Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

another Sd-Steam.info popup on startup ( redirected to zodiac-game.info )


  • This topic is locked This topic is locked
22 replies to this topic

#1 cyanogensid

cyanogensid

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 24 August 2016 - 07:53 AM

i know people this topic has been recently posted alot and i am having the same issue using windows 10 i am being redirected to zodiac game info on every boot cycle. I have used everything mbam ,adwcleaner, rogue killer everything ..saw through my reg files got a registry under my username "explorer.exe st-steam.info" deleted this still its coming back please help

Attached Files


Edited by cyanogensid, 24 August 2016 - 09:10 AM.


BC AdBot (Login to Remove)

 


#2 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 24 August 2016 - 12:34 PM

so i did run mbam again after restarting and it found the PUP.. restarted again... it worked.. no popup for now :)



#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 24 August 2016 - 04:02 PM

Hi cyanogensid :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Malwarebytes indeed updated their database today to include that hijacker in their detections. However, from what I've seen, they only detect the Run key it creates, and not the associated tasks. I would like to get a fresh set of FRST logs from you to see if the task that creates that key still exists, or if it was taken care of by Malwarebytes.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;
Can you also copy/paste for me the Malwarebytes log where it detected and deleted the key?

Since you already ran Malwarebytes, I would like to see your previous Scan log. Open Malwarebytes and go under the History tab. From there, click on Application logs in the left pane.
ySPxAut.png
Click on the most recent (usually at the top) Scan log to open it. From there, click on the Export button and select the first option, Copy to Clipboard
gK0lXt3.png
Paste the content of your clipboard in your next reply.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 03:14 AM

Hi Yoan,thanks for the quick response i ran mbam yesterday, it found a pup which i deleted.. i will give you the logs .. otherwise its been 12  hours or so and the pop up didnt come back..

here are the logs

these are the new logs after mbam removing the key

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by sidme (administrator) on SIDHAARTH (25-08-2016 13:38:03)
Running from C:\Users\sidme\Downloads
Loaded Profiles: sidme (Available Profiles: sidme)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => c:\windows\RTFTrack.exe [5062384 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\MountPoints2: D - "D:\setup.exe" 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bd3cdc31-2bb7-4789-9556-ef6c8999971f}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
CHR Profile: C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-23]
CHR Extension: (Google Docs) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Google Drive) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (TrafficLight) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-23]
CHR Extension: (Google Sheets) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-23]
CHR Extension: (Google Docs Offline) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-23]
CHR Extension: (AdBlock) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Google Maps) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-23]
CHR Extension: (Gmail) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-24] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-08-29] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-08-12] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-08-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-23] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 13:38 - 2016-08-25 13:38 - 00012761 _____ C:\Users\sidme\Downloads\FRST.txt
2016-08-25 13:37 - 2016-08-25 13:38 - 00000000 ____D C:\FRST
2016-08-25 13:35 - 2016-08-25 13:37 - 02396672 _____ (Farbar) C:\Users\sidme\Downloads\FRST64.exe
2016-08-24 22:26 - 2016-08-24 22:30 - 22851472 _____ (Malwarebytes ) C:\Users\sidme\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
2016-08-24 17:20 - 2016-08-24 17:20 - 08227032 _____ (Piriform Ltd) C:\Users\sidme\Downloads\ccsetup521.exe
2016-08-23 23:49 - 2016-08-24 22:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-23 23:41 - 2016-08-06 10:03 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-23 23:41 - 2016-08-06 10:01 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-23 23:41 - 2016-08-06 10:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 23:41 - 2016-08-06 09:59 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-23 23:41 - 2016-08-06 09:56 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:48 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-23 23:41 - 2016-08-06 09:47 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 23:41 - 2016-08-06 09:46 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 23:41 - 2016-08-06 09:39 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-23 23:41 - 2016-08-06 09:38 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 23:41 - 2016-08-06 09:33 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-23 23:41 - 2016-08-06 09:33 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-23 23:41 - 2016-08-06 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-23 23:41 - 2016-08-06 09:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-23 23:41 - 2016-08-06 09:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-23 23:41 - 2016-08-06 09:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-23 23:41 - 2016-08-06 09:09 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-23 23:41 - 2016-08-06 09:08 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-23 23:41 - 2016-08-06 09:07 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:41 - 2016-08-06 09:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-23 23:41 - 2016-08-06 09:00 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-23 23:41 - 2016-08-06 08:49 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-23 23:41 - 2016-08-05 14:44 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:42 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 23:41 - 2016-08-05 14:40 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:35 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-23 23:41 - 2016-08-05 13:58 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-23 23:41 - 2016-08-05 13:52 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-23 23:41 - 2016-08-05 13:50 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-23 23:41 - 2016-08-05 13:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-23 23:40 - 2016-08-06 10:02 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 23:40 - 2016-08-06 10:02 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 23:40 - 2016-08-06 10:01 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-23 23:40 - 2016-08-06 10:00 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-23 23:40 - 2016-08-06 10:00 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 23:40 - 2016-08-06 10:00 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 23:40 - 2016-08-06 09:59 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-23 23:40 - 2016-08-06 09:56 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-23 23:40 - 2016-08-06 09:54 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 23:40 - 2016-08-06 09:53 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-23 23:40 - 2016-08-06 09:48 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 23:40 - 2016-08-06 09:47 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-23 23:40 - 2016-08-06 09:46 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-23 23:40 - 2016-08-06 09:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:43 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:38 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-23 23:40 - 2016-08-06 09:34 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:32 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:20 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:19 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-23 23:40 - 2016-08-06 09:17 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-23 23:40 - 2016-08-06 09:15 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:15 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:14 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-23 23:40 - 2016-08-06 09:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-23 23:40 - 2016-08-06 09:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-23 23:40 - 2016-08-06 09:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-23 23:40 - 2016-08-06 09:11 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-23 23:40 - 2016-08-06 09:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:02 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-23 23:40 - 2016-08-06 08:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:54 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:53 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-23 23:40 - 2016-08-06 08:53 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-23 23:40 - 2016-08-06 08:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-23 23:40 - 2016-08-05 13:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-23 23:40 - 2016-08-05 13:50 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-23 23:40 - 2016-08-05 13:48 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-23 23:24 - 2016-08-23 23:24 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-08-23 23:23 - 2016-08-23 23:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-23 18:47 - 2016-08-23 18:47 - 00000000 ____D C:\Users\sidme\AppData\Roaming\NVIDIA
2016-08-23 18:06 - 2016-08-23 18:27 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-23 18:06 - 2016-08-23 18:27 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-23 18:06 - 2016-08-23 18:11 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-23 18:06 - 2016-08-23 18:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-23 18:06 - 2016-08-23 18:06 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-23 18:06 - 2016-08-23 18:06 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-23 18:05 - 2016-08-23 18:05 - 00987728 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup.exe
2016-08-23 17:47 - 2016-08-23 17:48 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA Corporation
2016-08-23 17:46 - 2016-08-23 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA
2016-08-23 17:46 - 2016-08-23 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-23 17:46 - 2016-06-15 01:31 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-08-23 17:45 - 2016-08-25 13:14 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-23 17:45 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-23 17:45 - 2016-08-23 17:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-23 17:45 - 2016-08-11 17:00 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-23 17:45 - 2016-05-04 07:53 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-23 17:45 - 2016-05-04 07:52 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-23 17:44 - 2016-08-23 23:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-23 17:44 - 2016-08-11 20:03 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 20:03 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-23 17:44 - 2016-08-11 17:57 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-23 17:44 - 2016-08-09 21:36 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-23 17:43 - 2016-08-11 20:03 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-23 17:43 - 2016-04-14 11:08 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-08-23 17:42 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-23 17:29 - 2016-08-23 17:29 - 01038335 _____ C:\Users\sidme\Downloads\[Guru3D.com]-DDU.zip
2016-08-23 17:02 - 2016-08-23 17:41 - 368051000 _____ (NVIDIA Corporation) C:\Users\sidme\Downloads\372.54-notebook-win10-64bit-international-whql.exe
2016-08-22 16:21 - 2016-08-22 16:21 - 02534057 _____ C:\Users\sidme\Downloads\SAVEGAME-100-Complete-ALL-UNLOCKED.zip
2016-08-21 20:59 - 2016-08-21 20:59 - 00000000 ____D C:\Users\sidme\Downloads\27 Ultra HD 4K Computer Desktop Wallpapers - Set 737 [ECLiPSE]
2016-08-20 02:42 - 2016-08-20 02:42 - 00000049 _____ C:\Users\sidme\Documents\important.txt
2016-08-20 02:13 - 2013-02-18 17:17 - 00042080 _____ C:\Users\sidme\detection.xml
2016-08-20 02:13 - 2013-01-09 15:54 - 00000000 ____D C:\Users\sidme\extern
2016-08-19 22:36 - 2016-08-19 22:36 - 00000222 _____ C:\Users\sidme\Desktop\Just Cause 3.url
2016-08-19 22:36 - 2016-08-19 22:36 - 00000221 _____ C:\Users\sidme\Desktop\Mafia II.url
2016-08-19 22:25 - 2016-08-25 00:43 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 22:25 - 2016-08-19 22:25 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-19 22:25 - 2016-08-19 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-19 21:00 - 2016-08-19 21:00 - 00001507 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2016-08-19 20:54 - 2016-08-19 20:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HelloGames
2016-08-19 18:08 - 2016-08-21 21:43 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\uTorrent
2016-08-18 16:40 - 2016-08-18 16:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-18 16:32 - 2016-08-18 16:32 - 00002367 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\onedrive.lnk
2016-08-18 16:28 - 2016-08-18 16:29 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-08-18 16:28 - 2016-08-18 16:28 - 00001106 _____ C:\Users\sidme\Desktop\HD Tune Pro.lnk
2016-08-18 16:28 - 2016-08-18 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-08-18 16:27 - 2016-08-18 16:27 - 00244808 _____ C:\ProgramData\1471517508.bdinstall.bin
2016-08-18 16:24 - 2016-08-18 16:24 - 00002249 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-08-18 16:24 - 2016-08-18 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-08-18 16:24 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-08-18 16:24 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-08-18 16:24 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2016-08-18 16:21 - 2016-08-18 16:24 - 00000000 ____D C:\Program Files\Bitdefender
2016-08-18 16:21 - 2016-08-18 16:22 - 01446792 _____ C:\Users\sidme\Downloads\SteamSetup.exe
2016-08-18 16:21 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-08-18 16:21 - 2013-04-22 12:21 - 00148696 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-08-18 16:20 - 2016-08-18 16:40 - 11438608 _____ (SurfRight B.V.) C:\Users\sidme\Downloads\hitmanpro_x64.exe
2016-08-18 16:20 - 2016-08-18 16:21 - 10606640 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition_x64.exe
2016-08-18 16:20 - 2016-08-18 16:20 - 00196944 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition.exe
2016-08-17 20:26 - 2016-08-17 20:27 - 00473291 _____ () C:\Users\sidme\Downloads\Everything-1.3.4.686.x86-Setup.exe
2016-08-17 20:17 - 2016-08-17 20:17 - 00094793 _____ C:\ProgramData\1471445199.bdinstall.bin
2016-08-17 20:16 - 2016-08-17 20:16 - 00037685 _____ C:\ProgramData\1471445195.bdinstall.bin
2016-08-17 20:13 - 2016-08-23 17:37 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-17 19:54 - 2016-08-17 19:54 - 00000000 ____D C:\Program Files\Reason
2016-08-17 19:53 - 2016-08-17 19:54 - 02873112 _____ (Reason Company Software Inc.) C:\Users\sidme\Downloads\herdProtectScan_Setup.exe
2016-08-17 19:44 - 2016-08-17 19:48 - 18309328 _____ (Microsoft Corporation) C:\Users\sidme\Downloads\MediaCreationTool.exe
2016-08-17 19:31 - 2016-08-17 19:31 - 00179189 _____ C:\ProgramData\1471442438.bdinstall.bin
2016-08-17 19:30 - 2016-08-17 19:30 - 00037669 _____ C:\ProgramData\1471442436.bdinstall.bin
2016-08-17 18:34 - 2016-08-02 14:14 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-17 18:34 - 2016-08-02 13:50 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-17 18:34 - 2016-08-02 13:25 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 18:34 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 18:30 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-17 18:29 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:29 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 18:27 - 2016-08-02 13:28 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 18:26 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 18:25 - 2016-08-02 10:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-17 18:25 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-17 18:25 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-17 18:25 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 18:25 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-17 18:24 - 2016-08-02 14:18 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-17 18:24 - 2016-08-02 13:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:24 - 2016-08-02 13:44 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 18:24 - 2016-08-02 13:41 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:40 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-17 18:24 - 2016-08-02 13:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 18:24 - 2016-08-02 13:29 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 18:24 - 2016-08-02 13:26 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-17 18:24 - 2016-08-02 13:26 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 18:24 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 21:01 - 2016-08-15 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-15 15:35 - 2016-08-15 15:35 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Doublefine
2016-08-13 03:16 - 2016-08-13 03:16 - 00000000 ____D C:\Users\sidme\AppData\Local\2K Games
2016-08-11 11:48 - 2016-08-20 02:40 - 00007609 _____ C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-11 11:43 - 2016-08-11 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-09 13:10 - 2016-08-09 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM
2016-08-08 22:38 - 2016-08-08 22:38 - 00000000 ____D C:\Users\sidme\AppData\Roaming\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:36 - 2016-08-08 22:38 - 00000000 ____D C:\Program Files\WinRAR
2016-08-07 08:14 - 2016-08-07 08:17 - 00000000 ____D C:\Users\sidme\AppData\Local\UnrealEngine
2016-08-07 08:14 - 2016-08-07 08:14 - 00000000 ____D C:\Users\sidme\AppData\Local\AbzuGame
2016-08-07 06:44 - 2016-08-07 06:44 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Playdead
2016-08-07 06:36 - 2016-08-19 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 06:35 - 2016-08-07 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSIDE
2016-08-06 18:22 - 2016-08-07 15:29 - 00000000 ____D C:\ProgramData\Logishrd
2016-08-05 21:34 - 2016-08-05 21:34 - 00000000 ____D C:\ProgramData\Orbit
2016-08-05 21:26 - 2016-08-05 21:26 - 00000871 _____ C:\Users\sidme\Desktop\Watch Dogs.lnk
2016-08-05 21:26 - 2016-08-05 21:26 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Watch Dogs
2016-08-05 18:49 - 2016-08-05 21:34 - 00000000 ____D C:\Users\sidme\Documents\My Games
2016-08-05 18:29 - 2016-08-19 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-04 23:31 - 2016-08-04 23:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Aspyr Media
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Bloober Team
2016-08-04 20:29 - 2016-08-18 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Layers of Fear Inheritance
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\Documents\Telltale Games
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Steam
2016-08-04 16:49 - 2016-08-18 11:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-04 16:46 - 2016-08-04 16:46 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-04 16:45 - 2016-08-04 16:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-04 16:45 - 2016-08-04 03:20 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\MSBuild
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-04 16:42 - 2016-05-26 04:01 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-04 16:42 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-04 13:06 - 2016-08-25 00:43 - 00000000 ____D C:\Users\sidme\Desktop\sid important dont delete
2016-08-04 12:55 - 2016-08-22 18:45 - 00000000 ____D C:\Users\sidme\Documents\Square Enix
2016-08-04 12:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-04 04:03 - 2016-08-04 04:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Macromedia
2016-08-04 04:00 - 2016-08-04 04:00 - 00001022 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2016-08-04 03:46 - 2016-08-04 03:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-04 03:43 - 2016-08-04 04:11 - 00000000 ____D C:\Users\sidme\AppData\Local\ConnectedDevicesPlatform
2016-08-04 03:43 - 2016-08-04 03:43 - 00000020 ___SH C:\Users\sidme\ntuser.ini
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 ____D C:\ProgramData\USOShared
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-04 03:35 - 2016-08-04 03:35 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-04 03:34 - 2016-08-25 13:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-04 03:34 - 2016-08-04 03:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-04 03:29 - 2016-08-04 03:29 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-04 03:27 - 2016-08-04 03:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-04 03:26 - 2016-08-20 02:16 - 00000000 ____D C:\Users\sidme
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\My Documents
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Videos
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Pictures
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Music
2016-08-04 03:23 - 2016-08-25 13:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000000 ____D C:\Program Files\Intel
2016-08-04 03:23 - 2016-07-16 17:11 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-04 03:22 - 2016-08-11 17:57 - 00148928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\Program Files\Realtek
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____D C:\Program Files\Synaptics
2016-08-04 03:20 - 2016-08-25 13:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-04 03:20 - 2016-08-17 19:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-04 02:28 - 2016-08-04 02:29 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-04 00:37 - 2016-08-04 00:37 - 00000000 ____D C:\Users\sidme\AppData\Local\ElevatedDiagnostics
2016-08-03 22:34 - 2016-08-04 03:41 - 00000000 ___HD C:\$GetCurrent
2016-08-02 08:46 - 2016-08-19 21:21 - 00000000 ____D C:\games
2016-08-01 19:35 - 2016-08-04 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2016-08-01 19:35 - 2016-08-01 19:35 - 00001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2016-08-01 19:33 - 2016-08-20 21:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-01 19:23 - 2016-08-22 00:07 - 00000000 ____D C:\Users\sidme\Desktop\sid new
2016-08-01 18:15 - 2016-08-01 18:15 - 00000000 ____D C:\ProgramData\GZ
2016-08-01 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-01 18:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-01 18:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-01 18:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-01 18:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-01 18:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-01 18:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-01 18:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-01 18:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-01 18:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-01 18:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-01 18:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-01 18:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-01 17:59 - 2016-08-24 20:06 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-01 17:59 - 2016-08-19 21:11 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-01 17:59 - 2016-08-04 03:30 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-01 17:58 - 2016-08-01 17:58 - 00002684 _____ C:\Users\sidme\Desktop\µTorrent.lnk
2016-08-01 17:57 - 2016-08-21 21:44 - 00000000 ____D C:\Users\sidme\AppData\Roaming\uTorrent
2016-08-01 17:51 - 2016-08-24 18:06 - 00000000 ____D C:\Fraps
2016-08-01 17:51 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-01 17:46 - 2016-08-04 23:31 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Apple Computer
2016-08-01 17:46 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-01 17:46 - 2016-08-01 17:46 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple Computer
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iPod
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-01 17:45 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iTunes
2016-08-01 17:45 - 2016-08-01 17:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-01 17:43 - 2016-08-01 17:43 - 00289697 _____ C:\ProgramData\1470053216.bdinstall.bin
2016-08-01 17:42 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-08-01 17:36 - 2016-08-18 16:22 - 00000000 ____D C:\Users\sidme\AppData\Roaming\QuickScan
2016-08-01 17:34 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-08-01 17:34 - 2016-08-01 17:34 - 00000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-08-01 17:34 - 2016-08-01 17:34 - 00000000 ____D C:\Program Files\PowerISO
2016-08-01 17:34 - 2016-05-25 04:36 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-08-01 17:32 - 2016-08-25 13:30 - 00000000 ____D C:\Users\sidme\AppData\Roaming\vlc
2016-08-01 17:31 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-01 17:31 - 2016-08-01 17:31 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-01 17:31 - 2016-08-01 17:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-01 17:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-08-01 17:11 - 2016-08-09 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\Steam
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\CEF
2016-08-01 16:38 - 2016-08-23 18:06 - 00000000 ____D C:\Users\sidme\AppData\Local\Google
2016-08-01 16:38 - 2016-08-23 18:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-31 13:49 - 2016-07-28 00:55 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-31 13:46 - 2016-08-17 18:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-31 13:46 - 2016-08-17 18:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-31 12:57 - 2016-07-01 09:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-31 12:56 - 2016-07-01 09:10 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-31 04:35 - 2016-08-25 00:43 - 00000000 ____D C:\Users\sidme\Desktop\OpenHardwareMonitor
2016-07-31 04:35 - 2016-08-18 05:12 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Hard Disk Sentinel
2016-07-31 04:34 - 2016-07-31 04:34 - 00000000 ____D C:\Program Files (x86)\Western Digital Corporation
2016-07-31 03:43 - 2016-07-31 03:43 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-31 03:42 - 2016-08-25 13:14 - 00000000 __SHD C:\Users\sidme\IntelGraphicsProfiles
2016-07-31 03:42 - 2016-07-31 03:42 - 00000000 ____D C:\Intel
2016-07-31 01:40 - 2016-07-31 01:40 - 00000000 ____D C:\Users\sidme\AppData\Local\NetworkTiles
2016-07-31 01:39 - 2016-07-31 01:39 - 00001051 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-07-31 01:32 - 2015-08-29 07:01 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-07-31 01:32 - 2015-08-29 07:01 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2016-07-31 01:27 - 2016-07-31 01:27 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HD Tune Pro
2016-07-31 01:26 - 2016-08-20 02:53 - 00000000 ___RD C:\Users\sidme\OneDrive
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\MicrosoftEdge
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\Comms
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\ActiveSync
2016-07-31 01:24 - 2016-07-31 01:24 - 00000000 ____D C:\Users\sidme\AppData\Local\Publishers
2016-07-31 01:23 - 2016-08-04 23:34 - 00000000 ____D C:\Users\sidme\AppData\Local\VirtualStore
2016-07-31 01:23 - 2016-08-04 04:39 - 00000000 ____D C:\Users\sidme\AppData\Local\Packages
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Adobe
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Local\TileDataLayer
2016-07-31 01:11 - 2016-08-25 13:21 - 01379638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Documents and Settings
2016-07-31 01:04 - 2016-07-31 01:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 13:23 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 13:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 00:43 - 2016-07-16 11:34 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-24 19:53 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\rescache
2016-08-24 17:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 23:49 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\INF
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-23 23:42 - 2016-07-16 17:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 17:44 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\Help
2016-08-18 16:19 - 2016-07-16 11:34 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-18 05:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-18 05:06 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\registration
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-12 01:54 - 2015-10-30 11:58 - 00000000 ____D C:\Users\Default.migrated
2016-08-05 03:52 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 16:49 - 2016-07-16 17:19 - 00000000 ____D C:\WINDOWS\Setup
2016-08-04 16:49 - 2016-07-16 17:17 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-04 16:45 - 2016-07-16 19:41 - 00000000 ____D C:\WINDOWS\OCR
2016-08-04 03:43 - 2016-04-27 11:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-04 03:39 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-04 03:37 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-04 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-04 03:34 - 2016-07-16 17:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-04 03:29 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\MiracastView
 
