Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GMER finds rootkits and unknown MBR code and experiencing pop ups and redirects


  • This topic is locked This topic is locked
15 replies to this topic

#1 ynottony

ynottony

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 12 December 2016 - 07:58 PM

Hi guys, i've been experiencing some unsual changes in my laptop system this past weeks like having long startup time and a cmd message opens when the desktop loads. after i scan my system with gmer it shows some rootkit activity and an unknown mbr code then i reset my windows without removing my personal files but after it gmer still shows rootkits and i also keep seeing pop ups and links are redirected.
 
here's the result
 
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-12-12 10:46:45
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003c HGST_HTS721010A9E630 rev.JB0OA3J0 931.51GB
Running: 727k05mp.exe; Driver: C:\Users\tony\AppData\Local\Temp\pgldrkod.sys
 
 
---- Disk sectors - GMER 2.2 ----
 
Disk     \Device\Harddisk0\DR0                              unknown MBR code
 
---- Threads - GMER 2.2 ----
 
Thread   C:\WINDOWS\system32\csrss.exe [9868:7280]          ffffc1514d5e6c20
Thread   C:\WINDOWS\Explorer.EXE [10816:9388]               00007ffcdf3020e0
Thread   C:\WINDOWS\Explorer.EXE [10816:5732]               00007ffcdf3020e0
Thread   C:\WINDOWS\Explorer.EXE [10816:9156]               00007ffcdf3020e0
Thread   C:\WINDOWS\Explorer.EXE [10816:8620]               00007ffcc41a20e0
Thread   C:\WINDOWS\Explorer.EXE [10816:11184]              00007ffce06d20e0
 
---- Services - GMER 2.2 ----
 
Service  C:\WINDOWS\System32\qmgr.dll (*** hidden *** )     [MANUAL] BITS                           <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [AUTO] CDPUserSvc_58fff                 <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [MANUAL] MessagingService_58fff         <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [AUTO] OneSyncSvc_58fff                 <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [MANUAL] PimIndexMaintenanceSvc_58fff   <-- ROOTKIT !!!
Service  C:\WINDOWS\System32\svchost.exe (*** hidden *** )  [MANUAL] UnistoreSvc_58fff              <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [MANUAL] UserDataSvc_58fff              <-- ROOTKIT !!!
Service  C:\WINDOWS\system32\svchost.exe (*** hidden *** )  [MANUAL] WpnUserService_58fff           <-- ROOTKIT !!!
 
