20 15:03:30 | 007,199,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/04/20 15:03:30 | 003,078,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2016/04/20 15:03:29 | 001,139,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/04/20 15:03:29 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016/04/20 15:03:29 | 000,948,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2016/04/20 15:03:29 | 000,859,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016/04/20 15:03:28 | 001,444,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/04/20 15:03:27 | 002,722,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2016/04/20 15:03:27 | 001,613,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2016/04/20 15:03:27 | 000,713,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2016/04/20 15:03:26 | 001,997,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2016/04/20 15:03:26 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2016/04/20 15:03:26 | 000,965,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/04/20 15:03:26 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2016/04/20 15:03:26 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/04/20 15:03:25 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/04/20 15:03:25 | 001,152,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2016/04/20 15:03:25 | 001,118,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2016/04/20 15:03:25 | 001,105,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2016/04/20 15:03:25 | 000,990,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2016/04/20 15:03:24 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/04/20 15:03:24 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/04/20 15:03:24 | 000,649,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016/04/20 15:03:23 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2016/04/20 15:03:23 | 000,808,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2016/04/20 15:03:23 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/04/20 15:03:23 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2016/04/20 15:03:23 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngckeyenum.dll
[2016/04/20 15:03:22 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContactApis.dll
[2016/04/20 15:03:21 | 001,390,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/04/20 15:03:21 | 001,322,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016/04/20 15:03:21 | 001,224,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2016/04/20 15:03:21 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2016/04/20 15:03:20 | 001,832,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2016/04/20 15:03:20 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2016/04/20 15:03:20 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/04/20 15:03:20 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/04/20 15:03:19 | 000,958,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemoteNaturalLanguage.dll
[2016/04/20 15:03:19 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2016/04/20 15:03:18 | 003,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/04/20 15:03:18 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContactApis.dll
[2016/04/20 15:03:18 | 000,754,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2016/04/20 15:03:18 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2016/04/20 15:03:17 | 001,497,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2016/04/20 15:03:17 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2016/04/20 15:03:17 | 000,652,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2016/04/20 15:03:16 | 000,670,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2016/04/20 15:03:16 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2016/04/20 15:03:16 | 000,606,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2016/04/20 15:03:16 | 000,498,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2016/04/20 15:03:15 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppointmentApis.dll
[2016/04/20 15:03:15 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultsvc.dll
[2016/04/20 15:03:14 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/04/20 15:03:14 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SMSRouter.dll
[2016/04/20 15:03:13 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2016/04/20 15:03:13 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentApis.dll
[2016/04/20 15:03:13 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2016/04/20 15:03:12 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2016/04/20 15:03:12 | 000,630,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/04/20 15:03:12 | 000,572,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2016/04/20 15:03:12 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2016/04/20 15:03:12 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/04/20 15:03:12 | 000,376,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MediaControl.dll
[2016/04/20 15:03:11 | 002,798,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/04/20 15:03:11 | 000,625,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2016/04/20 15:03:11 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll
[2016/04/20 15:03:11 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/04/20 15:03:10 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2016/04/20 15:03:10 | 000,794,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2016/04/20 15:03:10 | 000,696,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/04/20 15:03:10 | 000,450,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2016/04/20 15:03:09 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/04/20 15:03:09 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/04/20 15:03:09 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2016/04/20 15:03:08 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2016/04/20 15:03:08 | 000,791,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2016/04/20 15:03:08 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016/04/20 15:03:08 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2016/04/20 15:03:08 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/04/20 15:03:08 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2016/04/20 15:03:07 | 001,072,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2016/04/20 15:03:07 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2016/04/20 15:03:07 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2016/04/20 15:03:07 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\QuickActionsDataModel.dll
[2016/04/20 15:03:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/04/20 15:03:06 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/04/20 15:03:06 | 000,640,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2016/04/20 15:03:06 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2016/04/20 15:03:06 | 000,287,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
[2016/04/20 15:03:05 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/04/20 15:03:05 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2016/04/20 15:03:05 | 000,538,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2016/04/20 15:03:05 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AccountsRt.dll