==================== Files in the root of some directories =======
 
2016-08-11 11:48 - 2016-08-20 02:40 - 0007609 _____ () C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-01 17:43 - 2016-08-01 17:43 - 0289697 _____ () C:\ProgramData\1470053216.bdinstall.bin
2016-08-17 19:30 - 2016-08-17 19:30 - 0037669 _____ () C:\ProgramData\1471442436.bdinstall.bin
2016-08-17 19:31 - 2016-08-17 19:31 - 0179189 _____ () C:\ProgramData\1471442438.bdinstall.bin
2016-08-17 20:16 - 2016-08-17 20:16 - 0037685 _____ () C:\ProgramData\1471445195.bdinstall.bin
2016-08-17 20:17 - 2016-08-17 20:17 - 0094793 _____ () C:\ProgramData\1471445199.bdinstall.bin
2016-08-18 16:27 - 2016-08-18 16:27 - 0244808 _____ () C:\ProgramData\1471517508.bdinstall.bin
2016-08-04 03:22 - 2016-08-04 03:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-23 23:33
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by sidme (25-08-2016 13:38:56)
Running from C:\Users\sidme\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-08-03 22:12:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3198014182-4150849369-2890672605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198014182-4150849369-2890672605-503 - Limited - Disabled)
Guest (S-1-5-21-3198014182-4150849369-2890672605-501 - Limited - Disabled)
sidme (S-1-5-21-3198014182-4150849369-2890672605-1001 - Administrator - Enabled) => C:\Users\sidme
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
NVIDIA 3D Vision Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.0 (HKLM-x32\...\RTSS) (Version: 6.4.0 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3198014182-4150849369-2890672605-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {155142D0-7A0C-491B-B90A-E54774F79B99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {4AFA9EC1-2875-4517-9CB1-EFD021AD13CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {99E8996A-01BC-42A1-8842-EFEB29088849} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-18 16:24 - 2013-03-19 11:07 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-08-18 16:24 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 03:46 - 2016-08-04 03:46 - 00959168 _____ () C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-17 17:25 - 2016-08-17 17:31 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-17 17:25 - 2016-08-17 17:31 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 17:25 - 2016-08-17 17:36 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-23 18:06 - 2016-08-03 05:11 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-23 18:06 - 2016-08-03 05:10 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 12:54 - 2015-10-30 12:51 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sidme\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{add7acab-a217-46ef-9212-3889f05b2424}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F6E5B6F5-D321-46F2-A526-71166051782E}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8497053E-1CA4-4782-8A05-E07C08B95D44}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC134425-8511-473B-AE6E-7E91A066A397}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{86D87ACF-FEAF-479D-93F3-CF49C4B3B4F1}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3AB3919-8015-4C48-9EF5-FE2ED1B7CE06}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F926D1B4-107C-4AAD-ACA6-112F86D75CE3}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E3E9DA49-3E6E-4F0D-8638-111835196C06}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDF5C1E6-B1CE-4BC6-8090-90EDF866C5D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F50D480E-C6BF-491D-A56F-904D4AB74B4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5362FE75-3AAA-496C-B932-8C0DDBBE6768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB2F272-7B2C-4A39-90B5-A989C8980F70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{268266DA-E254-4148-89D0-6A13C29CF6DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F44F7FFF-3E2E-4E8A-A83C-B323C50FC8B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D0C9D04-B298-41AE-BF92-9F58A4423822}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F6662A4-D32D-4C4E-9942-2BCA382C5700}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{775A0274-61DA-4BE6-BFEA-5F10FFC035B8}] => (Block) %ProgramFiles% (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{C88B7450-E939-40F9-9C36-6C31612D1FF5}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{B47856C7-F43D-407B-BEB2-E33BE2CBA580}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{DBC591EA-BAA1-466D-BC42-7A522E999ABC}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FD628FD-A29D-45EA-A6B9-7B9066CD63E7}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{971E087A-8A4A-48BE-A8AC-E741C3B38186}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{A693DAEA-C358-491D-A908-0A3E5EC87506}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{1754437C-5137-421F-B6F8-822B32BD7DE9}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1F062F8-3A46-432F-9074-76AEB9B7C088}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{2942D6F7-59D4-4917-8203-0745C311C0FD}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{BC391DB5-B86A-4421-8F06-2246D34A7D94}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{FC0D6ECC-6FC9-4D27-80D4-16E359598F9C}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{778E4D7C-D2A2-4599-BE90-B82968E8A415}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{BAFABA28-BA61-4AE6-B133-0EDAA70C88AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DBC47C4D-BF3C-4D7D-BCC6-CD44AAE810BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{4755D5CA-A5F8-4582-A48F-5DBBBC937472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{9F129520-7606-49EC-B6F3-8BFF08A6A0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{E87D6997-8AC2-48C3-9B62-7CBA7BA9EA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96FA9D5D-6B70-4B6A-B8FF-27BC9354887B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA803A53-BF47-4C86-817E-FCDF6CD47169}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7015EAA8-7403-4F97-8126-B7DF6A6E915D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{53212954-50B8-45A5-A821-6E516937B5EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{40D3AFD2-9FC0-4AAB-89A7-261009EB0A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{192E4558-3BEB-4DB8-B1CE-4D077365461F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3A12576F-1577-449A-ABBD-E79BBE641A79}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
19-08-2016 13:03:04 Installed DirectX
22-08-2016 02:29:44 important
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/24/2016 12:17:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SIDHAARTH)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/23/2016 11:46:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0x90c
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: services (884) Database recovery/restore failed with unexpected error -551.
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 517) (User: )
Description: services (884) Database recovery failed with error -551 because it encountered references to a database, 'C:\WINDOWS\Security\Database\secedit.sdb', which does not match the current set of logs. The database engine will not permit recovery to complete for this instance until the mismatching database is re-instated. If the database is truly no longer available or no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" could not be reactivated in namespace "//./root" because of error 0x80041033. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider $Core attempted to register query "select * from __TimerEvent" whose target class "__TimerEvent" in //./root/subscription namespace does not exist. The query will be ignored.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider $Core attempted to register query "select * from __TimerEvent" whose target class "__TimerEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider $Core attempted to register query "select * from __TimerEvent" whose target class "__TimerEvent" in //./root namespace does not exist. The query will be ignored.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider $Core attempted to register query "select * from __SystemEvent" whose target class "__SystemEvent" in //./root/subscription namespace does not exist. The query will be ignored.
 
Error: (08/23/2016 05:39:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider $Core attempted to register query "select * from __SystemEvent" whose target class "__SystemEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored.
 
 
System errors:
=============
Error: (08/25/2016 01:23:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/25/2016 01:16:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 12:43:31 AM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/25/2016 12:43:31 AM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/25/2016 12:43:31 AM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/25/2016 12:35:08 AM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 12:33:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/24/2016 11:52:34 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/24/2016 11:50:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/24/2016 11:16:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
 
CodeIntegrity:
===================================
  Date: 2016-08-18 12:47:49.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-17 23:53:27.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16296.27 MB
Available physical RAM: 13199.92 MB
Total Virtual: 18728.27 MB
Available Virtual: 15566.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:697.65 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 24-08-2016
Scan Time: 22:38
Logfile: 
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.08.24.10
Rootkit Database: v2016.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: sidme
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291820
Time Elapsed: 6 min, 18 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
PUP.Optional.StartPage.USACVAR, HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sidme, explorer.exe http://sd-steam.info, Quarantined, [5d8d85c9920888aeee1828ae37cda45c]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#5 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 03:16 AM

so please tell me do i have to do something else or am i clean?


Edited by cyanogensid, 25 August 2016 - 03:17 AM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 25 August 2016 - 07:17 AM

Looks like Malwarebytes indeed deleted the hijacking Run key and the task, even though it doesn't show that it deleted the latter. Now there's only 2 hijacked settings to delete in Google Chrome, and we'll run JRT and Emsisoft Emergency Kit to look for remnants just in case.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Right-click on your Desktop, select New and click on Text Document. Name it fixlist (make sure it's a .txt file) and press on Enter;
  • Open the file you just created and copy/paste the content below in it, then save it (Ctrl + S);
    CloseProcesses:
    CreateRestorePoint:
    
    CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
    CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
    
    C:\ProgramData\1470053216.bdinstall.bin
    C:\ProgramData\1471442436.bdinstall.bin
    C:\ProgramData\1471442438.bdinstall.bin
    C:\ProgramData\1471445195.bdinstall.bin
    C:\ProgramData\1471445199.bdinstall.bin
    C:\ProgramData\1471517508.bdinstall.bin
    
    EmptyTemp:
    
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
iT103hr.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
G0tu5D9.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
    Egla2gt.png
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
    IgfWDr3.png
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;
And we'll finish by grabbing a fresh set of FRST logs to see if the FRST fix indeed went through.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;
How's your computer running now?