---- EOF - GMER 2.2 ----
 
i didnt make a full system scan with gmer
 
and Here is the FRST log
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by TONY (administrator) on DESKTOP-2G8ID0A (12-12-2016 21:13:13)
Running from C:\Users\tony\Downloads\Programs
Loaded Profiles: TONY (Available Profiles: TONY)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Conexant Systems, Inc.) C:\Windows\syswow64\SASrv.exe
() C:\Program Files (x86)\MobileBrServ\mbbService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-06-01] ()
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3998832 2016-11-25] (Tonec Inc.)
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\MountPoints2: {ad7695be-8c88-11e6-9c72-2c56dca4ff57} - "F:\AutoRun.exe" 
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{40993488-4b8e-400e-a544-fa363639f86a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9ac186e3-6fe6-4f95-9023-02928769a9ad}: [DhcpNameServer] 192.168.168.1
Tcpip\..\Interfaces\{baf9ab7d-a322-4227-8c49-1cb89c0ee10d}: [DhcpNameServer] 192.168.8.1 192.168.8.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-10-03] (McAfee, Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2016-10-03] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-07] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5 [2016-12-12] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-07] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-10-18] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (Google Slides) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Google Docs) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Google Sheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-13] (ASUS) [File not signed]
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [607160 2015-08-13] ()
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] ()
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-02] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-17] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 MFE_RR; C:\Users\tony\AppData\Local\Temp\mfe_rr.sys [24120 2016-12-08] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e04d68fb0b0ccd77\nvlddmkm.sys [14181304 2016-12-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [19616 2015-06-13] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 pgldrkod; C:\Users\tony\AppData\Local\Temp\pgldrkod.sys [56584 2016-12-07] (GMER) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-12 21:13 - 2016-12-12 21:13 - 00000000 ____D C:\FRST
2016-12-12 21:08 - 2016-12-12 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-12 17:38 - 2016-12-12 17:38 - 00001201 _____ C:\Users\Public\Desktop\Connect2.lnk
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect2
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-12 17:35 - 2016-12-12 17:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-12 13:01 - 2016-12-12 13:01 - 00000000 ____D C:\Users\tony\Desktop\New folder
2016-12-12 09:43 - 2016-12-12 09:43 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-12 09:43 - 2016-12-12 09:43 - 00001159 _____ C:\Users\Public\Desktop\GameFirst IV.lnk
2016-12-12 09:43 - 2016-12-12 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2016-12-12 09:43 - 2015-01-14 08:59 - 00051904 _____ (Titan ARC Corp.) C:\WINDOWS\system32\Drivers\netfilter2.sys
2016-12-12 09:31 - 2016-12-12 21:04 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-12-12 09:31 - 2016-12-12 09:31 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-12-12 09:31 - 2016-12-12 09:31 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-12-12 09:31 - 2016-12-12 09:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-12-12 09:12 - 2016-12-12 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-12 09:12 - 2016-12-12 12:00 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-12 09:12 - 2016-12-12 09:12 - 00003976 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-12-12 09:08 - 2016-12-12 15:28 - 00000000 ____D C:\Users\tony\Downloads\Video
2016-12-09 18:46 - 2016-12-12 17:47 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7527B890-9B1E-4B62-96B9-900E9F2530ED}
2016-12-09 01:00 - 2016-12-09 01:00 - 00000000 ____D C:\Program Files (x86)\MobileBrServ
2016-12-08 19:41 - 2016-12-08 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-08 14:34 - 2016-12-08 20:08 - 00000000 ____D C:\ProgramData\TEMP
2016-12-08 14:33 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2016-12-08 14:32 - 2016-12-10 16:34 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2016-12-08 14:12 - 2016-12-08 14:12 - 00001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 13:29 - 2016-12-08 13:30 - 00006638 _____ C:\TDSSKiller.3.1.0.12_08.12.2016_13.29.47_log.txt
2016-12-08 12:42 - 2016-12-08 12:42 - 00000000 ___HD C:\$SysReset
2016-12-07 21:45 - 2016-12-07 21:45 - 00000768 _____ C:\Users\tony\Desktop\Dragons Dogma Dark Arisen.lnk
2016-12-07 21:45 - 2016-12-07 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragons Dogma Dark Arisen
2016-12-07 21:18 - 2016-12-07 21:21 - 00000000 ____D C:\Users\tony\AppData\Local\NPE
2016-12-07 21:18 - 2016-12-07 21:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Roaming\Steam
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Local\CAPCOM
2016-12-07 20:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-07 20:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-07 20:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-07 20:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-07 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-07 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-07 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-07 20:52 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-07 20:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-07 20:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-07 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-07 20:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-07 20:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-07 15:45 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\ASUS
2016-12-07 15:44 - 2016-12-07 15:44 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-12-07 15:44 - 2016-12-07 01:23 - 00000000 ____D C:\Windows.old
2016-12-07 15:44 - 2016-12-07 00:22 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-07 15:43 - 2016-12-07 15:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-07 15:43 - 2016-12-06 23:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-07 15:41 - 2016-12-07 15:41 - 00000000 ____D C:\WINDOWS\Setup
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\WINDOWS\OCR
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files\MSBuild
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-07 15:39 - 2016-12-07 11:46 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\system32\0409
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-12-07 15:35 - 2016-10-29 07:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-07 15:35 - 2016-10-29 07:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-07 15:34 - 2016-12-12 11:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-07 15:34 - 2016-12-12 11:30 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-07 15:34 - 2016-12-12 09:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-07 15:34 - 2016-12-09 00:42 - 00000000 ____D C:\WINDOWS\appcompat
2016-12-07 15:34 - 2016-12-08 12:54 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-07 15:34 - 2016-12-07 15:44 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-07 15:34 - 2016-12-07 15:39 - 00000000 ____D C:\WINDOWS\SystemApps
2016-12-07 15:34 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-12-07 15:34 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\system32\Com
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __RSD C:\WINDOWS\Media
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Web
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Vss
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\tracing
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\TAPI
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SystemResources
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ras
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\IME
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ias
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\DDFs
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\System
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SKB
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\security
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\schemas
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SchCache
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Resources
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\rescache
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\PLA
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Performance
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Globalization
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Cursors
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Branding
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\addins
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\ProgramData\Comms
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows NT
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Common Files\Services
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-12-07 15:34 - 2016-12-07 15:32 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-12-07 15:34 - 2016-12-07 15:32 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-12-07 15:34 - 2016-12-07 15:32 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-12-07 15:34 - 2016-12-07 15:32 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-12-07 15:34 - 2016-12-07 15:32 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK
2016-12-07 15:34 - 2016-12-07 15:32 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-12-07 15:34 - 2016-12-07 15:32 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-12-07 15:34 - 2016-12-07 15:32 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-12-07 15:34 - 2016-12-07 15:32 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___RD C:\Program Files\Windows Defender
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\Provisioning
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-07 15:34 - 2016-12-07 13:52 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-12-07 15:34 - 2016-12-07 13:28 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-07 15:34 - 2016-12-07 13:26 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-07 15:34 - 2016-12-07 10:49 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-07 15:34 - 2016-12-07 09:57 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-07 15:34 - 2016-12-07 00:21 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-07 15:34 - 2016-12-07 00:18 - 00000000 ____D C:\WINDOWS\Registration
2016-12-07 15:34 - 2016-12-07 00:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\IME
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\Help
2016-12-07 15:34 - 2016-12-06 23:56 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-07 15:34 - 2016-12-06 23:56 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-07 15:34 - 2016-12-06 23:48 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-07 15:32 - 2016-12-12 17:43 - 00000000 ____D C:\WINDOWS\INF
2016-12-07 15:23 - 2016-12-07 13:35 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-07 15:18 - 2016-12-12 09:53 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-07 15:18 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-12-07 15:18 - 2016-12-07 14:27 - 00000000 ____D C:\WINDOWS\servicing
2016-12-07 15:18 - 2016-12-07 09:26 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-07 14:51 - 2016-12-07 14:51 - 00000000 ____D C:\Users\tony\Documents\Custom Office Templates
2016-12-07 13:44 - 2016-12-07 13:44 - 161417105 _____ C:\Users\tony\Downloads\DD Brady.pdf