[2016/04/20 15:03:05 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/04/20 15:03:05 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/04/20 15:03:04 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/04/20 15:03:04 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/04/20 15:03:04 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2016/04/20 15:03:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2016/04/20 15:03:03 | 000,821,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2016/04/20 15:03:03 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AccountsRt.dll
[2016/04/20 15:03:03 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2016/04/20 15:03:03 | 000,300,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2016/04/20 15:03:03 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/04/20 15:03:02 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RemoteNaturalLanguage.dll
[2016/04/20 15:03:02 | 000,541,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/04/20 15:03:02 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2016/04/20 15:03:01 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/04/20 15:03:01 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2016/04/20 15:03:01 | 000,253,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2016/04/20 15:03:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/04/20 15:03:00 | 001,052,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2016/04/20 15:03:00 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2016/04/20 15:03:00 | 000,420,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2016/04/20 15:03:00 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016/04/20 15:03:00 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifiprofilessettinghandler.dll
[2016/04/20 15:03:00 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
[2016/04/20 15:02:59 | 001,410,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2016/04/20 15:02:59 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/04/20 15:02:59 | 000,493,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/04/20 15:02:59 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016/04/20 15:02:59 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/04/20 15:02:58 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016/04/20 15:02:57 | 000,730,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2016/04/20 15:02:56 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/04/20 15:02:56 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Cred.dll
[2016/04/20 15:02:56 | 000,502,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/04/20 15:02:54 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/04/20 15:02:53 | 001,317,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/04/20 15:02:53 | 001,239,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2016/04/20 15:02:53 | 000,476,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2016/04/20 15:02:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2016/04/20 15:02:52 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll
[2016/04/20 15:02:51 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2016/04/20 15:02:51 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2016/04/20 15:02:50 | 000,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2016/04/20 15:02:47 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2016/04/20 15:02:46 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2016/04/20 15:02:46 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2016/04/20 15:02:45 | 001,847,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2016/04/20 15:02:45 | 001,141,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/04/20 15:02:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2016/04/20 15:02:44 | 001,030,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016/04/20 15:02:44 | 000,365,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/04/20 15:02:44 | 000,187,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2016/04/20 15:02:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016/04/20 15:02:43 | 000,220,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqmapi.dll
[2016/04/20 15:02:43 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2016/04/20 15:02:42 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ChatApis.dll
[2016/04/20 15:02:42 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2016/04/20 15:02:42 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/04/20 15:02:42 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CallHistoryClient.dll
[2016/04/20 15:02:42 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2016/04/20 15:02:41 | 000,216,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2016/04/20 15:02:40 | 000,874,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016/04/20 15:02:40 | 000,779,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2016/04/20 15:02:40 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2016/04/20 15:02:40 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/04/20 15:02:39 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2016/04/20 15:02:39 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2016/04/20 15:02:39 | 000,296,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/04/20 15:02:39 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/04/20 15:02:38 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmailApis.dll
[2016/04/20 15:02:38 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChatApis.dll
[2016/04/20 15:02:37 | 000,915,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configurationclient.dll
[2016/04/20 15:02:37 | 000,686,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2016/04/20 15:02:37 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2016/04/20 15:02:37 | 000,258,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufx01000.sys
[2016/04/20 15:02:37 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/04/20 15:02:36 | 003,351,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016/04/20 15:02:35 | 001,117,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2016/04/20 15:02:35 | 000,881,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2016/04/20 15:02:35 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2016/04/20 15:02:35 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultcli.dll
[2016/04/20 15:02:35 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\flvprophandler.dll
[2016/04/20 15:02:34 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2016/04/20 15:02:34 | 000,303,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/04/20 15:02:33 | 000,378,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2016/04/20 15:02:33 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2016/04/20 15:02:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/04/20 15:02:32 | 000,682,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2016/04/20 15:02:32 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2016/04/20 15:02:32 | 000,261,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2016/04/20 15:02:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEDataLayerHelpers.dll
[2016/04/20 15:02:32 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2016/04/20 15:02:31 | 000,394,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016/04/20 15:02:31 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2016/04/20 15:02:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2016/04/20 15:02:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentActivation.dll
[2016/04/20 15:02:30 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msorcl32.dll
[2016/04/20 15:02:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanagerprecheck.dll
[2016/04/20 15:02:30 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/04/20 15:02:29 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VCardParser.dll