Your next reply(ies) should include:
  • Copy/pasted content of the FRST fixlog.txt;
  • Copy/pasted content of JRT.txt;
  • Copy/pasted content of Emsisoft Emergency Kit's clean log;
  • Copy/pasted content of FRST.txt;
  • Copy/pasted content of Addition.txt;
  • Answer to my question about your computer's current state;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 08:34 AM

Hi again Yoan, thanks for everything you have been very helpful.

my computer is running better now no sign of popups or any other weird things. So thnak you for this and here are all the logs:)

 

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by sidme (25-08-2016 18:20:13) Run:1
Running from C:\Users\sidme\Downloads
Loaded Profiles: sidme (Available Profiles: sidme)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
 
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
 
C:\ProgramData\1470053216.bdinstall.bin
C:\ProgramData\1471442436.bdinstall.bin
C:\ProgramData\1471442438.bdinstall.bin
C:\ProgramData\1471445195.bdinstall.bin
C:\ProgramData\1471445199.bdinstall.bin
C:\ProgramData\1471517508.bdinstall.bin
 
EmptyTemp:
*****************
 
Processes closed successfully.
Restore point was successfully created.
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
C:\ProgramData\1470053216.bdinstall.bin => moved successfully
C:\ProgramData\1471442436.bdinstall.bin => moved successfully
C:\ProgramData\1471442438.bdinstall.bin => moved successfully
C:\ProgramData\1471445195.bdinstall.bin => moved successfully
C:\ProgramData\1471445199.bdinstall.bin => moved successfully
C:\ProgramData\1471517508.bdinstall.bin => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27437621 B
Java, Flash, Steam htmlcache => 356161699 B
Windows/system/drivers => 18420 B
Edge => 1436015 B
Chrome => 413925952 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 98290 B
NetworkService => 3617534 B
sidme => 37944337 B
 
RecycleBin => 0 B
EmptyTemp: => 801.7 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 18:21:04 ====
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home Single Language x64 
Ran by sidme (Administrator) on 25-08-2016 at 18:28:15.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25-08-2016 at 18:30:26.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
Emsisoft Emergency Kit - Version 11.9
Last update: 25-08-2016 18:51:38
User account: SIDHAARTH\sidme
Computer name: SIDHAARTH
OS version: Windows 10x64 
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 25-08-2016 18:52:21
 
Scanned 74340
Found 0
 
Scan end: 25-08-2016 18:55:04
Scan time: 0:02:43
 
 
 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by sidme (administrator) on SIDHAARTH (25-08-2016 18:57:08)
Running from C:\Users\sidme\Downloads
Loaded Profiles: sidme (Available Profiles: sidme)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => c:\windows\RTFTrack.exe [5062384 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\MountPoints2: D - "D:\setup.exe" 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bd3cdc31-2bb7-4789-9556-ef6c8999971f}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
CHR Profile: C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-23]
CHR Extension: (Google Docs) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Google Drive) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (TrafficLight) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-23]
CHR Extension: (Google Sheets) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-23]
CHR Extension: (Google Docs Offline) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-23]
CHR Extension: (AdBlock) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Google Maps) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-08-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-23]
CHR Extension: (Gmail) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-08-29] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-08-12] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-08-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-23] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\sidme\Desktop\OpenHardwareMonitor\OpenHardwareMonitor.sys [14544 2016-08-25] (OpenLibSys.org)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 18:56 - 2016-08-25 18:56 - 00000976 _____ C:\Users\sidme\Desktop\scan_160825-185221.txt
2016-08-25 18:49 - 2016-08-25 18:56 - 00000000 ____D C:\EEK
2016-08-25 18:31 - 2016-08-25 18:48 - 248187304 _____ C:\Users\sidme\Downloads\EmsisoftEmergencyKit.exe
2016-08-25 18:30 - 2016-08-25 18:30 - 00000563 _____ C:\Users\sidme\Downloads\JRT.txt
2016-08-25 18:26 - 2016-08-25 18:27 - 01610560 _____ (Malwarebytes) C:\Users\sidme\Downloads\JRT.exe
2016-08-25 18:20 - 2016-08-25 18:21 - 00002218 _____ C:\Users\sidme\Downloads\Fixlog.txt
2016-08-25 13:42 - 2016-08-25 13:42 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-25 13:38 - 2016-08-25 18:57 - 00012442 _____ C:\Users\sidme\Downloads\FRST.txt
2016-08-25 13:38 - 2016-08-25 13:39 - 00026246 _____ C:\Users\sidme\Downloads\Addition.txt
2016-08-25 13:37 - 2016-08-25 18:57 - 00000000 ____D C:\FRST
2016-08-25 13:35 - 2016-08-25 13:37 - 02396672 _____ (Farbar) C:\Users\sidme\Downloads\FRST64.exe
2016-08-24 22:26 - 2016-08-24 22:30 - 22851472 _____ (Malwarebytes ) C:\Users\sidme\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
2016-08-24 17:20 - 2016-08-24 17:20 - 08227032 _____ (Piriform Ltd) C:\Users\sidme\Downloads\ccsetup521.exe
2016-08-23 23:49 - 2016-08-25 13:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-23 23:41 - 2016-08-06 10:03 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-23 23:41 - 2016-08-06 10:01 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-23 23:41 - 2016-08-06 10:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 23:41 - 2016-08-06 09:59 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-23 23:41 - 2016-08-06 09:56 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:48 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-23 23:41 - 2016-08-06 09:47 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 23:41 - 2016-08-06 09:46 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 23:41 - 2016-08-06 09:39 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-23 23:41 - 2016-08-06 09:38 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 23:41 - 2016-08-06 09:33 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-23 23:41 - 2016-08-06 09:33 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-23 23:41 - 2016-08-06 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-23 23:41 - 2016-08-06 09:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-23 23:41 - 2016-08-06 09:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-23 23:41 - 2016-08-06 09:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-23 23:41 - 2016-08-06 09:09 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-23 23:41 - 2016-08-06 09:08 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-23 23:41 - 2016-08-06 09:07 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:41 - 2016-08-06 09:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-23 23:41 - 2016-08-06 09:00 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-23 23:41 - 2016-08-06 08:49 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-23 23:41 - 2016-08-05 14:44 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:42 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 23:41 - 2016-08-05 14:40 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:35 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-23 23:41 - 2016-08-05 13:58 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-23 23:41 - 2016-08-05 13:52 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-23 23:41 - 2016-08-05 13:50 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-23 23:41 - 2016-08-05 13:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-23 23:40 - 2016-08-06 10:02 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 23:40 - 2016-08-06 10:02 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 23:40 - 2016-08-06 10:01 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-23 23:40 - 2016-08-06 10:00 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-23 23:40 - 2016-08-06 10:00 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 23:40 - 2016-08-06 10:00 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 23:40 - 2016-08-06 09:59 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-23 23:40 - 2016-08-06 09:56 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-23 23:40 - 2016-08-06 09:54 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 23:40 - 2016-08-06 09:53 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-23 23:40 - 2016-08-06 09:48 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 23:40 - 2016-08-06 09:47 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-23 23:40 - 2016-08-06 09:46 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-23 23:40 - 2016-08-06 09:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:43 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:38 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-23 23:40 - 2016-08-06 09:34 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:32 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:20 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:19 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-23 23:40 - 2016-08-06 09:17 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-23 23:40 - 2016-08-06 09:15 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:15 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:14 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-23 23:40 - 2016-08-06 09:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-23 23:40 - 2016-08-06 09:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-23 23:40 - 2016-08-06 09:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-23 23:40 - 2016-08-06 09:11 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-23 23:40 - 2016-08-06 09:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:02 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-23 23:40 - 2016-08-06 08:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:54 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:53 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-23 23:40 - 2016-08-06 08:53 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-23 23:40 - 2016-08-06 08:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-23 23:40 - 2016-08-05 13:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-23 23:40 - 2016-08-05 13:50 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-23 23:40 - 2016-08-05 13:48 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-23 23:24 - 2016-08-23 23:24 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-08-23 23:23 - 2016-08-23 23:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-23 18:47 - 2016-08-23 18:47 - 00000000 ____D C:\Users\sidme\AppData\Roaming\NVIDIA
2016-08-23 18:06 - 2016-08-23 18:27 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-23 18:06 - 2016-08-23 18:27 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-23 18:06 - 2016-08-23 18:11 - 00003984 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-23 18:06 - 2016-08-23 18:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-23 18:06 - 2016-08-23 18:06 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-23 18:06 - 2016-08-23 18:06 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-23 18:05 - 2016-08-23 18:05 - 00987728 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup.exe
2016-08-23 17:47 - 2016-08-25 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA Corporation
2016-08-23 17:46 - 2016-08-23 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA
2016-08-23 17:46 - 2016-08-23 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-23 17:46 - 2016-06-15 01:31 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-08-23 17:45 - 2016-08-25 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-23 17:45 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-23 17:45 - 2016-08-23 17:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-23 17:45 - 2016-08-11 17:00 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-23 17:45 - 2016-05-04 07:53 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-23 17:45 - 2016-05-04 07:52 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-23 17:44 - 2016-08-23 23:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-23 17:44 - 2016-08-11 20:03 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 20:03 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-23 17:44 - 2016-08-11 17:57 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-23 17:44 - 2016-08-09 21:36 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-23 17:43 - 2016-08-11 20:03 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-23 17:43 - 2016-04-14 11:08 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-08-23 17:42 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-23 17:29 - 2016-08-23 17:29 - 01038335 _____ C:\Users\sidme\Downloads\[Guru3D.com]-DDU.zip
2016-08-23 17:02 - 2016-08-23 17:41 - 368051000 _____ (NVIDIA Corporation) C:\Users\sidme\Downloads\372.54-notebook-win10-64bit-international-whql.exe
2016-08-22 16:21 - 2016-08-22 16:21 - 02534057 _____ C:\Users\sidme\Downloads\SAVEGAME-100-Complete-ALL-UNLOCKED.zip
2016-08-21 20:59 - 2016-08-21 20:59 - 00000000 ____D C:\Users\sidme\Downloads\27 Ultra HD 4K Computer Desktop Wallpapers - Set 737 [ECLiPSE]
2016-08-20 02:42 - 2016-08-20 02:42 - 00000049 _____ C:\Users\sidme\Documents\important.txt
2016-08-20 02:13 - 2013-02-18 17:17 - 00042080 _____ C:\Users\sidme\detection.xml
2016-08-20 02:13 - 2013-01-09 15:54 - 00000000 ____D C:\Users\sidme\extern
2016-08-19 22:36 - 2016-08-19 22:36 - 00000222 _____ C:\Users\sidme\Desktop\Just Cause 3.url
2016-08-19 22:36 - 2016-08-19 22:36 - 00000221 _____ C:\Users\sidme\Desktop\Mafia II.url
2016-08-19 22:25 - 2016-08-25 18:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 22:25 - 2016-08-19 22:25 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-19 22:25 - 2016-08-19 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-19 21:00 - 2016-08-19 21:00 - 00001507 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2016-08-19 20:54 - 2016-08-19 20:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HelloGames
2016-08-19 18:08 - 2016-08-21 21:43 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\uTorrent
2016-08-18 16:40 - 2016-08-18 16:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-18 16:32 - 2016-08-18 16:32 - 00002367 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\onedrive.lnk
2016-08-18 16:28 - 2016-08-18 16:29 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-08-18 16:28 - 2016-08-18 16:28 - 00001106 _____ C:\Users\sidme\Desktop\HD Tune Pro.lnk
2016-08-18 16:28 - 2016-08-18 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-08-18 16:24 - 2016-08-18 16:24 - 00002249 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-08-18 16:24 - 2016-08-18 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-08-18 16:24 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-08-18 16:24 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-08-18 16:24 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2016-08-18 16:21 - 2016-08-18 16:24 - 00000000 ____D C:\Program Files\Bitdefender
2016-08-18 16:21 - 2016-08-18 16:22 - 01446792 _____ C:\Users\sidme\Downloads\SteamSetup.exe
2016-08-18 16:21 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-08-18 16:21 - 2013-04-22 12:21 - 00148696 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-08-18 16:20 - 2016-08-18 16:40 - 11438608 _____ (SurfRight B.V.) C:\Users\sidme\Downloads\hitmanpro_x64.exe
2016-08-18 16:20 - 2016-08-18 16:21 - 10606640 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition_x64.exe
2016-08-18 16:20 - 2016-08-18 16:20 - 00196944 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition.exe
2016-08-17 20:26 - 2016-08-17 20:27 - 00473291 _____ () C:\Users\sidme\Downloads\Everything-1.3.4.686.x86-Setup.exe
2016-08-17 20:13 - 2016-08-23 17:37 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-17 19:54 - 2016-08-17 19:54 - 00000000 ____D C:\Program Files\Reason
2016-08-17 19:53 - 2016-08-17 19:54 - 02873112 _____ (Reason Company Software Inc.) C:\Users\sidme\Downloads\herdProtectScan_Setup.exe
2016-08-17 19:44 - 2016-08-17 19:48 - 18309328 _____ (Microsoft Corporation) C:\Users\sidme\Downloads\MediaCreationTool.exe
2016-08-17 18:34 - 2016-08-02 14:14 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-17 18:34 - 2016-08-02 13:50 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-17 18:34 - 2016-08-02 13:25 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 18:34 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 18:30 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-17 18:29 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:29 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 18:27 - 2016-08-02 13:28 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 18:26 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 18:25 - 2016-08-02 10:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-17 18:25 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-17 18:25 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-17 18:25 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 18:25 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-17 18:24 - 2016-08-02 14:18 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-17 18:24 - 2016-08-02 13:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:24 - 2016-08-02 13:44 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 18:24 - 2016-08-02 13:41 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:40 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-17 18:24 - 2016-08-02 13:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 18:24 - 2016-08-02 13:29 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 18:24 - 2016-08-02 13:26 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-17 18:24 - 2016-08-02 13:26 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 18:24 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 21:01 - 2016-08-15 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-15 15:35 - 2016-08-15 15:35 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Doublefine
2016-08-13 03:16 - 2016-08-13 03:16 - 00000000 ____D C:\Users\sidme\AppData\Local\2K Games
2016-08-11 11:48 - 2016-08-20 02:40 - 00007609 _____ C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-11 11:43 - 2016-08-11 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-09 13:10 - 2016-08-09 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM
2016-08-08 22:38 - 2016-08-08 22:38 - 00000000 ____D C:\Users\sidme\AppData\Roaming\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:36 - 2016-08-08 22:38 - 00000000 ____D C:\Program Files\WinRAR
2016-08-07 08:14 - 2016-08-07 08:17 - 00000000 ____D C:\Users\sidme\AppData\Local\UnrealEngine
2016-08-07 08:14 - 2016-08-07 08:14 - 00000000 ____D C:\Users\sidme\AppData\Local\AbzuGame
2016-08-07 06:44 - 2016-08-07 06:44 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Playdead
2016-08-07 06:36 - 2016-08-19 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 06:35 - 2016-08-07 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSIDE
2016-08-06 18:22 - 2016-08-07 15:29 - 00000000 ____D C:\ProgramData\Logishrd
2016-08-05 21:34 - 2016-08-05 21:34 - 00000000 ____D C:\ProgramData\Orbit
2016-08-05 21:26 - 2016-08-05 21:26 - 00000871 _____ C:\Users\sidme\Desktop\Watch Dogs.lnk
2016-08-05 21:26 - 2016-08-05 21:26 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Watch Dogs
2016-08-05 18:49 - 2016-08-05 21:34 - 00000000 ____D C:\Users\sidme\Documents\My Games
2016-08-05 18:29 - 2016-08-19 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-04 23:31 - 2016-08-04 23:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Aspyr Media
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Bloober Team
2016-08-04 20:29 - 2016-08-18 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Layers of Fear Inheritance
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\Documents\Telltale Games
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Steam
2016-08-04 16:49 - 2016-08-18 11:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-04 16:46 - 2016-08-04 16:46 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-04 16:45 - 2016-08-04 16:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-04 16:45 - 2016-08-04 03:20 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\MSBuild
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-04 16:42 - 2016-05-26 04:01 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-04 16:42 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-04 13:06 - 2016-08-25 00:43 - 00000000 ____D C:\Users\sidme\Desktop\sid important dont delete
2016-08-04 12:55 - 2016-08-22 18:45 - 00000000 ____D C:\Users\sidme\Documents\Square Enix
2016-08-04 12:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-04 04:03 - 2016-08-04 04:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Macromedia
2016-08-04 04:00 - 2016-08-04 04:00 - 00001022 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2016-08-04 03:46 - 2016-08-04 03:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-04 03:43 - 2016-08-04 04:11 - 00000000 ____D C:\Users\sidme\AppData\Local\ConnectedDevicesPlatform
2016-08-04 03:43 - 2016-08-04 03:43 - 00000020 ___SH C:\Users\sidme\ntuser.ini
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 ____D C:\ProgramData\USOShared
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-04 03:35 - 2016-08-04 03:35 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-04 03:34 - 2016-08-25 18:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-04 03:34 - 2016-08-04 03:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-04 03:29 - 2016-08-04 03:29 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-04 03:27 - 2016-08-04 03:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-04 03:26 - 2016-08-20 02:16 - 00000000 ____D C:\Users\sidme
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\My Documents
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Videos
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Pictures
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Music
2016-08-04 03:23 - 2016-08-25 18:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000000 ____D C:\Program Files\Intel
2016-08-04 03:23 - 2016-07-16 17:11 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-04 03:22 - 2016-08-11 17:57 - 00148928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\Program Files\Realtek
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____D C:\Program Files\Synaptics
2016-08-04 03:20 - 2016-08-25 18:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-04 03:20 - 2016-08-17 19:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-04 02:28 - 2016-08-04 02:29 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-04 00:37 - 2016-08-04 00:37 - 00000000 ____D C:\Users\sidme\AppData\Local\ElevatedDiagnostics
2016-08-03 22:34 - 2016-08-04 03:41 - 00000000 ___HD C:\$GetCurrent
2016-08-02 08:46 - 2016-08-19 21:21 - 00000000 ____D C:\games
2016-08-01 19:35 - 2016-08-04 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2016-08-01 19:35 - 2016-08-01 19:35 - 00001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2016-08-01 19:33 - 2016-08-20 21:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-01 19:23 - 2016-08-22 00:07 - 00000000 ____D C:\Users\sidme\Desktop\sid new
2016-08-01 18:15 - 2016-08-01 18:15 - 00000000 ____D C:\ProgramData\GZ
2016-08-01 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-01 18:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-01 18:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-01 18:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-01 18:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-01 18:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-01 18:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-01 18:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-01 18:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-01 18:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-01 18:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-01 18:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-01 18:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-01 17:59 - 2016-08-25 17:26 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-01 17:59 - 2016-08-19 21:11 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-01 17:59 - 2016-08-04 03:30 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-01 17:58 - 2016-08-01 17:58 - 00002684 _____ C:\Users\sidme\Desktop\µTorrent.lnk
2016-08-01 17:57 - 2016-08-21 21:44 - 00000000 ____D C:\Users\sidme\AppData\Roaming\uTorrent
2016-08-01 17:51 - 2016-08-24 18:06 - 00000000 ____D C:\Fraps
2016-08-01 17:51 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-01 17:46 - 2016-08-04 23:31 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Apple Computer
2016-08-01 17:46 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-01 17:46 - 2016-08-01 17:46 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple Computer
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iPod
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-01 17:45 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iTunes
2016-08-01 17:45 - 2016-08-01 17:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-01 17:42 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-08-01 17:36 - 2016-08-18 16:22 - 00000000 ____D C:\Users\sidme\AppData\Roaming\QuickScan
2016-08-01 17:34 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-08-01 17:34 - 2016-08-01 17:34 - 00000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-08-01 17:34 - 2016-08-01 17:34 - 00000000 ____D C:\Program Files\PowerISO
2016-08-01 17:34 - 2016-05-25 04:36 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-08-01 17:32 - 2016-08-25 18:08 - 00000000 ____D C:\Users\sidme\AppData\Roaming\vlc
2016-08-01 17:31 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-01 17:31 - 2016-08-01 17:31 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-01 17:31 - 2016-08-01 17:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-01 17:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-08-01 17:11 - 2016-08-09 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\Steam
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\CEF
2016-08-01 16:38 - 2016-08-23 18:06 - 00000000 ____D C:\Users\sidme\AppData\Local\Google
2016-08-01 16:38 - 2016-08-23 18:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-31 13:49 - 2016-07-28 00:55 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-31 13:46 - 2016-08-17 18:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-31 13:46 - 2016-08-17 18:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-31 12:57 - 2016-07-01 09:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-31 12:56 - 2016-07-01 09:10 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-31 04:35 - 2016-08-25 17:33 - 00000000 ____D C:\Users\sidme\Desktop\OpenHardwareMonitor
2016-07-31 04:35 - 2016-08-18 05:12 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Hard Disk Sentinel
2016-07-31 04:34 - 2016-07-31 04:34 - 00000000 ____D C:\Program Files (x86)\Western Digital Corporation
2016-07-31 03:43 - 2016-07-31 03:43 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-31 03:42 - 2016-08-25 18:23 - 00000000 __SHD C:\Users\sidme\IntelGraphicsProfiles
2016-07-31 03:42 - 2016-07-31 03:42 - 00000000 ____D C:\Intel
2016-07-31 01:40 - 2016-07-31 01:40 - 00000000 ____D C:\Users\sidme\AppData\Local\NetworkTiles
2016-07-31 01:39 - 2016-07-31 01:39 - 00001051 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-07-31 01:32 - 2015-08-29 07:01 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-07-31 01:32 - 2015-08-29 07:01 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2016-07-31 01:27 - 2016-07-31 01:27 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HD Tune Pro
2016-07-31 01:26 - 2016-08-20 02:53 - 00000000 ___RD C:\Users\sidme\OneDrive
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\MicrosoftEdge
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\Comms
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\ActiveSync
2016-07-31 01:24 - 2016-07-31 01:24 - 00000000 ____D C:\Users\sidme\AppData\Local\Publishers
2016-07-31 01:23 - 2016-08-04 23:34 - 00000000 ____D C:\Users\sidme\AppData\Local\VirtualStore
2016-07-31 01:23 - 2016-08-04 04:39 - 00000000 ____D C:\Users\sidme\AppData\Local\Packages
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Adobe
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Local\TileDataLayer
2016-07-31 01:11 - 2016-08-25 18:28 - 01397822 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Documents and Settings
2016-07-31 01:04 - 2016-07-31 01:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 18:21 - 2016-07-16 11:34 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-25 17:03 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 13:23 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 19:53 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\rescache
2016-08-24 17:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 23:49 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\INF
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-23 23:42 - 2016-07-16 17:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 17:44 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\Help
2016-08-18 16:19 - 2016-07-16 11:34 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-18 05:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-18 05:06 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\registration
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-12 01:54 - 2015-10-30 11:58 - 00000000 ____D C:\Users\Default.migrated
2016-08-05 03:52 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 16:49 - 2016-07-16 17:19 - 00000000 ____D C:\WINDOWS\Setup
2016-08-04 16:49 - 2016-07-16 17:17 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-04 16:45 - 2016-07-16 19:41 - 00000000 ____D C:\WINDOWS\OCR
2016-08-04 03:43 - 2016-04-27 11:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-04 03:39 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-04 03:37 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-04 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-04 03:34 - 2016-07-16 17:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-04 03:29 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\MiracastView
 