2016-12-07 13:40 - 2016-12-07 13:09 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-07 13:36 - 2016-12-07 13:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-07 13:35 - 2016-12-07 13:35 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-07 13:33 - 2016-12-07 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-07 13:29 - 2016-12-07 13:29 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-12-07 13:28 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-07 13:28 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-07 13:27 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-07 13:27 - 2016-12-07 13:27 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-12-07 13:25 - 2016-12-07 13:27 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-07 13:25 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-12-07 13:25 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-07 13:16 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-07 13:03 - 2016-12-07 13:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\Skype
2016-12-07 12:37 - 2016-12-07 12:37 - 00000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2016-12-07 12:16 - 2016-12-07 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-07 11:31 - 2016-12-07 12:59 - 00000230 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00002492 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 09:56 - 2016-12-07 09:56 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-07 09:55 - 2016-12-07 09:55 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Users\tony\AppData\Roaming\Macromedia
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-07 09:35 - 2016-12-07 09:35 - 00000600 _____ C:\Users\tony\PUTTY.RND
2016-12-07 09:21 - 2016-12-07 09:21 - 00003338 _____ C:\WINDOWS\System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE}
2016-12-07 09:06 - 2016-12-07 09:06 - 00001084 _____ C:\Users\tony\Desktop\Internet Download Manager.lnk
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-07 08:53 - 2016-12-07 08:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-07 08:53 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-07 08:53 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-07 08:53 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-07 08:53 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-07 08:50 - 2016-12-02 04:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00439864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-07 08:50 - 2016-12-02 04:02 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-07 08:47 - 2016-12-07 08:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\NVIDIA
2016-12-07 08:44 - 2016-12-10 13:55 - 00000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2016-12-07 08:44 - 2016-12-07 10:40 - 00000000 ____D C:\Users\tony\AppData\Roaming\uTorrent
2016-12-07 08:44 - 2016-12-07 09:11 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-07 08:44 - 00000897 _____ C:\Users\tony\Desktop\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000877 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-07 08:44 - 2016-12-02 01:33 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-07 08:44 - 2016-11-17 21:42 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-07 08:44 - 2016-11-17 21:42 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-07 08:44 - 2016-11-17 21:42 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-07 08:44 - 2016-11-17 21:42 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-07 08:44 - 2016-11-17 21:42 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-07 08:43 - 2016-11-17 21:42 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-07 08:43 - 2016-11-17 21:42 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-07 08:43 - 2016-11-17 21:42 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\Users\tony\AppData\Local\Lenovo
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-07 08:39 - 2016-12-08 12:14 - 00000000 ____D C:\Users\tony\Downloads\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-12-07 08:34 - 2016-12-07 08:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2016-12-07 08:30 - 2016-12-07 08:30 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 08:30 - 2016-12-07 08:30 - 00002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 08:27 - 2016-12-07 10:42 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-07 08:27 - 2016-12-07 10:42 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-07 08:27 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\Google
2016-12-07 08:27 - 2016-12-07 08:33 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-07 08:27 - 2016-12-07 08:33 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-07 08:27 - 2016-12-07 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
2016-12-07 01:46 - 2016-12-12 18:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\DMCache
2016-12-07 01:46 - 2016-12-08 13:36 - 00000000 ____D C:\Users\tony\Downloads\Compressed
2016-12-07 01:46 - 2016-12-07 13:37 - 00000000 ____D C:\Users\tony\AppData\Roaming\IDM
2016-12-07 01:46 - 2016-12-07 10:41 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 09:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 01:46 - 00000000 ____D C:\ProgramData\IDM
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 00:57 - 2016-12-07 00:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-07 00:54 - 2016-12-07 15:02 - 00000000 ____D C:\Users\tony\AppData\Local\Microsoft Help
2016-12-07 00:54 - 2016-12-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help.old
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\Users\tony\AppData\Roaming\SYSTEMAX Software Development
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-12-07 00:43 - 2016-12-07 00:43 - 00000000 ____D C:\Users\tony\AppData\Local\Comms
2016-12-07 00:41 - 2016-12-07 00:42 - 00000000 ____D C:\Users\tony\AppData\Roaming\vlc
2016-12-07 00:38 - 2016-12-07 00:38 - 00003212 _____ C:\WINDOWS\System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789}
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\Steam
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\CEF
2016-12-07 00:35 - 2016-12-07 00:35 - 00000000 ____D C:\Users\tony\AppData\Local\MicrosoftEdge
2016-12-07 00:32 - 2016-12-07 00:32 - 00000000 ____D C:\Users\tony\AppData\Roaming\awsRun
2016-12-07 00:30 - 2016-12-07 00:30 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-12-07 00:28 - 2016-12-12 09:43 - 00002366 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-07 00:28 - 2016-12-07 00:28 - 00000000 ____D C:\Users\tony\AppData\Local\Conexant
2016-12-07 00:27 - 2016-12-07 08:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DropboxOEM
2016-12-07 00:27 - 2016-12-07 00:27 - 00000000 ____D C:\Users\tony\AppData\Local\DropboxOEM
2016-12-07 00:26 - 2016-12-12 21:03 - 00000165 _____ C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-07 00:25 - 2016-12-12 21:03 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-07 00:25 - 2016-12-12 11:33 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2016-12-07 00:25 - 2016-12-07 10:28 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA Corporation
2016-12-07 00:25 - 2016-12-07 08:46 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA
2016-12-07 00:25 - 2016-12-07 01:35 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\WebStorage
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\Adobe
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\TileDataLayer
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\Publishers
2016-12-07 00:24 - 2016-12-07 01:35 - 00000000 ____D C:\Users\tony\AppData\Local\ConnectedDevicesPlatform
2016-12-07 00:24 - 2016-12-07 00:24 - 00000020 ___SH C:\Users\tony\ntuser.ini
2016-12-07 00:24 - 2016-12-07 00:24 - 00000000 ____D C:\Users\tony\AppData\Roaming\Intel
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\All Users
2016-12-07 00:21 - 2016-12-07 00:21 - 00013850 _____ C:\Users\tony\Desktop\Removed Apps.html
2016-12-07 00:17 - 2016-12-07 00:17 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-07 00:11 - 2016-12-12 13:03 - 00000000 ____D C:\Users\tony
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\My Documents
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Videos
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Pictures
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Music
2016-12-07 00:10 - 2016-12-07 00:10 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-07 00:01 - 2016-12-07 00:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-06 23:55 - 2016-12-12 21:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-06 23:55 - 2016-12-07 08:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-06 23:55 - 2016-12-07 08:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-06 23:55 - 2016-12-06 23:55 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-12-06 23:55 - 2016-12-02 01:32 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-06 23:55 - 2016-11-30 17:34 - 07607057 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-06 23:55 - 2015-08-13 21:42 - 00107008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-12-06 23:55 - 2015-08-13 21:42 - 00101392 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-12-06 23:54 - 2016-12-07 00:02 - 00000000 ____D C:\Program Files\Intel
2016-12-06 23:54 - 2016-12-06 23:54 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2016-12-06 23:54 - 2016-12-06 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-12-06 23:53 - 2016-12-07 00:04 - 00000000 ____D C:\ProgramData\Conexant
2016-12-06 23:53 - 2016-12-06 23:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-12-06 23:53 - 2016-12-06 23:53 - 00000000 ____D C:\Program Files\CONEXANT
2016-12-06 23:53 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-12-06 23:53 - 2011-09-01 00:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-12-06 23:52 - 2016-12-07 00:03 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-06 23:52 - 2016-12-06 23:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-06 23:49 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-06 23:48 - 2016-12-06 23:48 - 00000000 ____D C:\ProgramData\USOShared
2016-12-06 23:47 - 2016-12-12 09:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-06 23:46 - 2016-12-09 09:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 23:46 - 2016-12-07 13:56 - 00352616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-06 09:05 - 2016-12-06 09:05 - 00000000 ____D C:\NPE
2016-12-06 07:54 - 2016-12-06 07:54 - 00000000 ____D C:\Users\tony\AppData\LocalLow\uTorrent
2016-12-05 21:47 - 2016-12-05 21:47 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-12-05 21:46 - 2016-12-05 21:47 - 00202104 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.46.10_log.txt
2016-12-05 21:32 - 2016-12-05 21:32 - 00006660 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.32.14_log.txt
2016-12-05 20:28 - 2016-12-05 20:29 - 00008900 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.28.27_log.txt
2016-12-05 20:27 - 2016-12-05 20:28 - 00006638 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.27.50_log.txt
2016-12-05 12:56 - 2016-12-05 21:24 - 00181038 _____ C:\spyhunter.fix
2016-12-05 10:24 - 2016-12-05 10:24 - 00000000 ___HD C:\TMRescueDisk
2016-12-05 08:06 - 2016-12-05 08:06 - 00000000 _____ C:\autoexec.bat
2016-12-04 22:08 - 2016-12-04 22:08 - 00000385 _____ C:\Users\tony\AppData\Roaminguser_gensett.xml
2016-12-04 22:06 - 2016-12-05 09:55 - 00002367 _____ C:\bdlog.txt
2016-12-04 01:33 - 2016-12-04 21:56 - 00000000 ___HD C:\$AVG
2016-12-02 20:42 - 2016-12-07 21:12 - 00000000 ____D C:\Users\tony\Desktop\KAY LOLOY
2016-11-30 23:21 - 2016-10-17 23:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-11-23 09:39 - 2016-11-23 09:47 - 00000000 ____D C:\Koe no Katachi