[2016/04/20 15:02:29 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/04/20 15:02:28 | 000,258,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqmapi.dll
[2016/04/20 15:02:27 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EmailApis.dll
[2016/04/20 15:02:27 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2016/04/20 15:02:27 | 000,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sharemediacpl.dll
[2016/04/20 15:02:25 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2016/04/20 15:02:25 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2016/04/20 15:02:25 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2016/04/20 15:02:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/04/20 15:02:24 | 000,989,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2016/04/20 15:02:24 | 000,334,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/04/20 15:02:24 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cemapi.dll
[2016/04/20 15:02:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveui.dll
[2016/04/20 15:02:23 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\accountaccessor.dll
[2016/04/20 15:02:23 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2016/04/20 15:02:23 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Devices.dll
[2016/04/20 15:02:22 | 000,374,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016/04/20 15:02:22 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2016/04/20 15:02:21 | 000,848,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2016/04/20 15:02:20 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2016/04/20 15:02:20 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cemapi.dll
[2016/04/20 15:02:20 | 000,100,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2016/04/20 15:02:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhoneCallHistoryApis.dll
[2016/04/20 15:02:19 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwbase.dll
[2016/04/20 15:02:18 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2016/04/20 15:02:18 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2016/04/20 15:02:17 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataAccountApis.dll
[2016/04/20 15:02:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseDesktopAppMgmtCSP.dll
[2016/04/20 15:02:15 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/04/20 15:02:15 | 000,110,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srvcli.dll
[2016/04/20 15:02:14 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2016/04/20 15:02:14 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/04/20 15:02:14 | 000,081,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netapi32.dll
[2016/04/20 15:02:12 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
[2016/04/20 15:02:11 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2016/04/20 15:02:11 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll
[2016/04/20 15:02:11 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2016/04/20 15:02:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2016/04/20 15:02:11 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Devices.dll
[2016/04/20 15:02:11 | 000,078,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wkscli.dll
[2016/04/20 15:02:10 | 000,277,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2016/04/20 15:02:09 | 000,770,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2016/04/20 15:02:09 | 000,389,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2016/04/20 15:02:09 | 000,141,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2016/04/20 15:02:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wkscli.dll
[2016/04/20 15:02:08 | 000,147,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2016/04/20 15:02:08 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppointmentActivation.dll
[2016/04/20 15:02:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2016/04/20 15:02:08 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/04/20 15:02:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provpackageapidll.dll
[2016/04/20 15:02:07 | 000,694,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2016/04/20 15:02:07 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2016/04/20 15:02:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2016/04/20 15:02:06 | 000,074,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2016/04/20 15:02:06 | 000,051,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2016/04/20 15:02:05 | 000,185,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2016/04/20 15:02:05 | 000,141,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2016/04/20 15:02:04 | 000,841,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2016/04/20 15:02:04 | 000,058,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2016/04/20 15:02:03 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016/04/20 15:02:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VCardParser.dll
[2016/04/20 15:02:02 | 000,534,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2016/04/20 15:02:02 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2016/04/20 15:02:02 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneCallHistoryApis.dll
[2016/04/20 15:02:01 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2016/04/20 15:02:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2016/04/20 15:02:01 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2016/04/20 15:02:01 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataPlatformHelperUtil.dll
[2016/04/20 15:02:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsdchngr.dll
[2016/04/20 15:02:00 | 000,638,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2016/04/20 15:02:00 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll
[2016/04/20 15:02:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\POSyncServices.dll
[2016/04/20 15:01:59 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2016/04/20 15:01:59 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2016/04/20 15:01:59 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiConfigSP.dll
[2016/04/20 15:01:54 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2016/04/20 15:01:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2016/04/20 15:01:53 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcsps.dll
[2016/04/20 15:01:53 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/04/20 15:01:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenanceClient.dll
[2016/04/20 15:01:52 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll
[2016/04/20 15:01:52 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2016/04/20 15:01:52 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataAccountApis.dll
[2016/04/20 15:01:52 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016/04/20 15:01:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsdchngr.dll
[2016/04/20 15:01:51 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll
[2016/04/20 15:01:51 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExSMime.dll
[2016/04/20 15:01:51 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
[2016/04/20 15:01:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2016/04/20 15:01:50 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2016/04/20 15:01:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuautoappupdate.dll
[2016/04/20 15:01:49 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scapi.dll