==================== Files in the root of some directories =======
 
2016-08-11 11:48 - 2016-08-20 02:40 - 0007609 _____ () C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-04 03:22 - 2016-08-04 03:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-23 23:33
 
==================== End of FRST.txt ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by sidme (25-08-2016 18:57:43)
Running from C:\Users\sidme\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-08-03 22:12:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3198014182-4150849369-2890672605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198014182-4150849369-2890672605-503 - Limited - Disabled)
Guest (S-1-5-21-3198014182-4150849369-2890672605-501 - Limited - Disabled)
sidme (S-1-5-21-3198014182-4150849369-2890672605-1001 - Administrator - Enabled) => C:\Users\sidme
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
NVIDIA 3D Vision Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.0 (HKLM-x32\...\RTSS) (Version: 6.4.0 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3198014182-4150849369-2890672605-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {155142D0-7A0C-491B-B90A-E54774F79B99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {4AFA9EC1-2875-4517-9CB1-EFD021AD13CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {99E8996A-01BC-42A1-8842-EFEB29088849} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-18 16:24 - 2013-03-19 11:07 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-08-18 16:24 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 03:46 - 2016-08-04 03:46 - 00959168 _____ () C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-08-08 22:37 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2016-08-17 17:25 - 2016-08-17 17:31 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-17 17:25 - 2016-08-17 17:31 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 17:25 - 2016-08-17 17:36 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-23 18:06 - 2016-08-03 05:11 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-23 18:06 - 2016-08-03 05:10 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-17 17:30 - 2016-08-17 17:35 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-17 17:30 - 2016-08-17 17:35 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-17 17:30 - 2016-08-17 17:32 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-17 17:30 - 2016-08-17 17:36 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 12:54 - 2015-10-30 12:51 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sidme\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{add7acab-a217-46ef-9212-3889f05b2424}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F6E5B6F5-D321-46F2-A526-71166051782E}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8497053E-1CA4-4782-8A05-E07C08B95D44}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC134425-8511-473B-AE6E-7E91A066A397}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{86D87ACF-FEAF-479D-93F3-CF49C4B3B4F1}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3AB3919-8015-4C48-9EF5-FE2ED1B7CE06}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F926D1B4-107C-4AAD-ACA6-112F86D75CE3}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E3E9DA49-3E6E-4F0D-8638-111835196C06}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDF5C1E6-B1CE-4BC6-8090-90EDF866C5D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F50D480E-C6BF-491D-A56F-904D4AB74B4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5362FE75-3AAA-496C-B932-8C0DDBBE6768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB2F272-7B2C-4A39-90B5-A989C8980F70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{268266DA-E254-4148-89D0-6A13C29CF6DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F44F7FFF-3E2E-4E8A-A83C-B323C50FC8B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D0C9D04-B298-41AE-BF92-9F58A4423822}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F6662A4-D32D-4C4E-9942-2BCA382C5700}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{775A0274-61DA-4BE6-BFEA-5F10FFC035B8}] => (Block) %ProgramFiles% (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{C88B7450-E939-40F9-9C36-6C31612D1FF5}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{B47856C7-F43D-407B-BEB2-E33BE2CBA580}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{DBC591EA-BAA1-466D-BC42-7A522E999ABC}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FD628FD-A29D-45EA-A6B9-7B9066CD63E7}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{971E087A-8A4A-48BE-A8AC-E741C3B38186}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{A693DAEA-C358-491D-A908-0A3E5EC87506}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{1754437C-5137-421F-B6F8-822B32BD7DE9}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1F062F8-3A46-432F-9074-76AEB9B7C088}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{2942D6F7-59D4-4917-8203-0745C311C0FD}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{BC391DB5-B86A-4421-8F06-2246D34A7D94}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{FC0D6ECC-6FC9-4D27-80D4-16E359598F9C}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{778E4D7C-D2A2-4599-BE90-B82968E8A415}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{BAFABA28-BA61-4AE6-B133-0EDAA70C88AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DBC47C4D-BF3C-4D7D-BCC6-CD44AAE810BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{4755D5CA-A5F8-4582-A48F-5DBBBC937472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{9F129520-7606-49EC-B6F3-8BFF08A6A0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{E87D6997-8AC2-48C3-9B62-7CBA7BA9EA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96FA9D5D-6B70-4B6A-B8FF-27BC9354887B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA803A53-BF47-4C86-817E-FCDF6CD47169}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7015EAA8-7403-4F97-8126-B7DF6A6E915D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{53212954-50B8-45A5-A821-6E516937B5EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{40D3AFD2-9FC0-4AAB-89A7-261009EB0A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{192E4558-3BEB-4DB8-B1CE-4D077365461F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3A12576F-1577-449A-ABBD-E79BBE641A79}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
19-08-2016 13:03:04 Installed DirectX
22-08-2016 02:29:44 important
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/25/2016 06:28:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:28:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {50677b16-f0e2-40cf-8f50-2749d405c183}
 
Error: (08/25/2016 05:00:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0xf28
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/24/2016 12:17:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SIDHAARTH)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/23/2016 11:46:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0x90c
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: services (884) Database recovery/restore failed with unexpected error -551.
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 517) (User: )
Description: services (884) Database recovery failed with error -551 because it encountered references to a database, 'C:\WINDOWS\Security\Database\secedit.sdb', which does not match the current set of logs. The database engine will not permit recovery to complete for this instance until the mismatching database is re-instated. If the database is truly no longer available or no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.
 