2016-11-23 08:00 - 2016-11-02 20:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-23 08:00 - 2016-11-02 20:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-23 08:00 - 2016-11-02 19:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-23 08:00 - 2016-11-02 19:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-23 08:00 - 2016-11-02 19:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-23 08:00 - 2016-11-02 19:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-23 08:00 - 2016-11-02 19:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-23 08:00 - 2016-11-02 19:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-23 08:00 - 2016-11-02 19:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-23 08:00 - 2016-11-02 19:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-23 08:00 - 2016-11-02 19:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-23 08:00 - 2016-11-02 19:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-23 08:00 - 2016-11-02 19:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-23 08:00 - 2016-11-02 19:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-23 08:00 - 2016-11-02 19:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-23 08:00 - 2016-11-02 19:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-23 08:00 - 2016-11-02 19:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-23 08:00 - 2016-11-02 19:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-23 08:00 - 2016-11-02 19:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-23 08:00 - 2016-11-02 19:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-23 08:00 - 2016-11-02 19:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-23 08:00 - 2016-11-02 19:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-23 08:00 - 2016-11-02 19:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-23 08:00 - 2016-11-02 19:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-23 08:00 - 2016-11-02 18:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-23 08:00 - 2016-11-02 18:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-23 08:00 - 2016-11-02 18:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-23 08:00 - 2016-11-02 18:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-23 08:00 - 2016-11-02 18:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-23 08:00 - 2016-11-02 18:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-23 08:00 - 2016-11-02 18:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-23 08:00 - 2016-11-02 18:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-23 08:00 - 2016-11-02 18:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-23 08:00 - 2016-11-02 18:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-23 08:00 - 2016-11-02 18:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-23 08:00 - 2016-11-02 18:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-23 08:00 - 2016-11-02 18:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-23 08:00 - 2016-11-02 18:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-23 08:00 - 2016-11-02 18:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-23 08:00 - 2016-11-02 18:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-23 08:00 - 2016-11-02 18:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-23 08:00 - 2016-11-02 18:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-23 08:00 - 2016-11-02 18:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-23 08:00 - 2016-11-02 18:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-23 08:00 - 2016-11-02 18:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-23 08:00 - 2016-11-02 18:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-23 08:00 - 2016-11-02 18:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-23 08:00 - 2016-11-02 18:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-23 08:00 - 2016-11-02 18:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-23 08:00 - 2016-11-02 18:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-23 08:00 - 2016-11-02 18:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-23 08:00 - 2016-11-02 18:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-23 08:00 - 2016-11-02 18:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-23 08:00 - 2016-11-02 18:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-23 08:00 - 2016-11-02 18:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-23 08:00 - 2016-11-02 18:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-23 08:00 - 2016-11-02 18:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-23 08:00 - 2016-11-02 18:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-23 08:00 - 2016-11-02 18:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-23 08:00 - 2016-11-02 18:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-23 08:00 - 2016-11-02 18:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-23 08:00 - 2016-11-02 18:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-23 08:00 - 2016-11-02 18:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-23 08:00 - 2016-11-02 16:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-23 08:00 - 2016-08-02 12:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-23 07:59 - 2016-11-02 19:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-23 07:59 - 2016-11-02 19:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-23 07:59 - 2016-11-02 19:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-23 07:59 - 2016-11-02 19:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-23 07:59 - 2016-11-02 19:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-23 07:59 - 2016-11-02 19:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-23 07:59 - 2016-11-02 19:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-23 07:59 - 2016-11-02 19:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-23 07:59 - 2016-11-02 18:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-23 07:59 - 2016-11-02 18:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-23 07:59 - 2016-11-02 18:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-23 07:59 - 2016-11-02 18:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-23 07:59 - 2016-11-02 18:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-23 07:59 - 2016-11-02 18:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-23 07:59 - 2016-11-02 18:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-23 07:59 - 2016-11-02 18:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-23 07:59 - 2016-11-02 18:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-23 07:59 - 2016-11-02 18:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-23 07:59 - 2016-11-02 18:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-23 07:59 - 2016-11-02 18:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-23 07:59 - 2016-11-02 18:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-23 07:59 - 2016-11-02 18:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-23 07:59 - 2016-11-02 18:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-23 07:59 - 2016-11-02 18:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-23 07:59 - 2016-11-02 18:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-23 07:59 - 2016-11-02 18:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-23 07:59 - 2016-11-02 18:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-23 07:59 - 2016-11-02 18:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-23 07:59 - 2016-11-02 18:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-23 07:59 - 2016-11-02 18:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-23 07:59 - 2016-11-02 18:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-23 07:59 - 2016-11-02 18:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-23 07:59 - 2016-11-02 18:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-23 07:59 - 2016-11-02 18:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-23 07:59 - 2016-11-02 18:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-23 07:59 - 2016-11-02 18:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-23 07:59 - 2016-11-02 18:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-23 07:59 - 2016-11-02 17:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-23 07:59 - 2016-11-02 17:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-15 18:59 - 2016-11-15 18:59 - 00000000 ____D C:\Users\tony\.thumbnails
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-12 21:02 - 2015-11-19 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-12 21:01 - 2016-07-13 05:59 - 00000000 __SHD C:\Users\tony\IntelGraphicsProfiles
2016-12-12 10:00 - 2015-08-18 16:36 - 01117584 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-12 09:43 - 2016-07-13 06:02 - 00000000 ___RD C:\Users\tony\OneDrive
2016-12-12 09:43 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-12 09:31 - 2015-07-10 19:04 - 00000199 _____ C:\WINDOWS\win.ini
2016-12-12 09:14 - 2015-11-19 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:14 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-12-12 09:12 - 2015-11-19 20:26 - 00000000 ____D C:\ProgramData\ASUS
2016-12-08 11:35 - 2016-09-13 22:32 - 00000000 ____D C:\Users\tony\Desktop\THESIS
2016-12-07 22:37 - 2016-09-12 23:34 - 00000000 ____D C:\Users\tony\Desktop\ARTWORK
2016-12-07 20:32 - 2016-07-15 18:31 - 00000000 ____D C:\Games
2016-12-07 14:02 - 2015-11-19 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-07 13:29 - 2015-07-10 21:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\McAfee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-07 09:58 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-12-07 08:52 - 2015-11-19 19:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-07 08:44 - 2015-11-19 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-07 00:46 - 2016-09-16 18:18 - 00000000 ____D C:\PaintToolSAI
2016-12-07 00:30 - 2015-11-19 19:41 - 00000000 ____D C:\ProgramData\Intel
2016-12-07 00:25 - 2015-08-18 16:34 - 00000000 ____D C:\WINDOWS\Log
2016-12-07 00:17 - 2015-07-10 19:04 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-07 00:10 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
2016-12-07 00:09 - 2015-11-19 20:03 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-07 00:09 - 2015-11-19 19:56 - 00000000 ____D C:\WINDOWS\Cnxt
2016-12-07 00:09 - 2015-08-18 16:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-12-07 00:09 - 2015-07-10 19:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-12-07 00:09 - 2015-07-10 19:04 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-12-07 00:05 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WebStorage
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-12-07 00:04 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:02 - 00000000 ____D C:\ProgramData\Intel.sav
2016-12-07 00:04 - 2015-11-19 19:58 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-07 00:04 - 2015-11-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-07 00:04 - 2015-08-18 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-07 00:04 - 2015-08-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\ICEpower
2016-12-07 00:03 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-12-07 00:03 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-07 00:03 - 2015-08-18 16:38 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-07 00:03 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-12-07 00:03 - 2015-07-10 21:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-07 00:02 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee.com
2016-12-07 00:02 - 2015-11-19 20:12 - 00000000 ____D C:\Program Files\DIFX
2016-12-07 00:02 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files\Intel Corporation
2016-12-07 00:02 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-04 11:58 - 2016-08-27 20:33 - 00000000 ____D C:\Users\tony\.android
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\vmlogs
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\.BigNox
2016-12-02 04:02 - 2016-03-22 06:52 - 03934320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-02 04:02 - 2016-03-22 06:52 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-02 04:02 - 2016-03-22 06:35 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-02 04:02 - 2016-03-22 05:19 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-27 15:05 - 2016-10-29 15:22 - 00000000 ____D C:\GOG Games
2016-11-27 12:45 - 2016-09-18 20:30 - 00000876 _____ C:\Users\tony\Desktop\Steam - Shortcut.lnk
2016-11-24 14:07 - 2016-10-12 20:38 - 00001191 _____ C:\Users\tony\Desktop\dota2 - Shortcut.lnk
 