[2016/04/20 15:01:49 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2016/04/20 15:01:49 | 000,394,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2016/04/20 15:01:49 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016/04/20 15:01:49 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2016/04/20 15:01:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExtrasXmlParser.dll
[2016/04/20 15:01:48 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/04/20 15:01:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2016/04/20 15:01:47 | 004,774,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/04/20 15:01:47 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2016/04/20 15:01:47 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/04/20 15:01:47 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpninprc.dll
[2016/04/20 15:01:46 | 000,821,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2016/04/20 15:01:46 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwbase.dll
[2016/04/20 15:01:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2016/04/20 15:01:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2016/04/20 15:01:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\browcli.dll
[2016/04/20 15:01:45 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2016/04/20 15:01:45 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CallHistoryClient.dll
[2016/04/20 15:01:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2016/04/20 15:01:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\POSyncServices.dll
[2016/04/20 15:01:45 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browcli.dll
[2016/04/20 15:01:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManagerShellext.exe
[2016/04/20 15:01:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2016/04/20 15:01:44 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2016/04/20 15:01:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2016/04/20 15:01:44 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataLanguageUtil.dll
[2016/04/20 15:01:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2016/04/20 15:01:43 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2016/04/20 15:01:43 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2016/04/20 15:01:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2016/04/20 15:01:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PimIndexMaintenanceClient.dll
[2016/04/20 15:01:43 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTypeHelperUtil.dll
[2016/04/20 15:01:43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExtrasXmlParser.dll
[2016/04/20 15:01:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataPlatformHelperUtil.dll
[2016/04/20 15:01:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2016/04/20 15:01:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2016/04/20 15:01:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2016/04/20 15:01:39 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataLanguageUtil.dll
[2016/04/20 15:01:38 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2016/04/20 15:01:38 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTypeHelperUtil.dll
[2016/04/20 15:01:37 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2016/04/20 15:01:37 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.DeviceEncryptionHandlers.dll
[2016/04/20 15:01:37 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2016/04/20 15:01:36 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2016/04/20 15:01:36 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FontProvider.dll
[2016/04/20 15:01:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/04/20 15:01:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2016/04/20 15:01:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2016/04/20 15:01:36 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2016/04/20 15:01:35 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srpapi.dll
[2016/04/20 15:01:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2016/04/20 15:01:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/04/20 15:01:34 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2016/04/20 15:01:34 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerClient.dll
[2016/04/20 15:01:34 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2016/04/20 15:01:33 | 007,979,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/04/20 15:01:33 | 006,297,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/04/20 15:01:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016/04/20 15:01:32 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mtxoci.dll
[2016/04/20 15:01:32 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/04/20 15:01:32 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/04/20 15:01:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TimeBrokerClient.dll
[2016/04/20 15:01:31 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/04/20 15:01:31 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/04/20 15:01:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2016/04/20 15:01:31 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxoci.dll
[2016/04/20 15:01:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2016/04/20 15:01:31 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2016/04/20 15:01:31 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2016/04/20 15:01:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2016/04/20 15:01:30 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/04/20 15:01:30 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/04/20 15:01:30 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2016/04/20 15:01:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacchooks.dll
[2016/04/20 15:01:29 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/04/20 15:01:29 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/04/20 15:01:29 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/04/20 15:01:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2016/04/20 15:01:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\oleacchooks.dll
[2016/04/20 15:01:27 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/04/20 15:01:27 | 000,045,568 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/04/20 15:01:27 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/04/20 14:20:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2016/04/20 14:17:38 | 000,000,000 | ---D | C] -- C:\Windows.old
[2016/04/20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2016/04/20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2016/04/20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2016/04/20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2016/04/20 14:14:28 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2016/04/20 14:14:28 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2016/04/20 14:14:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2016/04/20 14:14:19 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2016/04/20 14:14:19 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2016/04/20 14:14:19 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2016/04/20 14:14:00 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2016/04/20 14:14:00 | 000,304,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2016/04/20 13:53:43 | 000,000,000 | R--D | C] -- C:\Users\amebi\3D Objects
[2016/04/20 12:19:28 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016/04/20 12:17:20 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\ActiveSync