 
System errors:
=============
Error: (08/25/2016 06:29:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:27:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:27:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:25:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:24:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/25/2016 06:20:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-08-18 12:47:49.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-17 23:53:27.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 21%
Total physical RAM: 16296.27 MB
Available physical RAM: 12775.19 MB
Total Virtual: 18728.27 MB
Available Virtual: 15148.93 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:693.61 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 25 August 2016 - 08:42 AM

It looks like your Google Chrome settings are still hijacked.
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
In that case, the best way to get rid of them would be to uninstall Google Chrome and reinstall it. If you are logged in Chrome with your Google account, and the sync is enabled, you won't lose anything. All your bookmarks, history, extensions, etc. will be sync'd back on the new Google Chrome install as soon as you login with your Google account. Can you do that and let me know if your homepage and start-up URLs are back to normal?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 08:44 AM

ok i will do this and get back to you in 5-10 minutes



#10 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 08:53 AM

ok so i uninstalled and then reinstalled chrome.. logged in with my google account.. everything's back to normal got my history etc 



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 25 August 2016 - 08:58 AM

Good :) Let's just run FRST once more to make sure it's all good.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 09:00 AM

ok will do here are the logs as i can see its still there:(

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by sidme (administrator) on SIDHAARTH (25-08-2016 19:29:16)
Running from C:\Users\sidme\Downloads
Loaded Profiles: sidme (Available Profiles: sidme)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => c:\windows\RTFTrack.exe [5062384 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\MountPoints2: D - "D:\setup.exe" 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bd3cdc31-2bb7-4789-9556-ef6c8999971f}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
CHR DefaultSearchKeyword: Default -> google.co.in
CHR Profile: C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Google Drive) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-25]
CHR Extension: (YouTube) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-25]
CHR Extension: (TrafficLight) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-25]
CHR Extension: (Google Sheets) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (AdBlock) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-25]
CHR Extension: (Google Maps) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-25]
CHR Extension: (Gmail) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-25]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-08-29] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-08-12] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-08-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-23] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\sidme\Desktop\OpenHardwareMonitor\OpenHardwareMonitor.sys [14544 2016-08-25] (OpenLibSys.org)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 19:18 - 2016-08-25 19:18 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-25 19:18 - 2016-08-25 19:18 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-25 19:17 - 2016-08-25 19:17 - 01065376 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup (2).exe
2016-08-25 19:17 - 2016-08-25 19:17 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-25 19:17 - 2016-08-25 19:17 - 00003742 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-25 19:17 - 2016-08-25 19:17 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-25 19:17 - 2016-08-25 19:17 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-25 19:15 - 2016-08-25 19:15 - 01065376 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup (1).exe
2016-08-25 18:56 - 2016-08-25 18:56 - 00000976 _____ C:\Users\sidme\Downloads\scan_160825-185221.txt
2016-08-25 18:49 - 2016-08-25 18:56 - 00000000 ____D C:\EEK
2016-08-25 18:31 - 2016-08-25 18:48 - 248187304 _____ C:\Users\sidme\Downloads\EmsisoftEmergencyKit.exe
2016-08-25 18:30 - 2016-08-25 18:30 - 00000563 _____ C:\Users\sidme\Downloads\JRT.txt
2016-08-25 18:26 - 2016-08-25 18:27 - 01610560 _____ (Malwarebytes) C:\Users\sidme\Downloads\JRT.exe
2016-08-25 18:20 - 2016-08-25 18:21 - 00002218 _____ C:\Users\sidme\Downloads\Fixlog.txt
2016-08-25 13:42 - 2016-08-25 13:42 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-25 13:38 - 2016-08-25 19:29 - 00012455 _____ C:\Users\sidme\Downloads\FRST.txt
2016-08-25 13:38 - 2016-08-25 19:26 - 00028368 _____ C:\Users\sidme\Downloads\Addition.txt
2016-08-25 13:37 - 2016-08-25 19:29 - 00000000 ____D C:\FRST
2016-08-25 13:35 - 2016-08-25 13:37 - 02396672 _____ (Farbar) C:\Users\sidme\Downloads\FRST64.exe
2016-08-24 22:26 - 2016-08-24 22:30 - 22851472 _____ (Malwarebytes ) C:\Users\sidme\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
2016-08-24 17:20 - 2016-08-24 17:20 - 08227032 _____ (Piriform Ltd) C:\Users\sidme\Downloads\ccsetup521.exe
2016-08-23 23:49 - 2016-08-25 13:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-23 23:41 - 2016-08-06 10:03 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-23 23:41 - 2016-08-06 10:01 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-23 23:41 - 2016-08-06 10:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 23:41 - 2016-08-06 09:59 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-23 23:41 - 2016-08-06 09:56 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:48 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-23 23:41 - 2016-08-06 09:47 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 23:41 - 2016-08-06 09:46 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 23:41 - 2016-08-06 09:39 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-23 23:41 - 2016-08-06 09:38 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 23:41 - 2016-08-06 09:33 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-23 23:41 - 2016-08-06 09:33 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-23 23:41 - 2016-08-06 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-23 23:41 - 2016-08-06 09:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-23 23:41 - 2016-08-06 09:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-23 23:41 - 2016-08-06 09:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-23 23:41 - 2016-08-06 09:09 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-23 23:41 - 2016-08-06 09:08 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-23 23:41 - 2016-08-06 09:07 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:41 - 2016-08-06 09:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-23 23:41 - 2016-08-06 09:00 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-23 23:41 - 2016-08-06 08:49 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-23 23:41 - 2016-08-05 14:44 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:42 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 23:41 - 2016-08-05 14:40 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:35 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-23 23:41 - 2016-08-05 13:58 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-23 23:41 - 2016-08-05 13:52 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-23 23:41 - 2016-08-05 13:50 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-23 23:41 - 2016-08-05 13:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-23 23:40 - 2016-08-06 10:02 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 23:40 - 2016-08-06 10:02 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 23:40 - 2016-08-06 10:01 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-23 23:40 - 2016-08-06 10:00 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-23 23:40 - 2016-08-06 10:00 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 23:40 - 2016-08-06 10:00 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 23:40 - 2016-08-06 09:59 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-23 23:40 - 2016-08-06 09:56 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-23 23:40 - 2016-08-06 09:54 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 23:40 - 2016-08-06 09:53 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-23 23:40 - 2016-08-06 09:48 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 23:40 - 2016-08-06 09:47 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-23 23:40 - 2016-08-06 09:46 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-23 23:40 - 2016-08-06 09:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:43 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:38 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-23 23:40 - 2016-08-06 09:34 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:32 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:20 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:19 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-23 23:40 - 2016-08-06 09:17 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-23 23:40 - 2016-08-06 09:15 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:15 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:14 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-23 23:40 - 2016-08-06 09:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-23 23:40 - 2016-08-06 09:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-23 23:40 - 2016-08-06 09:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-23 23:40 - 2016-08-06 09:11 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-23 23:40 - 2016-08-06 09:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:02 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-23 23:40 - 2016-08-06 08:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:54 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:53 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-23 23:40 - 2016-08-06 08:53 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-23 23:40 - 2016-08-06 08:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-23 23:40 - 2016-08-05 13:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-23 23:40 - 2016-08-05 13:50 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-23 23:40 - 2016-08-05 13:48 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-23 23:24 - 2016-08-23 23:24 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-08-23 23:23 - 2016-08-23 23:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-23 18:47 - 2016-08-23 18:47 - 00000000 ____D C:\Users\sidme\AppData\Roaming\NVIDIA
2016-08-23 18:05 - 2016-08-23 18:05 - 00987728 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup.exe
2016-08-23 17:47 - 2016-08-25 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA Corporation
2016-08-23 17:46 - 2016-08-23 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA
2016-08-23 17:46 - 2016-08-23 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-23 17:46 - 2016-06-15 01:31 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-08-23 17:45 - 2016-08-25 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-23 17:45 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-23 17:45 - 2016-08-23 17:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-23 17:45 - 2016-08-11 17:00 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-23 17:45 - 2016-05-04 07:53 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-23 17:45 - 2016-05-04 07:52 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-23 17:44 - 2016-08-23 23:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-23 17:44 - 2016-08-11 20:03 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 20:03 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-23 17:44 - 2016-08-11 17:57 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-23 17:44 - 2016-08-09 21:36 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-23 17:43 - 2016-08-11 20:03 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-23 17:43 - 2016-04-14 11:08 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-08-23 17:42 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-23 17:29 - 2016-08-23 17:29 - 01038335 _____ C:\Users\sidme\Downloads\[Guru3D.com]-DDU.zip
2016-08-23 17:02 - 2016-08-23 17:41 - 368051000 _____ (NVIDIA Corporation) C:\Users\sidme\Downloads\372.54-notebook-win10-64bit-international-whql.exe
2016-08-22 16:21 - 2016-08-22 16:21 - 02534057 _____ C:\Users\sidme\Downloads\SAVEGAME-100-Complete-ALL-UNLOCKED.zip
2016-08-21 20:59 - 2016-08-21 20:59 - 00000000 ____D C:\Users\sidme\Downloads\27 Ultra HD 4K Computer Desktop Wallpapers - Set 737 [ECLiPSE]
2016-08-20 02:42 - 2016-08-20 02:42 - 00000049 _____ C:\Users\sidme\Documents\important.txt
2016-08-20 02:13 - 2013-02-18 17:17 - 00042080 _____ C:\Users\sidme\detection.xml
2016-08-20 02:13 - 2013-01-09 15:54 - 00000000 ____D C:\Users\sidme\extern
2016-08-19 22:36 - 2016-08-19 22:36 - 00000222 _____ C:\Users\sidme\Desktop\Just Cause 3.url
2016-08-19 22:36 - 2016-08-19 22:36 - 00000221 _____ C:\Users\sidme\Desktop\Mafia II.url
2016-08-19 22:25 - 2016-08-25 18:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 22:25 - 2016-08-19 22:25 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-19 22:25 - 2016-08-19 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-19 21:00 - 2016-08-19 21:00 - 00001507 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2016-08-19 20:54 - 2016-08-19 20:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HelloGames
2016-08-19 18:08 - 2016-08-21 21:43 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\uTorrent
2016-08-18 16:40 - 2016-08-18 16:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-18 16:32 - 2016-08-18 16:32 - 00002367 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\onedrive.lnk
2016-08-18 16:28 - 2016-08-18 16:29 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-08-18 16:28 - 2016-08-18 16:28 - 00001106 _____ C:\Users\sidme\Desktop\HD Tune Pro.lnk
2016-08-18 16:28 - 2016-08-18 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-08-18 16:24 - 2016-08-18 16:24 - 00002249 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-08-18 16:24 - 2016-08-18 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-08-18 16:24 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-08-18 16:24 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-08-18 16:24 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2016-08-18 16:21 - 2016-08-18 16:24 - 00000000 ____D C:\Program Files\Bitdefender
2016-08-18 16:21 - 2016-08-18 16:22 - 01446792 _____ C:\Users\sidme\Downloads\SteamSetup.exe
2016-08-18 16:21 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-08-18 16:21 - 2013-04-22 12:21 - 00148696 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-08-18 16:20 - 2016-08-18 16:40 - 11438608 _____ (SurfRight B.V.) C:\Users\sidme\Downloads\hitmanpro_x64.exe
2016-08-18 16:20 - 2016-08-18 16:21 - 10606640 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition_x64.exe
2016-08-18 16:20 - 2016-08-18 16:20 - 00196944 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition.exe
2016-08-17 20:26 - 2016-08-17 20:27 - 00473291 _____ () C:\Users\sidme\Downloads\Everything-1.3.4.686.x86-Setup.exe
2016-08-17 20:13 - 2016-08-23 17:37 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-17 19:54 - 2016-08-17 19:54 - 00000000 ____D C:\Program Files\Reason
2016-08-17 19:53 - 2016-08-17 19:54 - 02873112 _____ (Reason Company Software Inc.) C:\Users\sidme\Downloads\herdProtectScan_Setup.exe
2016-08-17 19:44 - 2016-08-17 19:48 - 18309328 _____ (Microsoft Corporation) C:\Users\sidme\Downloads\MediaCreationTool.exe
2016-08-17 18:34 - 2016-08-02 14:14 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-17 18:34 - 2016-08-02 13:50 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-17 18:34 - 2016-08-02 13:25 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 18:34 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 18:30 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-17 18:29 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:29 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 18:27 - 2016-08-02 13:28 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 18:26 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 18:25 - 2016-08-02 10:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-17 18:25 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-17 18:25 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-17 18:25 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 18:25 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-17 18:24 - 2016-08-02 14:18 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-17 18:24 - 2016-08-02 13:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:24 - 2016-08-02 13:44 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 18:24 - 2016-08-02 13:41 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:40 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-17 18:24 - 2016-08-02 13:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 18:24 - 2016-08-02 13:29 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 18:24 - 2016-08-02 13:26 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-17 18:24 - 2016-08-02 13:26 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 18:24 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 21:01 - 2016-08-15 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-15 15:35 - 2016-08-15 15:35 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Doublefine
2016-08-13 03:16 - 2016-08-13 03:16 - 00000000 ____D C:\Users\sidme\AppData\Local\2K Games
2016-08-11 11:48 - 2016-08-20 02:40 - 00007609 _____ C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-11 11:43 - 2016-08-11 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-09 13:10 - 2016-08-09 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM
2016-08-08 22:38 - 2016-08-08 22:38 - 00000000 ____D C:\Users\sidme\AppData\Roaming\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:36 - 2016-08-08 22:38 - 00000000 ____D C:\Program Files\WinRAR
2016-08-07 08:14 - 2016-08-07 08:17 - 00000000 ____D C:\Users\sidme\AppData\Local\UnrealEngine
2016-08-07 08:14 - 2016-08-07 08:14 - 00000000 ____D C:\Users\sidme\AppData\Local\AbzuGame
2016-08-07 06:44 - 2016-08-07 06:44 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Playdead
2016-08-07 06:36 - 2016-08-19 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 06:35 - 2016-08-07 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSIDE
2016-08-06 18:22 - 2016-08-07 15:29 - 00000000 ____D C:\ProgramData\Logishrd
2016-08-05 21:34 - 2016-08-05 21:34 - 00000000 ____D C:\ProgramData\Orbit
2016-08-05 21:26 - 2016-08-05 21:26 - 00000871 _____ C:\Users\sidme\Desktop\Watch Dogs.lnk
2016-08-05 21:26 - 2016-08-05 21:26 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Watch Dogs
2016-08-05 18:49 - 2016-08-05 21:34 - 00000000 ____D C:\Users\sidme\Documents\My Games
2016-08-05 18:29 - 2016-08-19 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-04 23:31 - 2016-08-04 23:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Aspyr Media
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Bloober Team
2016-08-04 20:29 - 2016-08-18 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Layers of Fear Inheritance
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\Documents\Telltale Games
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Steam
2016-08-04 16:49 - 2016-08-18 11:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-04 16:46 - 2016-08-04 16:46 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-04 16:45 - 2016-08-04 16:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-04 16:45 - 2016-08-04 03:20 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\MSBuild
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-04 16:42 - 2016-05-26 04:01 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-04 16:42 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-04 13:06 - 2016-08-25 00:43 - 00000000 ____D C:\Users\sidme\Desktop\sid important dont delete
2016-08-04 12:55 - 2016-08-22 18:45 - 00000000 ____D C:\Users\sidme\Documents\Square Enix
2016-08-04 12:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-04 04:03 - 2016-08-04 04:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Macromedia
2016-08-04 04:00 - 2016-08-04 04:00 - 00001022 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2016-08-04 03:46 - 2016-08-04 03:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-04 03:43 - 2016-08-04 04:11 - 00000000 ____D C:\Users\sidme\AppData\Local\ConnectedDevicesPlatform
2016-08-04 03:43 - 2016-08-04 03:43 - 00000020 ___SH C:\Users\sidme\ntuser.ini
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 ____D C:\ProgramData\USOShared
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-04 03:35 - 2016-08-04 03:35 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-04 03:34 - 2016-08-25 18:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-04 03:34 - 2016-08-04 03:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-04 03:29 - 2016-08-04 03:29 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-04 03:27 - 2016-08-04 03:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-04 03:26 - 2016-08-20 02:16 - 00000000 ____D C:\Users\sidme
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\My Documents
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Videos
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Pictures
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Music
2016-08-04 03:23 - 2016-08-25 18:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000000 ____D C:\Program Files\Intel
2016-08-04 03:23 - 2016-07-16 17:11 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-04 03:22 - 2016-08-11 17:57 - 00148928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\Program Files\Realtek
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____D C:\Program Files\Synaptics
2016-08-04 03:20 - 2016-08-25 18:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-04 03:20 - 2016-08-17 19:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-04 02:28 - 2016-08-04 02:29 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-04 00:37 - 2016-08-04 00:37 - 00000000 ____D C:\Users\sidme\AppData\Local\ElevatedDiagnostics
2016-08-03 22:34 - 2016-08-04 03:41 - 00000000 ___HD C:\$GetCurrent
2016-08-02 08:46 - 2016-08-19 21:21 - 00000000 ____D C:\games
2016-08-01 19:35 - 2016-08-04 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2016-08-01 19:35 - 2016-08-01 19:35 - 00001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2016-08-01 19:33 - 2016-08-20 21:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-01 19:23 - 2016-08-22 00:07 - 00000000 ____D C:\Users\sidme\Desktop\sid new
2016-08-01 18:15 - 2016-08-01 18:15 - 00000000 ____D C:\ProgramData\GZ
2016-08-01 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-01 18:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-01 18:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-01 18:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-01 18:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-01 18:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-01 18:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-01 18:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-01 18:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-01 18:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-01 18:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-01 18:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-01 18:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-01 17:59 - 2016-08-25 17:26 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-01 17:59 - 2016-08-19 21:11 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-01 17:59 - 2016-08-04 03:30 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-01 17:58 - 2016-08-01 17:58 - 00002684 _____ C:\Users\sidme\Desktop\µTorrent.lnk
2016-08-01 17:57 - 2016-08-21 21:44 - 00000000 ____D C:\Users\sidme\AppData\Roaming\uTorrent
2016-08-01 17:51 - 2016-08-24 18:06 - 00000000 ____D C:\Fraps
2016-08-01 17:51 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-01 17:46 - 2016-08-04 23:31 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Apple Computer
2016-08-01 17:46 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-01 17:46 - 2016-08-01 17:46 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple Computer
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iPod
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-01 17:45 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iTunes
2016-08-01 17:45 - 2016-08-01 17:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-01 17:42 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-08-01 17:36 - 2016-08-18 16:22 - 00000000 ____D C:\Users\sidme\AppData\Roaming\QuickScan
2016-08-01 17:34 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-08-01 17:34 - 2016-08-01 17:34 - 00000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-08-01 17:34 - 2016-08-01 17:34 - 00000000 ____D C:\Program Files\PowerISO
2016-08-01 17:34 - 2016-05-25 04:36 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-08-01 17:32 - 2016-08-25 18:08 - 00000000 ____D C:\Users\sidme\AppData\Roaming\vlc
2016-08-01 17:31 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-01 17:31 - 2016-08-01 17:31 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-01 17:31 - 2016-08-01 17:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-01 17:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-08-01 17:11 - 2016-08-09 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\Steam
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\CEF
2016-08-01 16:38 - 2016-08-25 19:18 - 00000000 ____D C:\Users\sidme\AppData\Local\Google
2016-08-01 16:38 - 2016-08-25 19:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-31 13:49 - 2016-07-28 00:55 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-31 13:46 - 2016-08-17 18:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-31 13:46 - 2016-08-17 18:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-31 12:57 - 2016-07-01 09:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-31 12:56 - 2016-07-01 09:10 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-31 04:35 - 2016-08-25 17:33 - 00000000 ____D C:\Users\sidme\Desktop\OpenHardwareMonitor
2016-07-31 04:35 - 2016-08-18 05:12 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Hard Disk Sentinel
2016-07-31 04:34 - 2016-07-31 04:34 - 00000000 ____D C:\Program Files (x86)\Western Digital Corporation
2016-07-31 03:43 - 2016-07-31 03:43 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-31 03:42 - 2016-08-25 18:23 - 00000000 __SHD C:\Users\sidme\IntelGraphicsProfiles
2016-07-31 03:42 - 2016-07-31 03:42 - 00000000 ____D C:\Intel
2016-07-31 01:40 - 2016-07-31 01:40 - 00000000 ____D C:\Users\sidme\AppData\Local\NetworkTiles
2016-07-31 01:39 - 2016-07-31 01:39 - 00001051 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-07-31 01:32 - 2015-08-29 07:01 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-07-31 01:32 - 2015-08-29 07:01 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2016-07-31 01:27 - 2016-07-31 01:27 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HD Tune Pro
2016-07-31 01:26 - 2016-08-20 02:53 - 00000000 ___RD C:\Users\sidme\OneDrive
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\MicrosoftEdge
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\Comms
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\ActiveSync
2016-07-31 01:24 - 2016-07-31 01:24 - 00000000 ____D C:\Users\sidme\AppData\Local\Publishers
2016-07-31 01:23 - 2016-08-04 23:34 - 00000000 ____D C:\Users\sidme\AppData\Local\VirtualStore
2016-07-31 01:23 - 2016-08-04 04:39 - 00000000 ____D C:\Users\sidme\AppData\Local\Packages
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Adobe
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Local\TileDataLayer
2016-07-31 01:11 - 2016-08-25 18:28 - 01397822 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Documents and Settings
2016-07-31 01:04 - 2016-07-31 01:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 18:21 - 2016-07-16 11:34 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-25 17:03 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 13:23 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 19:53 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\rescache
2016-08-24 17:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 23:49 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\INF
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-23 23:42 - 2016-07-16 17:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 17:44 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\Help
2016-08-18 16:19 - 2016-07-16 11:34 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-18 05:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-18 05:06 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\registration
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-12 01:54 - 2015-10-30 11:58 - 00000000 ____D C:\Users\Default.migrated
2016-08-05 03:52 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 16:49 - 2016-07-16 17:19 - 00000000 ____D C:\WINDOWS\Setup
2016-08-04 16:49 - 2016-07-16 17:17 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-04 16:45 - 2016-07-16 19:41 - 00000000 ____D C:\WINDOWS\OCR
2016-08-04 03:43 - 2016-04-27 11:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-04 03:39 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-04 03:37 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-04 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-04 03:34 - 2016-07-16 17:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-04 03:29 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\MiracastView
 