==================== Files in the root of some directories =======
 
2016-12-07 00:26 - 2016-12-12 21:03 - 0000165 _____ () C:\Users\tony\AppData\Roaming\sp_data.sys
 
Some files in TEMP:
====================
C:\Users\tony\AppData\Local\Temp\IDM Patch Uninstaller.exe
C:\Users\tony\AppData\Local\Temp\P.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-06 23:46
 
==================== End of FRST.txt ============================

 

can anyone help me with these guys thank you


Edited by hamluis, 12 December 2016 - 09:06 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,631 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 17 December 2016 - 08:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/634673 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 18 December 2016 - 08:53 PM

i've been experiencing some unsual changes in my laptop system this past weeks like having long startup time and a cmd message opens when the desktop loads. after i scan my system with gmer it shows some rootkit activity and an unknown mbr code then i reset my windows without removing my personal files but after it gmer still shows rootkits and i also keep seeing pop ups and links are redirected.
 
I dont have an original windows cd/dvd
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by TONY (administrator) on DESKTOP-2G8ID0A (19-12-2016 09:44:51)
Running from C:\Users\tony\Downloads\Programs
Loaded Profiles: TONY (Available Profiles: TONY)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files (x86)\MobileBrServ\mbbService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\syswow64\SASrv.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\syswow64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\tony\Downloads\Programs\FRST64_2.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-06-01] ()
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3998832 2016-11-25] (Tonec Inc.)
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\MountPoints2: {ad7695be-8c88-11e6-9c72-2c56dca4ff57} - "F:\AutoRun.exe" 
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 223.25.0.88 127.0.0.1
Tcpip\..\Interfaces\{40993488-4b8e-400e-a544-fa363639f86a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9ac186e3-6fe6-4f95-9023-02928769a9ad}: [DhcpNameServer] 192.168.168.1
Tcpip\..\Interfaces\{baf9ab7d-a322-4227-8c49-1cb89c0ee10d}: [DhcpNameServer] 8.8.8.8 223.25.0.88 127.0.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-07] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5 [2016-12-19] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-10-18] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2016-12-19]
CHR Extension: (Google Slides) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Google Docs) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Google Sheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-13] (ASUS) [File not signed]
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [607160 2015-08-13] ()
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [187840 2016-10-24] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] ()
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-02] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-17] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 MFE_RR; C:\Users\tony\AppData\Local\Temp\mfe_rr.sys [24120 2016-12-08] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e04d68fb0b0ccd77\nvlddmkm.sys [14181304 2016-12-03] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [19616 2015-06-13] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 pgldrkod; C:\Users\tony\AppData\Local\Temp\pgldrkod.sys [56584 2016-12-07] (GMER) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-19 09:34 - 2016-12-19 09:34 - 00004414 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-19 09:34 - 2016-12-19 09:34 - 00000000 ____D C:\WINDOWS\LastGood
2016-12-19 09:34 - 2016-12-12 22:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-19 09:33 - 2016-12-13 07:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-19 08:38 - 2016-12-19 09:18 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-12-19 08:38 - 2016-12-19 08:38 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-12-19 08:35 - 2016-12-19 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-16 23:02 - 2016-12-16 23:02 - 00000285 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (G) DVD_ROM.lnk
2016-12-16 22:34 - 2016-12-16 22:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DarkSoulsIII
2016-12-16 22:32 - 2016-12-16 22:32 - 00000828 _____ C:\Users\tony\Desktop\Dark Souls III.lnk
2016-12-16 22:32 - 2016-12-16 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls III
2016-12-16 22:15 - 2016-12-16 22:15 - 00001224 _____ C:\Users\Public\Desktop\RecoveRx.lnk
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Recovered Files
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Program Files (x86)\Transcend
2016-12-16 20:11 - 2016-12-16 20:11 - 00000000 ____D C:\Users\tony\Documents\WB Games
2016-12-16 20:09 - 2016-12-16 20:09 - 00001353 _____ C:\Users\tony\Desktop\Middle Earth Shadow of Mordor.lnk
2016-12-16 20:09 - 2016-12-16 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
2016-12-16 20:03 - 2016-12-16 20:09 - 00000000 ____D C:\Program Files (x86)\Middle Earth Shadow of Mordor
2016-12-16 19:47 - 2016-12-16 19:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\Transcend Elite
2016-12-14 08:44 - 2016-12-14 08:44 - 00000199 _____ C:\Users\tony\Desktop\Dota 2.url
2016-12-14 08:44 - 2016-12-14 08:44 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 20:54 - 2016-12-13 20:56 - 00460156 _____ C:\WINDOWS\Minidump\121316-30062-01.dmp
2016-12-13 20:54 - 2016-12-13 20:54 - 941372703 _____ C:\WINDOWS\MEMORY.DMP
2016-12-13 20:54 - 2016-12-13 20:54 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-13 15:38 - 2016-12-13 15:38 - 00000000 ____D C:\Users\tony\AppData\Local\Chromium
2016-12-12 21:13 - 2016-12-19 09:44 - 00000000 ____D C:\FRST
2016-12-12 17:38 - 2016-12-12 17:38 - 00001201 _____ C:\Users\Public\Desktop\Connect2.lnk
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect2
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-12 17:35 - 2016-12-12 17:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-12 13:01 - 2016-12-16 22:31 - 00000000 ____D C:\Users\tony\Desktop\New folder
2016-12-12 09:43 - 2016-12-12 09:43 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-12 09:43 - 2016-12-12 09:43 - 00001159 _____ C:\Users\Public\Desktop\GameFirst IV.lnk
2016-12-12 09:43 - 2016-12-12 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2016-12-12 09:43 - 2015-01-14 08:59 - 00051904 _____ (Titan ARC Corp.) C:\WINDOWS\system32\Drivers\netfilter2.sys
2016-12-12 09:31 - 2016-12-12 09:31 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-12-12 09:31 - 2016-12-12 09:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-12-12 09:12 - 2016-12-18 22:33 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-12 09:12 - 2016-12-18 22:33 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-12 09:12 - 2016-12-12 09:12 - 00003976 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-12-12 09:08 - 2016-12-19 09:43 - 00000000 ____D C:\Users\tony\Downloads\Video
2016-12-09 18:46 - 2016-12-19 09:09 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7527B890-9B1E-4B62-96B9-900E9F2530ED}
2016-12-09 01:00 - 2016-12-09 01:00 - 00000000 ____D C:\Program Files (x86)\MobileBrServ
2016-12-08 19:41 - 2016-12-08 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-08 14:34 - 2016-12-08 20:08 - 00000000 ____D C:\ProgramData\TEMP
2016-12-08 14:32 - 2016-12-10 16:34 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2016-12-08 14:12 - 2016-12-08 14:12 - 00001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 13:29 - 2016-12-08 13:30 - 00006638 _____ C:\TDSSKiller.3.1.0.12_08.12.2016_13.29.47_log.txt
2016-12-08 12:42 - 2016-12-08 12:42 - 00000000 ___HD C:\$SysReset
2016-12-07 21:45 - 2016-12-07 21:45 - 00000768 _____ C:\Users\tony\Desktop\Dragons Dogma Dark Arisen.lnk
2016-12-07 21:45 - 2016-12-07 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragons Dogma Dark Arisen
2016-12-07 21:18 - 2016-12-07 21:21 - 00000000 ____D C:\Users\tony\AppData\Local\NPE
2016-12-07 21:18 - 2016-12-07 21:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Roaming\Steam
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Local\CAPCOM
2016-12-07 20:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-07 20:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-07 20:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-07 20:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-07 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-07 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-07 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-07 20:52 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-07 20:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-07 20:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-07 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-07 20:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-07 20:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-07 15:45 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\ASUS
2016-12-07 15:44 - 2016-12-07 15:44 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-12-07 15:44 - 2016-12-07 01:23 - 00000000 ____D C:\Windows.old