[2016/04/20 11:57:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2016/04/20 10:46:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2016/04/20 10:46:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2016/04/20 10:46:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2016/04/20 10:46:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2016/04/20 10:46:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2016/04/20 10:27:46 | 000,000,000 | --SD | C] -- C:\Users\amebi\AppData\Roaming\Microsoft
[2016/04/20 10:27:46 | 000,000,000 | R-SD | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2016/04/20 10:27:46 | 000,000,000 | R--D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/04/20 10:27:46 | 000,000,000 | R--D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/04/20 10:27:46 | 000,000,000 | R--D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\AppData\Local\Temporary Internet Files
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Templates
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Start Menu
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\SendTo
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Recent
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\PrintHood
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\NetHood
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Documents\My Videos
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Documents\My Pictures
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Documents\My Music
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\My Documents
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Local Settings
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\AppData\Local\History
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Cookies
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\Application Data
[2016/04/20 10:27:46 | 000,000,000 | -HSD | C] -- C:\Users\amebi\AppData\Local\Application Data
[2016/04/20 10:27:46 | 000,000,000 | -H-D | C] -- C:\Users\amebi\AppData
[2016/04/20 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Temp
[2016/04/20 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Microsoft
[2016/04/20 10:27:46 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/04/20 10:24:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2016/04/20 10:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2016/04/20 10:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2016/04/20 10:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2016/04/20 10:22:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2016/04/20 00:43:34 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\uTorrent
[2016/04/19 23:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirusTotalUploader2
[2016/04/19 23:10:10 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
[2016/04/19 17:48:49 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\ATI
[2016/04/18 22:19:10 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\proc
[2016/04/18 15:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
[2016/04/18 15:18:30 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\WildTangent
[2016/04/18 14:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Bow Update 5
[2016/04/18 00:00:55 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\DoK Manual
[2016/04/17 23:51:07 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\.mono
[2016/04/17 22:57:54 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Fran_Bow
[2016/04/17 05:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Waves
[2016/04/17 02:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stasis [GOG.com]
[2016/04/17 02:10:15 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\The Brotherhood
[2016/04/17 01:59:59 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\SmartSteamEmu
[2016/04/17 01:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2016/04/17 01:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2016/04/17 01:56:47 | 000,466,520 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2016/04/17 01:56:47 | 000,445,016 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2016/04/17 01:56:47 | 000,123,480 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2016/04/17 01:56:47 | 000,109,144 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2016/04/17 01:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2016/04/17 01:56:27 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_40.dll
[2016/04/17 01:56:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2016/04/17 01:56:27 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_40.dll
[2016/04/17 01:56:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2016/04/17 01:56:25 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_40.dll
[2016/04/17 01:56:25 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2016/04/17 01:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starpoint Gemini 2 - Repack by AlexALSP
[2016/04/16 19:12:52 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\AMD
[2016/04/16 19:12:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
[2016/04/16 19:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2016/04/16 17:18:49 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\DyingLight
[2016/04/16 03:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2016/04/16 03:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light
[2016/04/15 16:14:45 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\CrashDumps
[2016/04/15 16:14:29 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\PCSX2
[2016/04/15 16:11:31 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\AVG SafeGuard toolbar
[2016/04/15 16:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2016/04/15 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2016/04/15 16:10:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2016/04/15 16:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2016/04/15 16:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2016/04/15 16:10:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2016/04/15 01:20:25 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\Soulseek Chat Logs
[2016/04/14 23:28:41 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\deluge
[2016/04/14 23:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
[2016/04/14 23:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge
[2016/04/14 21:05:43 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
[2016/04/14 21:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2016/04/14 21:02:12 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\GlassWire
[2016/04/14 21:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\GlassWire
[2016/04/14 18:47:32 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\PlaysTV
[2016/04/14 18:43:55 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\library_dir
[2016/04/14 18:43:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr Inc
[2016/04/14 18:40:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2016/04/14 18:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
[2016/04/14 15:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2016/04/14 14:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
[2016/04/14 01:05:52 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Fran Bow
[2016/04/14 00:39:26 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth 1.0
[2016/04/14 00:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Long Dark [GOG.com]
[2016/04/14 00:07:32 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Foxit Software
[2016/04/14 00:07:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Foxit ContentPlatform
[2016/04/14 00:07:13 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Foxit AgentInformation