==================== Files in the root of some directories =======
 
2016-08-11 11:48 - 2016-08-20 02:40 - 0007609 _____ () C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-04 03:22 - 2016-08-04 03:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-23 23:33
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by sidme (25-08-2016 19:29:42)
Running from C:\Users\sidme\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-08-03 22:12:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3198014182-4150849369-2890672605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198014182-4150849369-2890672605-503 - Limited - Disabled)
Guest (S-1-5-21-3198014182-4150849369-2890672605-501 - Limited - Disabled)
sidme (S-1-5-21-3198014182-4150849369-2890672605-1001 - Administrator - Enabled) => C:\Users\sidme
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
NVIDIA 3D Vision Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.0 (HKLM-x32\...\RTSS) (Version: 6.4.0 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3198014182-4150849369-2890672605-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {39DC9D49-6DFD-4F7F-8CF5-D0E091D74896} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-25] (Google Inc.)
Task: {99E8996A-01BC-42A1-8842-EFEB29088849} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB36820E-21C5-4041-95CF-C5BA046BA259} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-25] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-18 16:24 - 2013-03-19 11:07 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-08-18 16:24 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 03:46 - 2016-08-04 03:46 - 00959168 _____ () C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-08-17 17:25 - 2016-08-17 17:31 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-17 17:25 - 2016-08-17 17:31 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 17:25 - 2016-08-17 17:36 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-17 17:30 - 2016-08-17 17:35 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-17 17:30 - 2016-08-17 17:35 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-17 17:30 - 2016-08-17 17:32 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-17 17:30 - 2016-08-17 17:36 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-25 19:18 - 2016-08-03 05:11 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-25 19:18 - 2016-08-03 05:10 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 12:54 - 2015-10-30 12:51 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sidme\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{add7acab-a217-46ef-9212-3889f05b2424}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F6E5B6F5-D321-46F2-A526-71166051782E}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8497053E-1CA4-4782-8A05-E07C08B95D44}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC134425-8511-473B-AE6E-7E91A066A397}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{86D87ACF-FEAF-479D-93F3-CF49C4B3B4F1}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3AB3919-8015-4C48-9EF5-FE2ED1B7CE06}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F926D1B4-107C-4AAD-ACA6-112F86D75CE3}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E3E9DA49-3E6E-4F0D-8638-111835196C06}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDF5C1E6-B1CE-4BC6-8090-90EDF866C5D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F50D480E-C6BF-491D-A56F-904D4AB74B4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5362FE75-3AAA-496C-B932-8C0DDBBE6768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB2F272-7B2C-4A39-90B5-A989C8980F70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{268266DA-E254-4148-89D0-6A13C29CF6DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F44F7FFF-3E2E-4E8A-A83C-B323C50FC8B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D0C9D04-B298-41AE-BF92-9F58A4423822}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F6662A4-D32D-4C4E-9942-2BCA382C5700}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{775A0274-61DA-4BE6-BFEA-5F10FFC035B8}] => (Block) %ProgramFiles% (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{C88B7450-E939-40F9-9C36-6C31612D1FF5}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{B47856C7-F43D-407B-BEB2-E33BE2CBA580}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{DBC591EA-BAA1-466D-BC42-7A522E999ABC}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FD628FD-A29D-45EA-A6B9-7B9066CD63E7}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{971E087A-8A4A-48BE-A8AC-E741C3B38186}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{A693DAEA-C358-491D-A908-0A3E5EC87506}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{1754437C-5137-421F-B6F8-822B32BD7DE9}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1F062F8-3A46-432F-9074-76AEB9B7C088}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{2942D6F7-59D4-4917-8203-0745C311C0FD}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{BC391DB5-B86A-4421-8F06-2246D34A7D94}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{FC0D6ECC-6FC9-4D27-80D4-16E359598F9C}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{778E4D7C-D2A2-4599-BE90-B82968E8A415}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{BAFABA28-BA61-4AE6-B133-0EDAA70C88AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DBC47C4D-BF3C-4D7D-BCC6-CD44AAE810BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{4755D5CA-A5F8-4582-A48F-5DBBBC937472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{9F129520-7606-49EC-B6F3-8BFF08A6A0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{E87D6997-8AC2-48C3-9B62-7CBA7BA9EA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96FA9D5D-6B70-4B6A-B8FF-27BC9354887B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA803A53-BF47-4C86-817E-FCDF6CD47169}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7015EAA8-7403-4F97-8126-B7DF6A6E915D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{53212954-50B8-45A5-A821-6E516937B5EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{40D3AFD2-9FC0-4AAB-89A7-261009EB0A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{192E4558-3BEB-4DB8-B1CE-4D077365461F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B3283FB9-F0D8-48D7-B175-0F668CD71C49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
19-08-2016 13:03:04 Installed DirectX
22-08-2016 02:29:44 important
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/25/2016 06:28:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:28:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {50677b16-f0e2-40cf-8f50-2749d405c183}
 
Error: (08/25/2016 05:00:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0xf28
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/24/2016 12:17:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SIDHAARTH)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/23/2016 11:46:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0x90c
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: services (884) Database recovery/restore failed with unexpected error -551.
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 517) (User: )
Description: services (884) Database recovery failed with error -551 because it encountered references to a database, 'C:\WINDOWS\Security\Database\secedit.sdb', which does not match the current set of logs. The database engine will not permit recovery to complete for this instance until the mismatching database is re-instated. If the database is truly no longer available or no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.
 
 
System errors:
=============
Error: (08/25/2016 06:29:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:27:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:27:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:25:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:24:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/25/2016 06:20:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-08-18 12:47:49.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-17 23:53:27.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 24%
Total physical RAM: 16296.27 MB
Available physical RAM: 12289.73 MB
Total Virtual: 18728.27 MB
Available Virtual: 14720.68 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:693.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:22 PM

Posted 25 August 2016 - 09:02 AM

They indeed are. Can you try resetting Google Chrome to its default settings, and then run FRST again?