2016-12-07 15:44 - 2016-12-07 00:22 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-07 15:43 - 2016-12-07 15:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-07 15:43 - 2016-12-06 23:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-07 15:41 - 2016-12-07 15:41 - 00000000 ____D C:\WINDOWS\Setup
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\WINDOWS\OCR
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files\MSBuild
2016-12-07 15:39 - 2016-12-07 15:39 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-07 15:39 - 2016-12-07 11:46 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\system32\0409
2016-12-07 15:38 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-12-07 15:38 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-12-07 15:35 - 2016-10-29 07:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-07 15:35 - 2016-10-29 07:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-07 15:34 - 2016-12-16 09:13 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-07 15:34 - 2016-12-16 08:30 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-07 15:34 - 2016-12-15 08:50 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-07 15:34 - 2016-12-12 09:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-07 15:34 - 2016-12-09 00:42 - 00000000 ____D C:\WINDOWS\appcompat
2016-12-07 15:34 - 2016-12-08 12:54 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-07 15:34 - 2016-12-07 15:44 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-07 15:34 - 2016-12-07 15:39 - 00000000 ____D C:\WINDOWS\SystemApps
2016-12-07 15:34 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-12-07 15:34 - 2016-12-07 15:38 - 00000000 ____D C:\WINDOWS\system32\Com
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 __RSD C:\WINDOWS\Media
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Web
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Vss
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\tracing
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\TAPI
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SystemResources
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ras
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\IME
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\ias
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\DDFs
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\System
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SKB
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\security
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\schemas
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\SchCache
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Resources
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\rescache
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\PLA
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Performance
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\InputMethod
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Globalization
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Cursors
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\Branding
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\addins
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\ProgramData\Comms
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows NT
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files\Common Files\Services
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-07 15:34 - 2016-12-07 15:34 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-12-07 15:34 - 2016-12-07 15:32 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-12-07 15:34 - 2016-12-07 15:32 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-12-07 15:34 - 2016-12-07 15:32 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-12-07 15:34 - 2016-12-07 15:32 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-12-07 15:34 - 2016-12-07 15:32 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK
2016-12-07 15:34 - 2016-12-07 15:32 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-12-07 15:34 - 2016-12-07 15:32 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-12-07 15:34 - 2016-12-07 15:32 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-12-07 15:34 - 2016-12-07 15:32 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ___RD C:\Program Files\Windows Defender
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\Provisioning
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-07 15:34 - 2016-12-07 13:53 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-07 15:34 - 2016-12-07 13:52 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-12-07 15:34 - 2016-12-07 13:28 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-07 15:34 - 2016-12-07 13:26 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-07 15:34 - 2016-12-07 09:57 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-07 15:34 - 2016-12-07 00:21 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-07 15:34 - 2016-12-07 00:18 - 00000000 ____D C:\WINDOWS\Registration
2016-12-07 15:34 - 2016-12-07 00:17 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\IME
2016-12-07 15:34 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\Help
2016-12-07 15:34 - 2016-12-06 23:56 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-07 15:34 - 2016-12-06 23:56 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-07 15:34 - 2016-12-06 23:48 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-07 15:32 - 2016-12-19 09:34 - 00000000 ____D C:\WINDOWS\INF
2016-12-07 15:23 - 2016-12-07 13:35 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-07 15:18 - 2016-12-16 08:24 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-07 15:18 - 2016-12-14 08:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-07 15:18 - 2016-12-07 15:34 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-12-07 15:18 - 2016-12-07 14:27 - 00000000 ____D C:\WINDOWS\servicing
2016-12-07 14:51 - 2016-12-07 14:51 - 00000000 ____D C:\Users\tony\Documents\Custom Office Templates
2016-12-07 13:44 - 2016-12-07 13:44 - 161417105 _____ C:\Users\tony\Downloads\DD Brady.pdf
2016-12-07 13:40 - 2016-12-07 13:09 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-07 13:36 - 2016-12-14 09:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-07 13:35 - 2016-12-14 09:38 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-07 13:33 - 2016-12-07 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-07 13:29 - 2016-12-07 13:29 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-07 13:29 - 2016-12-07 13:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-12-07 13:28 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-07 13:28 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-07 13:27 - 2016-12-07 13:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-07 13:27 - 2016-12-07 13:27 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-12-07 13:25 - 2016-12-07 13:27 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-07 13:25 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-12-07 13:25 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-07 13:16 - 2016-12-07 13:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-07 13:03 - 2016-12-07 13:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\Skype
2016-12-07 12:37 - 2016-12-07 12:37 - 00000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2016-12-07 12:16 - 2016-12-07 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-07 11:31 - 2016-12-07 12:59 - 00000230 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00002492 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 09:56 - 2016-12-07 09:56 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-07 09:55 - 2016-12-07 09:55 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Users\tony\AppData\Roaming\Macromedia
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-07 09:35 - 2016-12-07 09:35 - 00000600 _____ C:\Users\tony\PUTTY.RND
2016-12-07 09:21 - 2016-12-07 09:21 - 00003338 _____ C:\WINDOWS\System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE}
2016-12-07 09:06 - 2016-12-07 09:06 - 00001084 _____ C:\Users\tony\Desktop\Internet Download Manager.lnk
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-07 08:53 - 2016-12-07 08:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-07 08:53 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-07 08:53 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-07 08:53 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-07 08:53 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-07 08:50 - 2016-12-02 04:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00439864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-07 08:50 - 2016-12-02 04:02 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-07 08:47 - 2016-12-07 08:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\NVIDIA
2016-12-07 08:44 - 2016-12-19 09:34 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00003990 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00003964 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00003802 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00003760 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-07 08:44 - 2016-12-19 09:34 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-07 08:44 - 2016-12-16 22:41 - 00000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2016-12-07 08:44 - 2016-12-13 07:37 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-07 08:44 - 2016-12-12 22:37 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-07 08:44 - 2016-12-07 10:40 - 00000000 ____D C:\Users\tony\AppData\Roaming\uTorrent