[2016/04/14 00:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2016/04/14 00:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2016/04/13 23:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crusader Kings II
[2016/04/13 23:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2016/04/13 04:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2016/04/13 04:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoulseekNS
[2016/04/13 04:47:52 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS
[2016/04/13 00:49:26 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\PowerISO
[2016/04/13 00:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2016/04/13 00:40:01 | 000,127,760 | ---- | C] (Power Software Ltd) -- C:\WINDOWS\SysNative\drivers\scdemu.sys
[2016/04/13 00:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2016/04/12 15:42:02 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\Acrylic Wi-Fi Professional
[2016/04/12 06:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2016/04/12 06:27:33 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Roaming\vlc
[2016/04/12 05:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebel Galaxy [GOG.com]
[2016/04/12 04:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2016/04/12 02:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/04/12 00:31:02 | 000,000,000 | ---D | C] -- C:\Users\amebi\Documents\Zen Studios
[2016/04/12 00:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SkidRow
[2016/04/12 00:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
[2016/04/11 23:50:40 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\SKIDROW
[2016/04/11 22:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2016/04/11 16:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\REVOLT
[2016/04/11 16:03:31 | 000,000,000 | ---D | C] -- C:\Users\amebi\AppData\Local\Diagnostics
[2016/04/11 14:44:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prey
[2016/04/11 12:50:47 | 000,000,000 | ---D | C] -- C:\Users\amebi\Desktop\games
[9 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2016/05/09 22:54:01 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001UA.job
[2016/05/09 22:52:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/05/09 22:50:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\amebi\Desktop\OTL.exe
[2016/05/09 22:49:52 | 000,090,528 | ---- | M] () -- C:\Users\amebi\Desktop\09+DyFKT.htm
[2016/05/09 22:47:34 | 000,090,111 | ---- | M] () -- C:\Users\amebi\Desktop\N6pqmHjb.htm
[2016/05/09 22:40:05 | 000,879,220 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/05/09 22:40:05 | 000,744,578 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/05/09 22:40:05 | 000,139,168 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/05/09 22:39:18 | 000,000,164 | ---- | M] () -- C:\Users\amebi\AppData\Roaming\sp_data.sys
[2016/05/09 22:36:46 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/05/09 22:35:23 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/05/09 22:33:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/05/09 22:33:18 | 663,182,187 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2016/05/09 22:33:17 | 2984,042,496 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/09 22:10:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/05/09 20:30:06 | 000,000,901 | ---- | M] () -- C:\Users\amebi\Desktop\Start Tor Browser.lnk
[2016/05/09 18:54:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001Core.job
[2016/05/09 17:33:06 | 000,000,940 | ---- | M] () -- C:\Users\amebi\Desktop\LaunchBox.lnk
[2016/05/09 17:33:06 | 000,000,923 | ---- | M] () -- C:\Users\amebi\Desktop\Big Box.lnk
[2016/05/09 17:13:06 | 000,465,792 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2016/05/09 17:13:06 | 000,398,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2016/05/09 17:13:06 | 000,287,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2016/05/09 17:13:06 | 000,166,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2016/05/09 17:13:06 | 000,107,792 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2016/05/09 17:13:06 | 000,074,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2016/05/09 17:13:06 | 000,037,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2016/05/09 17:13:05 | 000,103,064 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2016/05/09 17:12:58 | 000,052,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/05/09 17:12:45 | 001,070,904 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2016/05/09 17:12:45 | 000,037,144 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2016/05/08 02:23:16 | 000,349,952 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/05/07 23:52:10 | 000,000,000 | ---- | M] () -- C:\end
[2016/05/07 18:29:03 | 000,001,453 | ---- | M] () -- C:\Users\amebi\Desktop\Xbox 360 Wireless Controller - Shortcut.lnk
[2016/05/07 17:46:47 | 000,001,897 | ---- | M] () -- C:\Users\amebi\Desktop\Google Chrome.lnk
[2016/05/07 05:52:08 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2016/05/06 22:56:09 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/06 21:52:27 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/05/06 17:43:12 | 000,002,499 | ---- | M] () -- C:\Users\Public\Desktop\inSSIDer 4.lnk
[2016/05/05 21:16:04 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2016/05/04 02:10:48 | 000,002,388 | ---- | M] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/05/01 03:00:05 | 000,001,074 | ---- | M] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2016/05/01 03:00:05 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2016/04/26 01:47:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2016/04/25 15:25:53 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2016/04/23 21:54:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_xusb21_01001.Wdf
[2016/04/23 21:38:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2016/04/22 17:13:51 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2016/04/22 17:13:50 | 001,388,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msvbvm60.dll
[2016/04/22 17:13:50 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comdlg32.ocx
[2016/04/22 17:13:50 | 000,151,622 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\modcas.dll
[2016/04/22 17:13:50 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\odestkit.dll
[2016/04/22 17:13:49 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ODEUNST.EXE
[2016/04/22 13:10:03 | 000,001,779 | ---- | M] () -- C:\Users\amebi\Desktop\PeerBlock.lnk
[2016/04/20 14:14:00 | 001,087,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2016/04/20 14:14:00 | 000,304,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2016/04/20 10:45:58 | 000,027,078 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/04/20 10:45:58 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/04/20 10:40:25 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/04/20 10:24:19 | 000,006,786 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\rtwavesEFX.dat
[2016/04/20 10:24:19 | 000,002,626 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\rtwavesMFX.dat
[2016/04/20 10:24:16 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2016/04/20 10:24:15 | 000,319,042 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2016/04/20 10:23:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2016/04/19 23:24:52 | 000,002,146 | ---- | M] () -- C:\Users\amebi\Desktop\VirusTotal Uploader 2.2.lnk
[2016/04/19 19:01:17 | 000,007,600 | ---- | M] () -- C:\Users\amebi\AppData\Local\Resmon.ResmonCfg
[2016/04/18 17:06:40 | 000,001,862 | ---- | M] () -- C:\Users\amebi\Desktop\WNetWatcher.exe - Shortcut.lnk