https://support.google.com/chrome/answer/3296214?hl=en

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 09:08 AM

ok here are the new...they are still there 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by sidme (administrator) on SIDHAARTH (25-08-2016 19:35:50)
Running from C:\Users\sidme\Downloads
Loaded Profiles: sidme (Available Profiles: sidme)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => c:\windows\RTFTrack.exe [5062384 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\MountPoints2: D - "D:\setup.exe" 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bd3cdc31-2bb7-4789-9556-ef6c8999971f}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
CHR Profile: C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Google Drive) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-25]
CHR Extension: (YouTube) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-25]
CHR Extension: (TrafficLight) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-25]
CHR Extension: (Google Sheets) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (AdBlock) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-25]
CHR Extension: (Google Maps) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-25]
CHR Extension: (Gmail) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\sidme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-25]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvlddmkm.sys [14199352 2016-08-16] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [600832 2015-08-29] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-08-12] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-08-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-23] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\sidme\Desktop\OpenHardwareMonitor\OpenHardwareMonitor.sys [14544 2016-08-25] (OpenLibSys.org)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 19:18 - 2016-08-25 19:18 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-25 19:18 - 2016-08-25 19:18 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-25 19:17 - 2016-08-25 19:17 - 01065376 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup (2).exe
2016-08-25 19:17 - 2016-08-25 19:17 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-25 19:17 - 2016-08-25 19:17 - 00003742 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-25 19:17 - 2016-08-25 19:17 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-25 19:17 - 2016-08-25 19:17 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-25 19:15 - 2016-08-25 19:15 - 01065376 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup (1).exe
2016-08-25 18:56 - 2016-08-25 18:56 - 00000976 _____ C:\Users\sidme\Downloads\scan_160825-185221.txt
2016-08-25 18:49 - 2016-08-25 18:56 - 00000000 ____D C:\EEK
2016-08-25 18:31 - 2016-08-25 18:48 - 248187304 _____ C:\Users\sidme\Downloads\EmsisoftEmergencyKit.exe
2016-08-25 18:30 - 2016-08-25 18:30 - 00000563 _____ C:\Users\sidme\Downloads\JRT.txt
2016-08-25 18:26 - 2016-08-25 18:27 - 01610560 _____ (Malwarebytes) C:\Users\sidme\Downloads\JRT.exe
2016-08-25 18:20 - 2016-08-25 18:21 - 00002218 _____ C:\Users\sidme\Downloads\Fixlog.txt
2016-08-25 13:42 - 2016-08-25 13:42 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-08-25 13:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-25 13:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-25 13:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-25 13:38 - 2016-08-25 19:35 - 00012215 _____ C:\Users\sidme\Downloads\FRST.txt
2016-08-25 13:38 - 2016-08-25 19:29 - 00028276 _____ C:\Users\sidme\Downloads\Addition.txt
2016-08-25 13:37 - 2016-08-25 19:35 - 00000000 ____D C:\FRST
2016-08-25 13:35 - 2016-08-25 13:37 - 02396672 _____ (Farbar) C:\Users\sidme\Downloads\FRST64.exe
2016-08-24 22:26 - 2016-08-24 22:30 - 22851472 _____ (Malwarebytes ) C:\Users\sidme\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
2016-08-24 17:20 - 2016-08-24 17:20 - 08227032 _____ (Piriform Ltd) C:\Users\sidme\Downloads\ccsetup521.exe
2016-08-23 23:49 - 2016-08-25 13:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-23 23:41 - 2016-08-06 10:03 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-23 23:41 - 2016-08-06 10:01 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-23 23:41 - 2016-08-06 10:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-23 23:41 - 2016-08-06 09:59 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-23 23:41 - 2016-08-06 09:56 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:48 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-23 23:41 - 2016-08-06 09:47 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-23 23:41 - 2016-08-06 09:47 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-23 23:41 - 2016-08-06 09:46 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-23 23:41 - 2016-08-06 09:39 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-23 23:41 - 2016-08-06 09:38 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-23 23:41 - 2016-08-06 09:38 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-23 23:41 - 2016-08-06 09:33 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-23 23:41 - 2016-08-06 09:33 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-23 23:41 - 2016-08-06 09:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-23 23:41 - 2016-08-06 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-23 23:41 - 2016-08-06 09:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-23 23:41 - 2016-08-06 09:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-23 23:41 - 2016-08-06 09:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-23 23:41 - 2016-08-06 09:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-23 23:41 - 2016-08-06 09:10 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-23 23:41 - 2016-08-06 09:09 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-23 23:41 - 2016-08-06 09:08 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-23 23:41 - 2016-08-06 09:07 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:41 - 2016-08-06 09:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:04 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-23 23:41 - 2016-08-06 09:03 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-23 23:41 - 2016-08-06 09:01 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-23 23:41 - 2016-08-06 09:00 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:54 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-23 23:41 - 2016-08-06 08:49 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-23 23:41 - 2016-08-05 14:44 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:42 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-23 23:41 - 2016-08-05 14:40 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-23 23:41 - 2016-08-05 14:35 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-23 23:41 - 2016-08-05 13:58 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-23 23:41 - 2016-08-05 13:52 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-23 23:41 - 2016-08-05 13:50 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-23 23:41 - 2016-08-05 13:38 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-23 23:40 - 2016-08-06 10:02 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-23 23:40 - 2016-08-06 10:02 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-23 23:40 - 2016-08-06 10:01 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-23 23:40 - 2016-08-06 10:00 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-23 23:40 - 2016-08-06 10:00 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-23 23:40 - 2016-08-06 10:00 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-23 23:40 - 2016-08-06 09:59 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-23 23:40 - 2016-08-06 09:56 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-23 23:40 - 2016-08-06 09:54 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-23 23:40 - 2016-08-06 09:53 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-23 23:40 - 2016-08-06 09:48 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-23 23:40 - 2016-08-06 09:48 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-23 23:40 - 2016-08-06 09:47 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-23 23:40 - 2016-08-06 09:46 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-23 23:40 - 2016-08-06 09:46 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-23 23:40 - 2016-08-06 09:46 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-23 23:40 - 2016-08-06 09:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-23 23:40 - 2016-08-06 09:43 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:43 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:38 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-23 23:40 - 2016-08-06 09:38 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-23 23:40 - 2016-08-06 09:34 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-23 23:40 - 2016-08-06 09:33 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-23 23:40 - 2016-08-06 09:32 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-23 23:40 - 2016-08-06 09:20 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:19 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-23 23:40 - 2016-08-06 09:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-23 23:40 - 2016-08-06 09:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-23 23:40 - 2016-08-06 09:17 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-23 23:40 - 2016-08-06 09:17 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-23 23:40 - 2016-08-06 09:16 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-23 23:40 - 2016-08-06 09:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:16 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-23 23:40 - 2016-08-06 09:15 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:15 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-23 23:40 - 2016-08-06 09:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-23 23:40 - 2016-08-06 09:14 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:14 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-23 23:40 - 2016-08-06 09:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-23 23:40 - 2016-08-06 09:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-23 23:40 - 2016-08-06 09:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-23 23:40 - 2016-08-06 09:11 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-23 23:40 - 2016-08-06 09:11 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-23 23:40 - 2016-08-06 09:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:10 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:09 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-23 23:40 - 2016-08-06 09:08 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-23 23:40 - 2016-08-06 09:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-23 23:40 - 2016-08-06 09:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:05 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-23 23:40 - 2016-08-06 09:04 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-23 23:40 - 2016-08-06 09:03 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-23 23:40 - 2016-08-06 09:02 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-23 23:40 - 2016-08-06 09:01 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-23 23:40 - 2016-08-06 09:00 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-23 23:40 - 2016-08-06 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-23 23:40 - 2016-08-06 08:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-23 23:40 - 2016-08-06 08:57 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:56 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-23 23:40 - 2016-08-06 08:55 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-23 23:40 - 2016-08-06 08:54 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:54 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-23 23:40 - 2016-08-06 08:53 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-23 23:40 - 2016-08-06 08:53 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-23 23:40 - 2016-08-06 08:53 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-23 23:40 - 2016-08-06 08:49 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-23 23:40 - 2016-08-05 13:59 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-23 23:40 - 2016-08-05 13:53 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-23 23:40 - 2016-08-05 13:50 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-23 23:40 - 2016-08-05 13:48 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-23 23:40 - 2016-08-05 13:37 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-23 23:24 - 2016-08-23 23:24 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-08-23 23:23 - 2016-08-23 23:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-23 18:47 - 2016-08-23 18:47 - 00000000 ____D C:\Users\sidme\AppData\Roaming\NVIDIA
2016-08-23 18:05 - 2016-08-23 18:05 - 00987728 _____ (Google Inc.) C:\Users\sidme\Downloads\ChromeSetup.exe
2016-08-23 17:47 - 2016-08-25 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA Corporation
2016-08-23 17:46 - 2016-08-23 17:49 - 00000000 ____D C:\Users\sidme\AppData\Local\NVIDIA
2016-08-23 17:46 - 2016-08-23 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-23 17:46 - 2016-06-15 01:31 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-08-23 17:46 - 2016-06-15 01:31 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-08-23 17:45 - 2016-08-25 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-23 17:45 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-23 17:45 - 2016-08-23 17:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-23 17:45 - 2016-08-11 17:00 - 00138808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-08-23 17:45 - 2016-05-04 07:53 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-23 17:45 - 2016-05-04 07:52 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-23 17:45 - 2016-05-04 07:52 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-23 17:44 - 2016-08-23 23:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-23 17:44 - 2016-08-11 20:03 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 20:03 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 06386048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 02468288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-23 17:44 - 2016-08-11 17:57 - 00548920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-23 17:44 - 2016-08-09 21:36 - 07255045 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-23 17:43 - 2016-08-11 20:03 - 40070200 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 34837952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 28236856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10728856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10530960 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 10273096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 09086344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08681720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 08644456 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03901520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 03443152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02914752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 02553912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437254.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 01023544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00961080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00945088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00897592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00803096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00694952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00644648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00584712 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00442816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00413256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00393664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00345936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-08-23 17:43 - 2016-08-11 20:03 - 00040827 _____ C:\WINDOWS\system32\nvinfo.pb
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-08-23 17:43 - 2016-08-11 20:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-08-23 17:43 - 2016-04-14 11:08 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-08-23 17:43 - 2016-04-14 11:08 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-08-23 17:42 - 2016-08-23 17:46 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-23 17:29 - 2016-08-23 17:29 - 01038335 _____ C:\Users\sidme\Downloads\[Guru3D.com]-DDU.zip
2016-08-23 17:02 - 2016-08-23 17:41 - 368051000 _____ (NVIDIA Corporation) C:\Users\sidme\Downloads\372.54-notebook-win10-64bit-international-whql.exe
2016-08-22 16:21 - 2016-08-22 16:21 - 02534057 _____ C:\Users\sidme\Downloads\SAVEGAME-100-Complete-ALL-UNLOCKED.zip
2016-08-21 20:59 - 2016-08-21 20:59 - 00000000 ____D C:\Users\sidme\Downloads\27 Ultra HD 4K Computer Desktop Wallpapers - Set 737 [ECLiPSE]
2016-08-20 02:42 - 2016-08-20 02:42 - 00000049 _____ C:\Users\sidme\Documents\important.txt
2016-08-20 02:13 - 2013-02-18 17:17 - 00042080 _____ C:\Users\sidme\detection.xml
2016-08-20 02:13 - 2013-01-09 15:54 - 00000000 ____D C:\Users\sidme\extern
2016-08-19 22:36 - 2016-08-19 22:36 - 00000222 _____ C:\Users\sidme\Desktop\Just Cause 3.url
2016-08-19 22:36 - 2016-08-19 22:36 - 00000221 _____ C:\Users\sidme\Desktop\Mafia II.url
2016-08-19 22:25 - 2016-08-25 18:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 22:25 - 2016-08-19 22:25 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-19 22:25 - 2016-08-19 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-19 21:00 - 2016-08-19 21:00 - 00001507 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2016-08-19 20:54 - 2016-08-19 20:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HelloGames
2016-08-19 18:08 - 2016-08-21 21:43 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\uTorrent
2016-08-18 16:40 - 2016-08-18 16:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-08-18 16:32 - 2016-08-18 16:32 - 00002367 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\onedrive.lnk
2016-08-18 16:28 - 2016-08-18 16:29 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-08-18 16:28 - 2016-08-18 16:28 - 00001106 _____ C:\Users\sidme\Desktop\HD Tune Pro.lnk
2016-08-18 16:28 - 2016-08-18 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-08-18 16:24 - 2016-08-18 16:24 - 00002249 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-08-18 16:24 - 2016-08-18 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-08-18 16:24 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-08-18 16:24 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-08-18 16:24 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2016-08-18 16:21 - 2016-08-18 16:24 - 00000000 ____D C:\Program Files\Bitdefender
2016-08-18 16:21 - 2016-08-18 16:22 - 01446792 _____ C:\Users\sidme\Downloads\SteamSetup.exe
2016-08-18 16:21 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-08-18 16:21 - 2013-04-22 12:21 - 00148696 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-08-18 16:20 - 2016-08-18 16:40 - 11438608 _____ (SurfRight B.V.) C:\Users\sidme\Downloads\hitmanpro_x64.exe
2016-08-18 16:20 - 2016-08-18 16:21 - 10606640 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition_x64.exe
2016-08-18 16:20 - 2016-08-18 16:20 - 00196944 _____ C:\Users\sidme\Downloads\Antivirus_Free_Edition.exe
2016-08-17 20:26 - 2016-08-17 20:27 - 00473291 _____ () C:\Users\sidme\Downloads\Everything-1.3.4.686.x86-Setup.exe
2016-08-17 20:13 - 2016-08-23 17:37 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-08-17 19:54 - 2016-08-17 19:54 - 00000000 ____D C:\Program Files\Reason
2016-08-17 19:53 - 2016-08-17 19:54 - 02873112 _____ (Reason Company Software Inc.) C:\Users\sidme\Downloads\herdProtectScan_Setup.exe
2016-08-17 19:44 - 2016-08-17 19:48 - 18309328 _____ (Microsoft Corporation) C:\Users\sidme\Downloads\MediaCreationTool.exe
2016-08-17 18:34 - 2016-08-02 14:14 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-17 18:34 - 2016-08-02 13:50 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-17 18:34 - 2016-08-02 13:25 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 18:34 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 18:30 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-17 18:29 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:29 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 18:27 - 2016-08-02 13:28 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 18:26 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 18:25 - 2016-08-02 10:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-17 18:25 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-17 18:25 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-17 18:25 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 18:25 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-17 18:24 - 2016-08-02 14:18 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-17 18:24 - 2016-08-02 13:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-17 18:24 - 2016-08-02 13:45 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 18:24 - 2016-08-02 13:44 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 18:24 - 2016-08-02 13:41 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:40 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-17 18:24 - 2016-08-02 13:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-17 18:24 - 2016-08-02 13:30 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 18:24 - 2016-08-02 13:29 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 18:24 - 2016-08-02 13:26 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-17 18:24 - 2016-08-02 13:26 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 18:24 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-15 21:01 - 2016-08-15 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-15 15:35 - 2016-08-15 15:35 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Doublefine
2016-08-13 03:16 - 2016-08-13 03:16 - 00000000 ____D C:\Users\sidme\AppData\Local\2K Games
2016-08-11 11:48 - 2016-08-20 02:40 - 00007609 _____ C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-11 11:43 - 2016-08-11 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-09 13:10 - 2016-08-09 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM
2016-08-08 22:38 - 2016-08-08 22:38 - 00000000 ____D C:\Users\sidme\AppData\Roaming\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:37 - 2016-08-08 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-08 22:36 - 2016-08-08 22:38 - 00000000 ____D C:\Program Files\WinRAR
2016-08-07 08:14 - 2016-08-07 08:17 - 00000000 ____D C:\Users\sidme\AppData\Local\UnrealEngine
2016-08-07 08:14 - 2016-08-07 08:14 - 00000000 ____D C:\Users\sidme\AppData\Local\AbzuGame
2016-08-07 06:44 - 2016-08-07 06:44 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Playdead
2016-08-07 06:36 - 2016-08-19 21:11 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 06:35 - 2016-08-07 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INSIDE
2016-08-06 18:22 - 2016-08-07 15:29 - 00000000 ____D C:\ProgramData\Logishrd
2016-08-05 21:34 - 2016-08-05 21:34 - 00000000 ____D C:\ProgramData\Orbit
2016-08-05 21:26 - 2016-08-05 21:26 - 00000871 _____ C:\Users\sidme\Desktop\Watch Dogs.lnk
2016-08-05 21:26 - 2016-08-05 21:26 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Watch Dogs
2016-08-05 18:49 - 2016-08-05 21:34 - 00000000 ____D C:\Users\sidme\Documents\My Games
2016-08-05 18:29 - 2016-08-19 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-04 23:31 - 2016-08-04 23:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Aspyr Media
2016-08-04 20:33 - 2016-08-04 20:33 - 00000000 ____D C:\Users\sidme\AppData\LocalLow\Bloober Team
2016-08-04 20:29 - 2016-08-18 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Layers of Fear Inheritance
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\Documents\Telltale Games
2016-08-04 18:54 - 2016-08-04 18:54 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Steam
2016-08-04 16:49 - 2016-08-18 11:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-04 16:46 - 2016-08-04 16:46 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-04 16:46 - 2016-08-04 16:46 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-04 16:46 - 2016-08-04 16:46 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-04 16:45 - 2016-08-04 16:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-04 16:45 - 2016-08-04 03:20 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files\MSBuild
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-04 16:42 - 2016-08-04 16:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-04 16:42 - 2016-05-26 04:01 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 04:01 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-04 16:42 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-04 16:42 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-04 13:06 - 2016-08-25 00:43 - 00000000 ____D C:\Users\sidme\Desktop\sid important dont delete
2016-08-04 12:55 - 2016-08-22 18:45 - 00000000 ____D C:\Users\sidme\Documents\Square Enix
2016-08-04 12:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-08-04 12:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-08-04 04:03 - 2016-08-04 04:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Macromedia
2016-08-04 04:00 - 2016-08-04 04:00 - 00001022 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2016-08-04 03:46 - 2016-08-04 03:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-04 03:43 - 2016-08-04 04:11 - 00000000 ____D C:\Users\sidme\AppData\Local\ConnectedDevicesPlatform
2016-08-04 03:43 - 2016-08-04 03:43 - 00000020 ___SH C:\Users\sidme\ntuser.ini
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-08-04 03:39 - 2016-08-04 03:39 - 00000000 ____D C:\ProgramData\USOShared
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-04 03:38 - 2016-08-04 03:38 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-04 03:35 - 2016-08-04 03:35 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-04 03:34 - 2016-08-25 18:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-04 03:34 - 2016-08-04 03:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-08-04 03:29 - 2016-08-04 03:29 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-04 03:27 - 2016-08-04 03:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-04 03:26 - 2016-08-20 02:16 - 00000000 ____D C:\Users\sidme
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\My Documents
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Videos
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Pictures
2016-08-04 03:26 - 2016-08-04 03:26 - 00000000 _SHDL C:\Users\sidme\Documents\My Music
2016-08-04 03:23 - 2016-08-25 18:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-04 03:23 - 2016-08-04 03:23 - 00000000 ____D C:\Program Files\Intel
2016-08-04 03:23 - 2016-07-16 17:11 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-04 03:22 - 2016-08-11 17:57 - 00148928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-04 03:22 - 2016-08-04 03:22 - 00000000 ____D C:\Program Files\Realtek
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-04 03:21 - 2016-08-04 03:21 - 00000000 ____D C:\Program Files\Synaptics
2016-08-04 03:20 - 2016-08-25 18:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-04 03:20 - 2016-08-17 19:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-04 02:28 - 2016-08-04 02:29 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-04 00:37 - 2016-08-04 00:37 - 00000000 ____D C:\Users\sidme\AppData\Local\ElevatedDiagnostics
2016-08-03 22:34 - 2016-08-04 03:41 - 00000000 ___HD C:\$GetCurrent
2016-08-02 08:46 - 2016-08-19 21:21 - 00000000 ____D C:\games
2016-08-01 19:35 - 2016-08-04 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2016-08-01 19:35 - 2016-08-01 19:35 - 00001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2016-08-01 19:33 - 2016-08-20 21:03 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-01 19:23 - 2016-08-22 00:07 - 00000000 ____D C:\Users\sidme\Desktop\sid new
2016-08-01 18:15 - 2016-08-01 18:15 - 00000000 ____D C:\ProgramData\GZ
2016-08-01 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-08-01 18:06 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-08-01 18:06 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-08-01 18:06 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-08-01 18:06 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-08-01 18:06 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-08-01 18:06 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-08-01 18:06 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-08-01 18:06 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-08-01 18:06 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-08-01 18:06 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-08-01 18:06 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-08-01 18:06 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-08-01 18:06 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-08-01 18:06 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-08-01 18:06 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-08-01 18:06 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-08-01 18:06 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-08-01 18:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-08-01 18:06 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-08-01 18:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-08-01 18:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-08-01 18:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-08-01 18:06 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-08-01 18:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-08-01 18:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-08-01 18:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-08-01 18:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-08-01 18:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-08-01 18:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-08-01 18:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-08-01 18:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-08-01 18:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-08-01 18:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-08-01 18:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-08-01 18:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-08-01 18:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-08-01 18:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-08-01 18:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-08-01 17:59 - 2016-08-25 17:26 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-01 17:59 - 2016-08-19 21:11 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-08-01 17:59 - 2016-08-04 03:30 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-01 17:58 - 2016-08-01 17:58 - 00002684 _____ C:\Users\sidme\Desktop\µTorrent.lnk
2016-08-01 17:57 - 2016-08-21 21:44 - 00000000 ____D C:\Users\sidme\AppData\Roaming\uTorrent
2016-08-01 17:51 - 2016-08-24 18:06 - 00000000 ____D C:\Fraps
2016-08-01 17:51 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-01 17:46 - 2016-08-04 23:31 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Apple Computer
2016-08-01 17:46 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-01 17:46 - 2016-08-01 17:46 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple Computer
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iPod
2016-08-01 17:46 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-01 17:45 - 2016-08-01 17:46 - 00000000 ____D C:\Program Files\iTunes
2016-08-01 17:45 - 2016-08-01 17:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Users\sidme\AppData\Local\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\ProgramData\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-01 17:45 - 2016-08-01 17:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-01 17:42 - 2009-07-15 00:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-08-01 17:36 - 2016-08-18 16:22 - 00000000 ____D C:\Users\sidme\AppData\Roaming\QuickScan
2016-08-01 17:34 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-08-01 17:34 - 2016-08-01 17:34 - 00000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-08-01 17:34 - 2016-08-01 17:34 - 00000000 ____D C:\Program Files\PowerISO
2016-08-01 17:34 - 2016-05-25 04:36 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-08-01 17:32 - 2016-08-25 18:08 - 00000000 ____D C:\Users\sidme\AppData\Roaming\vlc
2016-08-01 17:31 - 2016-08-04 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-01 17:31 - 2016-08-01 17:31 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-01 17:31 - 2016-08-01 17:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-01 17:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-08-01 17:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-08-01 17:11 - 2016-08-09 13:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\Steam
2016-08-01 17:01 - 2016-08-01 17:01 - 00000000 ____D C:\Users\sidme\AppData\Local\CEF
2016-08-01 16:38 - 2016-08-25 19:18 - 00000000 ____D C:\Users\sidme\AppData\Local\Google
2016-08-01 16:38 - 2016-08-25 19:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-31 13:49 - 2016-07-28 00:55 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-31 13:46 - 2016-08-17 18:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-31 13:46 - 2016-08-17 18:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-31 12:57 - 2016-07-01 09:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-31 12:56 - 2016-07-01 09:10 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-31 04:35 - 2016-08-25 17:33 - 00000000 ____D C:\Users\sidme\Desktop\OpenHardwareMonitor
2016-07-31 04:35 - 2016-08-18 05:12 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Hard Disk Sentinel
2016-07-31 04:34 - 2016-07-31 04:34 - 00000000 ____D C:\Program Files (x86)\Western Digital Corporation
2016-07-31 03:43 - 2016-07-31 03:43 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-31 03:42 - 2016-08-25 18:23 - 00000000 __SHD C:\Users\sidme\IntelGraphicsProfiles
2016-07-31 03:42 - 2016-07-31 03:42 - 00000000 ____D C:\Intel
2016-07-31 01:40 - 2016-07-31 01:40 - 00000000 ____D C:\Users\sidme\AppData\Local\NetworkTiles
2016-07-31 01:39 - 2016-07-31 01:39 - 00001051 _____ C:\Users\sidme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-07-31 01:32 - 2015-08-29 07:01 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-07-31 01:32 - 2015-08-29 07:01 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2016-07-31 01:27 - 2016-07-31 01:27 - 00000000 ____D C:\Users\sidme\AppData\Roaming\HD Tune Pro
2016-07-31 01:26 - 2016-08-20 02:53 - 00000000 ___RD C:\Users\sidme\OneDrive
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\MicrosoftEdge
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\Comms
2016-07-31 01:25 - 2016-07-31 01:25 - 00000000 ____D C:\Users\sidme\AppData\Local\ActiveSync
2016-07-31 01:24 - 2016-07-31 01:24 - 00000000 ____D C:\Users\sidme\AppData\Local\Publishers
2016-07-31 01:23 - 2016-08-04 23:34 - 00000000 ____D C:\Users\sidme\AppData\Local\VirtualStore
2016-07-31 01:23 - 2016-08-04 04:39 - 00000000 ____D C:\Users\sidme\AppData\Local\Packages
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Roaming\Adobe
2016-07-31 01:23 - 2016-07-31 01:23 - 00000000 ____D C:\Users\sidme\AppData\Local\TileDataLayer
2016-07-31 01:11 - 2016-08-25 18:28 - 01397822 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-07-31 01:07 - 2016-07-31 01:07 - 00000000 _SHDL C:\Documents and Settings
2016-07-31 01:04 - 2016-07-31 01:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-25 18:21 - 2016-07-16 11:34 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-25 17:03 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 13:23 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-24 19:53 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\rescache
2016-08-24 17:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 23:49 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\INF
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-23 23:43 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-23 23:42 - 2016-07-16 17:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 17:44 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\Help
2016-08-18 16:19 - 2016-07-16 11:34 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-18 05:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-18 05:06 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\registration
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-17 19:23 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-12 01:54 - 2015-10-30 11:58 - 00000000 ____D C:\Users\Default.migrated
2016-08-05 03:52 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 16:49 - 2016-07-16 17:19 - 00000000 ____D C:\WINDOWS\Setup
2016-08-04 16:49 - 2016-07-16 17:17 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-04 16:45 - 2016-07-16 19:41 - 00000000 ____D C:\WINDOWS\OCR
2016-08-04 03:43 - 2016-04-27 11:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-04 03:39 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-04 03:37 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-04 03:37 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-04 03:34 - 2016-07-16 17:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-04 03:29 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-04 03:28 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-04 03:24 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\MiracastView
 