2016-12-07 08:44 - 2016-12-07 08:44 - 00000897 _____ C:\Users\tony\Desktop\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000877 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-07 08:43 - 2016-12-13 07:36 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-07 08:43 - 2016-11-17 21:42 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SET3A6A.tmp
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\Users\tony\AppData\Local\Lenovo
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-07 08:39 - 2016-12-08 12:14 - 00000000 ____D C:\Users\tony\Downloads\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-12-07 08:34 - 2016-12-07 08:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2016-12-07 08:30 - 2016-12-15 09:36 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 08:30 - 2016-12-15 09:36 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 08:27 - 2016-12-19 08:39 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-07 08:27 - 2016-12-19 08:39 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-07 08:27 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\Google
2016-12-07 08:27 - 2016-12-07 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
2016-12-07 01:46 - 2016-12-19 09:44 - 00000000 ____D C:\Users\tony\AppData\Roaming\DMCache
2016-12-07 01:46 - 2016-12-08 13:36 - 00000000 ____D C:\Users\tony\Downloads\Compressed
2016-12-07 01:46 - 2016-12-07 13:37 - 00000000 ____D C:\Users\tony\AppData\Roaming\IDM
2016-12-07 01:46 - 2016-12-07 10:41 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 09:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-07 01:46 - 00000000 ____D C:\ProgramData\IDM
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 00:57 - 2016-12-07 00:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-07 00:54 - 2016-12-07 15:02 - 00000000 ____D C:\Users\tony\AppData\Local\Microsoft Help
2016-12-07 00:54 - 2016-12-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help.old
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\Users\tony\AppData\Roaming\SYSTEMAX Software Development
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-12-07 00:43 - 2016-12-07 00:43 - 00000000 ____D C:\Users\tony\AppData\Local\Comms
2016-12-07 00:41 - 2016-12-18 23:31 - 00000000 ____D C:\Users\tony\AppData\Roaming\vlc
2016-12-07 00:38 - 2016-12-14 08:52 - 00000000 ____D C:\Users\tony\AppData\Local\Steam
2016-12-07 00:38 - 2016-12-07 00:38 - 00003212 _____ C:\WINDOWS\System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789}
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\CEF
2016-12-07 00:35 - 2016-12-07 00:35 - 00000000 ____D C:\Users\tony\AppData\Local\MicrosoftEdge
2016-12-07 00:32 - 2016-12-07 00:32 - 00000000 ____D C:\Users\tony\AppData\Roaming\awsRun
2016-12-07 00:30 - 2016-12-07 00:30 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-12-07 00:28 - 2016-12-12 09:43 - 00002366 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-07 00:28 - 2016-12-07 00:28 - 00000000 ____D C:\Users\tony\AppData\Local\Conexant
2016-12-07 00:27 - 2016-12-07 08:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DropboxOEM
2016-12-07 00:27 - 2016-12-07 00:27 - 00000000 ____D C:\Users\tony\AppData\Local\DropboxOEM
2016-12-07 00:26 - 2016-12-19 08:33 - 00000165 _____ C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-07 00:25 - 2016-12-19 09:34 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA Corporation
2016-12-07 00:25 - 2016-12-19 08:33 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-07 00:25 - 2016-12-12 11:33 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2016-12-07 00:25 - 2016-12-07 08:46 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA
2016-12-07 00:25 - 2016-12-07 01:35 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\WebStorage
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\Adobe
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\TileDataLayer
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\Publishers
2016-12-07 00:24 - 2016-12-07 01:35 - 00000000 ____D C:\Users\tony\AppData\Local\ConnectedDevicesPlatform
2016-12-07 00:24 - 2016-12-07 00:24 - 00000020 ___SH C:\Users\tony\ntuser.ini
2016-12-07 00:24 - 2016-12-07 00:24 - 00000000 ____D C:\Users\tony\AppData\Roaming\Intel
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default User
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\All Users
2016-12-07 00:17 - 2016-12-07 00:17 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-07 00:11 - 2016-12-18 23:57 - 00000000 ____D C:\Users\tony
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\My Documents
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Videos
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Pictures
2016-12-07 00:11 - 2016-12-07 00:11 - 00000000 _SHDL C:\Users\tony\Documents\My Music
2016-12-07 00:10 - 2016-12-07 00:10 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-07 00:01 - 2016-12-07 00:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-06 23:55 - 2016-12-19 09:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-06 23:55 - 2016-12-19 09:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-06 23:55 - 2016-12-19 08:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-06 23:55 - 2016-12-06 23:55 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-12-06 23:55 - 2016-12-02 01:32 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-06 23:55 - 2016-12-02 01:32 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-06 23:55 - 2016-11-30 17:34 - 07607057 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-06 23:55 - 2015-08-13 21:42 - 00107008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-12-06 23:55 - 2015-08-13 21:42 - 00101392 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-12-06 23:54 - 2016-12-07 00:02 - 00000000 ____D C:\Program Files\Intel
2016-12-06 23:54 - 2016-12-06 23:54 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2016-12-06 23:54 - 2016-12-06 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-12-06 23:53 - 2016-12-07 00:04 - 00000000 ____D C:\ProgramData\Conexant
2016-12-06 23:53 - 2016-12-06 23:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-12-06 23:53 - 2016-12-06 23:53 - 00000000 ____D C:\Program Files\CONEXANT
2016-12-06 23:53 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-12-06 23:53 - 2011-09-01 00:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-12-06 23:52 - 2016-12-07 00:03 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-06 23:52 - 2016-12-06 23:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-06 23:49 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-06 23:48 - 2016-12-06 23:48 - 00000000 ____D C:\ProgramData\USOShared
2016-12-06 23:47 - 2016-12-16 09:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-06 23:46 - 2016-12-16 21:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 23:46 - 2016-12-07 13:56 - 00352616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-06 09:05 - 2016-12-06 09:05 - 00000000 ____D C:\NPE
2016-12-06 07:54 - 2016-12-06 07:54 - 00000000 ____D C:\Users\tony\AppData\LocalLow\uTorrent
2016-12-05 21:47 - 2016-12-05 21:47 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-12-05 21:46 - 2016-12-05 21:47 - 00202104 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.46.10_log.txt
2016-12-05 21:32 - 2016-12-05 21:32 - 00006660 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.32.14_log.txt
2016-12-05 20:28 - 2016-12-05 20:29 - 00008900 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.28.27_log.txt
2016-12-05 20:27 - 2016-12-05 20:28 - 00006638 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.27.50_log.txt
2016-12-05 12:56 - 2016-12-05 21:24 - 00181038 _____ C:\spyhunter.fix
2016-12-05 10:24 - 2016-12-05 10:24 - 00000000 ___HD C:\TMRescueDisk
2016-12-05 08:06 - 2016-12-05 08:06 - 00000000 _____ C:\autoexec.bat
2016-12-04 22:08 - 2016-12-04 22:08 - 00000385 _____ C:\Users\tony\AppData\Roaminguser_gensett.xml
2016-12-04 22:06 - 2016-12-05 09:55 - 00002367 _____ C:\bdlog.txt
2016-12-04 01:33 - 2016-12-04 21:56 - 00000000 ___HD C:\$AVG
2016-12-02 20:42 - 2016-12-07 21:12 - 00000000 ____D C:\Users\tony\Desktop\KAY LOLOY
2016-11-30 23:21 - 2016-10-17 23:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-11-23 09:39 - 2016-11-23 09:47 - 00000000 ____D C:\Koe no Katachi