[2016/04/17 02:12:34 | 000,000,780 | ---- | M] () -- C:\Users\amebi\Desktop\downloads - Shortcut.lnk
[2016/04/17 01:56:47 | 000,466,520 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2016/04/17 01:56:47 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2016/04/17 01:56:47 | 000,123,480 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2016/04/17 01:56:47 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2016/04/16 21:45:56 | 000,001,487 | ---- | M] () -- C:\Users\amebi\Desktop\slsk.exe - Shortcut.lnk
[2016/04/16 03:17:24 | 000,001,038 | ---- | M] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016/04/16 03:17:24 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2016/04/16 03:16:28 | 000,000,697 | ---- | M] () -- C:\Users\amebi\AppData\Local\recently-used.xbel
[2016/04/14 00:07:06 | 000,001,450 | ---- | M] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2016/04/12 21:50:26 | 000,016,148 | ---- | M] () -- C:\WINDOWS\SysNative\DESKTOP-1BA9FC2_amebi_HistoryPrediction.bin
[9 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[6 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2016/05/09 22:49:52 | 000,090,528 | ---- | C] () -- C:\Users\amebi\Desktop\09+DyFKT.htm
[2016/05/09 22:47:34 | 000,090,111 | ---- | C] () -- C:\Users\amebi\Desktop\N6pqmHjb.htm
[2016/05/09 20:30:06 | 000,000,901 | ---- | C] () -- C:\Users\amebi\Desktop\Start Tor Browser.lnk
[2016/05/09 17:33:06 | 000,000,940 | ---- | C] () -- C:\Users\amebi\Desktop\LaunchBox.lnk
[2016/05/09 17:33:06 | 000,000,923 | ---- | C] () -- C:\Users\amebi\Desktop\Big Box.lnk
[2016/05/07 23:51:57 | 000,000,000 | ---- | C] () -- C:\end
[2016/05/07 18:29:03 | 000,001,453 | ---- | C] () -- C:\Users\amebi\Desktop\Xbox 360 Wireless Controller - Shortcut.lnk
[2016/05/07 17:46:47 | 000,001,897 | ---- | C] () -- C:\Users\amebi\Desktop\Google Chrome.lnk
[2016/05/06 21:52:27 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/05/06 17:43:12 | 000,002,499 | ---- | C] () -- C:\Users\Public\Desktop\inSSIDer 4.lnk
[2016/05/05 21:16:04 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2016/05/01 03:00:05 | 000,001,074 | ---- | C] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2016/05/01 03:00:05 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2016/04/26 01:47:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2016/04/25 15:25:53 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2016/04/23 21:54:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_xusb21_01001.Wdf
[2016/04/23 21:38:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2016/04/22 13:10:03 | 000,001,779 | ---- | C] () -- C:\Users\amebi\Desktop\PeerBlock.lnk
[2016/04/22 00:23:06 | 000,000,949 | ---- | C] () -- C:\Users\amebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
[2016/04/21 18:49:41 | 000,000,920 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001UA.job
[2016/04/21 18:49:41 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3133744223-911963526-3349633446-1001Core.job
[2016/04/20 15:03:51 | 002,656,952 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/04/20 15:03:47 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/04/20 15:01:27 | 000,235,008 | ---- | C] () -- C:\WINDOWS\SysNative\MTF.dll
[2016/04/20 15:01:26 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/04/20 14:20:50 | 000,037,616 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2016/04/20 14:20:50 | 000,037,616 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2016/04/20 10:40:25 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2016/04/20 10:32:53 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2016/04/20 10:27:46 | 000,000,352 | ---- | C] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/04/20 10:27:46 | 000,000,334 | ---- | C] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/04/20 10:24:19 | 000,006,786 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\rtwavesEFX.dat
[2016/04/20 10:24:19 | 000,002,626 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\rtwavesMFX.dat
[2016/04/20 10:24:16 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/04/20 10:24:15 | 000,319,042 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTWAVES40.dat
[2016/04/20 10:23:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2016/04/20 10:23:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2016/04/19 23:10:10 | 000,002,146 | ---- | C] () -- C:\Users\amebi\Desktop\VirusTotal Uploader 2.2.lnk
[2016/04/19 19:01:17 | 000,007,600 | ---- | C] () -- C:\Users\amebi\AppData\Local\Resmon.ResmonCfg
[2016/04/18 17:06:40 | 000,001,862 | ---- | C] () -- C:\Users\amebi\Desktop\WNetWatcher.exe - Shortcut.lnk
[2016/04/17 05:16:37 | 000,001,295 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
[2016/04/17 02:12:38 | 000,000,780 | ---- | C] () -- C:\Users\amebi\Desktop\downloads - Shortcut.lnk
[2016/04/16 21:45:56 | 000,001,487 | ---- | C] () -- C:\Users\amebi\Desktop\slsk.exe - Shortcut.lnk
[2016/04/16 03:17:24 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2016/04/16 03:16:28 | 000,000,697 | ---- | C] () -- C:\Users\amebi\AppData\Local\recently-used.xbel
[2016/04/14 18:40:48 | 000,126,232 | ---- | C] () -- C:\WINDOWS\SysNative\vulkan-1.dll
[2016/04/14 18:40:48 | 000,125,720 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016/04/14 18:40:48 | 000,045,848 | ---- | C] () -- C:\WINDOWS\SysNative\vulkaninfo.exe
[2016/04/14 18:40:48 | 000,042,264 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016/04/14 00:07:06 | 000,001,450 | ---- | C] () -- C:\Users\amebi\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2016/04/12 21:50:26 | 000,016,148 | ---- | C] () -- C:\WINDOWS\SysNative\DESKTOP-1BA9FC2_amebi_HistoryPrediction.bin
[2016/04/10 17:39:49 | 663,182,187 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2016/04/08 14:53:08 | 000,000,164 | ---- | C] () -- C:\Users\amebi\AppData\Roaming\sp_data.sys
[2016/04/06 10:12:20 | 000,137,728 | ---- | C] () -- C:\WINDOWS\f2f03b90d5a915bd636001b8ba678df2.exe
[2016/04/03 22:48:24 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2016/04/03 21:57:24 | 000,186,368 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll
[2016/04/03 21:57:18 | 000,145,408 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe
[2016/04/03 21:57:10 | 000,189,952 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
[2016/04/03 21:49:20 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2016/04/03 21:49:20 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2016/04/03 21:28:42 | 000,174,592 | ---- | C] () -- C:\WINDOWS\SysWow64\hsa-thunk.dll
[2016/02/15 19:27:00 | 000,125,720 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-3-1.dll
[2016/02/15 19:25:40 | 000,042,264 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-3-1.exe
[2016/02/13 09:12:27 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015/10/30 03:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 03:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 03:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 03:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 03:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 03:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 03:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 03:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 03:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 03:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 03:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 03:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 03:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 03:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
 