==================== Files in the root of some directories =======
 
2016-08-11 11:48 - 2016-08-20 02:40 - 0007609 _____ () C:\Users\sidme\AppData\Local\Resmon.ResmonCfg
2016-08-04 03:22 - 2016-08-04 03:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-23 23:33
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by sidme (25-08-2016 19:36:14)
Running from C:\Users\sidme\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-08-03 22:12:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3198014182-4150849369-2890672605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198014182-4150849369-2890672605-503 - Limited - Disabled)
Guest (S-1-5-21-3198014182-4150849369-2890672605-501 - Limited - Disabled)
sidme (S-1-5-21-3198014182-4150849369-2890672605-1001 - Administrator - Enabled) => C:\Users\sidme
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
No Man's Sky (HKLM-x32\...\No Man's Sky_is1) (Version:  - )
NVIDIA 3D Vision Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.0 (HKLM-x32\...\RTSS) (Version: 6.4.0 - Unwinder)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3198014182-4150849369-2890672605-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {39DC9D49-6DFD-4F7F-8CF5-D0E091D74896} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-25] (Google Inc.)
Task: {99E8996A-01BC-42A1-8842-EFEB29088849} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB36820E-21C5-4041-95CF-C5BA046BA259} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-25] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-18 16:24 - 2013-03-19 11:07 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-08-18 16:24 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-04 03:46 - 2016-08-04 03:46 - 00959168 _____ () C:\Users\sidme\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-08-08 22:37 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2016-08-17 17:25 - 2016-08-17 17:31 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-17 17:25 - 2016-08-17 17:31 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 17:25 - 2016-08-17 17:36 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-07-16 17:12 - 2016-07-16 17:12 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-23 23:40 - 2016-08-06 09:13 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-23 23:41 - 2016-08-06 08:58 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-23 23:41 - 2016-08-06 08:51 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-23 23:41 - 2016-08-06 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-08-23 17:44 - 2016-08-11 17:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-17 17:30 - 2016-08-17 17:35 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-17 17:30 - 2016-08-17 17:35 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-17 17:30 - 2016-08-17 17:32 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-17 17:30 - 2016-08-17 17:36 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-25 19:18 - 2016-08-03 05:11 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-25 19:18 - 2016-08-03 05:10 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-23 17:45 - 2016-06-15 01:33 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 12:54 - 2015-10-30 12:51 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sidme\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{add7acab-a217-46ef-9212-3889f05b2424}.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKU\S-1-5-21-3198014182-4150849369-2890672605-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F6E5B6F5-D321-46F2-A526-71166051782E}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8497053E-1CA4-4782-8A05-E07C08B95D44}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC134425-8511-473B-AE6E-7E91A066A397}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{86D87ACF-FEAF-479D-93F3-CF49C4B3B4F1}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3AB3919-8015-4C48-9EF5-FE2ED1B7CE06}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F926D1B4-107C-4AAD-ACA6-112F86D75CE3}] => (Allow) C:\Users\sidme\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E3E9DA49-3E6E-4F0D-8638-111835196C06}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BDF5C1E6-B1CE-4BC6-8090-90EDF866C5D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F50D480E-C6BF-491D-A56F-904D4AB74B4E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5362FE75-3AAA-496C-B932-8C0DDBBE6768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB2F272-7B2C-4A39-90B5-A989C8980F70}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{268266DA-E254-4148-89D0-6A13C29CF6DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F44F7FFF-3E2E-4E8A-A83C-B323C50FC8B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D0C9D04-B298-41AE-BF92-9F58A4423822}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F6662A4-D32D-4C4E-9942-2BCA382C5700}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{775A0274-61DA-4BE6-BFEA-5F10FFC035B8}] => (Block) %ProgramFiles% (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{C88B7450-E939-40F9-9C36-6C31612D1FF5}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{B47856C7-F43D-407B-BEB2-E33BE2CBA580}] => (Allow) C:\games\INSIDE\Steam\Steam.exe
FirewallRules: [{DBC591EA-BAA1-466D-BC42-7A522E999ABC}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FD628FD-A29D-45EA-A6B9-7B9066CD63E7}] => (Allow) C:\games\INSIDE\Steam\bin\steamwebhelper.exe
FirewallRules: [{971E087A-8A4A-48BE-A8AC-E741C3B38186}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{A693DAEA-C358-491D-A908-0A3E5EC87506}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\Steam.exe
FirewallRules: [{1754437C-5137-421F-B6F8-822B32BD7DE9}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1F062F8-3A46-432F-9074-76AEB9B7C088}] => (Allow) C:\games\ABZU.Incl.Update.1.Steam.Rip\Steam\bin\steamwebhelper.exe
FirewallRules: [{2942D6F7-59D4-4917-8203-0745C311C0FD}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{BC391DB5-B86A-4421-8F06-2246D34A7D94}] => (Allow) C:\games\DOOM\Steam\Steam.exe
FirewallRules: [{FC0D6ECC-6FC9-4D27-80D4-16E359598F9C}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{778E4D7C-D2A2-4599-BE90-B82968E8A415}] => (Allow) C:\games\DOOM\Steam\bin\steamwebhelper.exe
FirewallRules: [{BAFABA28-BA61-4AE6-B133-0EDAA70C88AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DBC47C4D-BF3C-4D7D-BCC6-CD44AAE810BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{4755D5CA-A5F8-4582-A48F-5DBBBC937472}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{9F129520-7606-49EC-B6F3-8BFF08A6A0F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{E87D6997-8AC2-48C3-9B62-7CBA7BA9EA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96FA9D5D-6B70-4B6A-B8FF-27BC9354887B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA803A53-BF47-4C86-817E-FCDF6CD47169}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7015EAA8-7403-4F97-8126-B7DF6A6E915D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{53212954-50B8-45A5-A821-6E516937B5EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{40D3AFD2-9FC0-4AAB-89A7-261009EB0A4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{192E4558-3BEB-4DB8-B1CE-4D077365461F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B3283FB9-F0D8-48D7-B175-0F668CD71C49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
19-08-2016 13:03:04 Installed DirectX
22-08-2016 02:29:44 important
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/25/2016 06:28:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:28:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/25/2016 06:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/25/2016 06:20:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {50677b16-f0e2-40cf-8f50-2749d405c183}
 
Error: (08/25/2016 05:00:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0xf28
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/24/2016 12:17:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SIDHAARTH)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/23/2016 11:46:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 7.1.2084.9592, time stamp: 0x57605c64
Faulting module name: ntdll.dll, version: 10.0.14393.82, time stamp: 0x57a55744
Exception code: 0xc0000005
Fault offset: 0x000000000003061d
Faulting process id: 0x90c
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report Id: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: services (884) Database recovery/restore failed with unexpected error -551.
 
Error: (08/23/2016 05:45:35 PM) (Source: ESENT) (EventID: 517) (User: )
Description: services (884) Database recovery failed with error -551 because it encountered references to a database, 'C:\WINDOWS\Security\Database\secedit.sdb', which does not match the current set of logs. The database engine will not permit recovery to complete for this instance until the mismatching database is re-instated. If the database is truly no longer available or no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.
 
 
System errors:
=============
Error: (08/25/2016 06:29:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:27:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:27:18 PM) (Source: DCOM) (EventID: 10010) (User: SIDHAARTH)
Description: {37998346-3765-45B1-8C66-AA88CA6B20B8}
 
Error: (08/25/2016 06:25:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:24:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
%%2147500037 = Unspecified error
 
Error: (08/25/2016 06:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/25/2016 06:20:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/25/2016 06:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-08-18 12:47:49.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-08-17 23:53:27.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_561c3173c020f30d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 24%
Total physical RAM: 16296.27 MB
Available physical RAM: 12277.94 MB
Total Virtual: 18728.27 MB
Available Virtual: 14716.05 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:693.6 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#15 cyanogensid

cyanogensid
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 25 August 2016 - 09:10 AM

CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M226E02D5-0561-4E0A-961E-CC215F6571F0&SearchSource=55&CUI=&UM=5&UP=SP5C510CAA-3DA5-42E2-A4EC-DAA98928AA4B&SSPV=TBannersA_sp_ch
CHR StartupUrls: Default -> "hxxp://websearch.searchandfly.info/?pid=377&r=2014/09/22&hid=17410538761284894517&lg=EN&cc=IN&unqvl=62"
 
 
can this be bacause of my mothers laptop as i am logged in her chrome also...

Edited by cyanogensid, 25 August 2016 - 09:10 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users