========== ZeroAccess Check ==========
 
[2016/05/02 22:27:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/02/24 04:46:25 | 006,607,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/02/24 04:06:39 | 005,242,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 03:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 03:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 03:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2016/04/17 23:51:07 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\.mono
[2016/04/18 15:25:16 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Acrylic Wi-Fi Professional
[2016/04/08 21:52:35 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\AVAST Software
[2016/04/08 15:02:06 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\awsRun
[2016/04/09 00:53:59 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\DAEMON Tools Ultra
[2016/04/16 01:56:40 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\deluge
[2016/04/18 15:24:28 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\DropboxOEM
[2016/04/14 00:07:13 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Foxit AgentInformation
[2016/05/05 21:12:51 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Foxit Software
[2016/04/14 01:05:52 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Fran Bow
[2016/04/17 22:57:54 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Fran_Bow
[2016/04/08 21:40:21 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Highresolution Enterprises
[2016/04/14 18:43:55 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\library_dir
[2016/04/25 15:55:12 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Notepad++
[2016/04/17 01:42:52 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\PlaysTV
[2016/04/13 00:49:26 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\PowerISO
[2016/04/09 00:50:49 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\RPEng
[2016/04/17 01:59:59 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\SmartSteamEmu
[2016/04/08 19:53:18 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\Steam
[2016/05/07 21:22:16 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\The Wolf Among Us
[2016/05/09 20:30:23 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\uTorrent
[2016/04/08 14:53:23 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\WebStorage
[2016/04/18 15:18:30 | 000,000,000 | ---D | M] -- C:\Users\amebi\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 

< End of report >
 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:12 PM

Posted 10 May 2016 - 07:24 AM

Run OTL.
Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL.
Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF

To do that:

Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.
Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:
 

:OTL

PRC - File not found --
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en)"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll File not found
[2016/04/17 15:20:24 | 000,006,424 | ---- | M] () (No name found) -- C:\Users\amebi\AppData\Roaming\mozilla\firefox\profiles\tyru0q6a.default\extensions\{f7898a19-9078-4699-b642-596049d244f6}.xpi
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.242_0\
CHR - Extension: No name found = C:\Users\amebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll (AVG Secure Search)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.


Click Run Fix.
Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
If requested to reboot, please do so. The log file will open after restart.
Enable back your security softwares as soon as you completed the OTL fix steps.
===

If you are still unable to run Malwarebyte download to completion remove the application using their uninstaller.

https://support.malwarebytes.org/customer/portal/articles/1835311-how-do-i-uninstall-malwarebytes-anti-malware-?b_id=6438

Then restart the computer normally and reinstall it.

How is it now?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:12 PM

Posted 16 May 2016 - 07:46 AM

Are you still with me?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users