2016-11-23 08:00 - 2016-11-02 20:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-23 08:00 - 2016-11-02 20:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-23 08:00 - 2016-11-02 19:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-23 08:00 - 2016-11-02 19:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-23 08:00 - 2016-11-02 19:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-23 08:00 - 2016-11-02 19:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-23 08:00 - 2016-11-02 19:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-23 08:00 - 2016-11-02 19:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-23 08:00 - 2016-11-02 19:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-23 08:00 - 2016-11-02 19:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-23 08:00 - 2016-11-02 19:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-23 08:00 - 2016-11-02 19:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-23 08:00 - 2016-11-02 19:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-23 08:00 - 2016-11-02 19:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-23 08:00 - 2016-11-02 19:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-23 08:00 - 2016-11-02 19:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-23 08:00 - 2016-11-02 19:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-23 08:00 - 2016-11-02 19:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-23 08:00 - 2016-11-02 19:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-23 08:00 - 2016-11-02 19:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-23 08:00 - 2016-11-02 19:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-23 08:00 - 2016-11-02 19:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-23 08:00 - 2016-11-02 19:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-23 08:00 - 2016-11-02 19:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-23 08:00 - 2016-11-02 19:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-23 08:00 - 2016-11-02 19:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-23 08:00 - 2016-11-02 19:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-23 08:00 - 2016-11-02 19:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-23 08:00 - 2016-11-02 18:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-23 08:00 - 2016-11-02 18:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-23 08:00 - 2016-11-02 18:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-23 08:00 - 2016-11-02 18:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-23 08:00 - 2016-11-02 18:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-23 08:00 - 2016-11-02 18:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-23 08:00 - 2016-11-02 18:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-23 08:00 - 2016-11-02 18:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-23 08:00 - 2016-11-02 18:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-23 08:00 - 2016-11-02 18:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-23 08:00 - 2016-11-02 18:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-23 08:00 - 2016-11-02 18:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-23 08:00 - 2016-11-02 18:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-23 08:00 - 2016-11-02 18:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-23 08:00 - 2016-11-02 18:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-23 08:00 - 2016-11-02 18:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-23 08:00 - 2016-11-02 18:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-23 08:00 - 2016-11-02 18:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-23 08:00 - 2016-11-02 18:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-23 08:00 - 2016-11-02 18:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-23 08:00 - 2016-11-02 18:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-23 08:00 - 2016-11-02 18:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-23 08:00 - 2016-11-02 18:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-23 08:00 - 2016-11-02 18:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-23 08:00 - 2016-11-02 18:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-23 08:00 - 2016-11-02 18:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-23 08:00 - 2016-11-02 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-23 08:00 - 2016-11-02 18:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-23 08:00 - 2016-11-02 18:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-23 08:00 - 2016-11-02 18:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-23 08:00 - 2016-11-02 18:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-23 08:00 - 2016-11-02 18:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-23 08:00 - 2016-11-02 18:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-23 08:00 - 2016-11-02 18:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-23 08:00 - 2016-11-02 18:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-23 08:00 - 2016-11-02 18:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-23 08:00 - 2016-11-02 18:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-23 08:00 - 2016-11-02 18:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-23 08:00 - 2016-11-02 18:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-23 08:00 - 2016-11-02 18:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-23 08:00 - 2016-11-02 18:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-23 08:00 - 2016-11-02 18:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-23 08:00 - 2016-11-02 18:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-23 08:00 - 2016-11-02 18:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-23 08:00 - 2016-11-02 18:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-23 08:00 - 2016-11-02 18:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-23 08:00 - 2016-11-02 18:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-23 08:00 - 2016-11-02 18:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-23 08:00 - 2016-11-02 18:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-23 08:00 - 2016-11-02 18:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-23 08:00 - 2016-11-02 18:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-23 08:00 - 2016-11-02 18:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-23 08:00 - 2016-11-02 18:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-23 08:00 - 2016-11-02 18:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-23 08:00 - 2016-11-02 18:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-23 08:00 - 2016-11-02 18:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-23 08:00 - 2016-11-02 18:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-23 08:00 - 2016-11-02 16:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-23 08:00 - 2016-08-02 12:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-23 07:59 - 2016-11-02 19:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-23 07:59 - 2016-11-02 19:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-23 07:59 - 2016-11-02 19:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-23 07:59 - 2016-11-02 19:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-23 07:59 - 2016-11-02 19:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-23 07:59 - 2016-11-02 19:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-23 07:59 - 2016-11-02 19:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-23 07:59 - 2016-11-02 19:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-23 07:59 - 2016-11-02 18:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-23 07:59 - 2016-11-02 18:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-23 07:59 - 2016-11-02 18:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-23 07:59 - 2016-11-02 18:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-23 07:59 - 2016-11-02 18:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-23 07:59 - 2016-11-02 18:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-23 07:59 - 2016-11-02 18:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-23 07:59 - 2016-11-02 18:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-23 07:59 - 2016-11-02 18:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-23 07:59 - 2016-11-02 18:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-23 07:59 - 2016-11-02 18:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-23 07:59 - 2016-11-02 18:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-23 07:59 - 2016-11-02 18:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-23 07:59 - 2016-11-02 18:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-23 07:59 - 2016-11-02 18:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-23 07:59 - 2016-11-02 18:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-23 07:59 - 2016-11-02 18:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-23 07:59 - 2016-11-02 18:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-23 07:59 - 2016-11-02 18:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-23 07:59 - 2016-11-02 18:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-23 07:59 - 2016-11-02 18:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-23 07:59 - 2016-11-02 18:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-23 07:59 - 2016-11-02 18:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-23 07:59 - 2016-11-02 18:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-23 07:59 - 2016-11-02 18:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-23 07:59 - 2016-11-02 18:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-23 07:59 - 2016-11-02 18:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-23 07:59 - 2016-11-02 18:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-23 07:59 - 2016-11-02 18:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-23 07:59 - 2016-11-02 18:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-23 07:59 - 2016-11-02 18:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-23 07:59 - 2016-11-02 18:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-23 07:59 - 2016-11-02 17:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-23 07:59 - 2016-11-02 17:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-19 09:35 - 2015-11-19 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-19 09:34 - 2015-11-19 19:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-19 08:33 - 2016-07-13 05:59 - 00000000 __SHD C:\Users\tony\IntelGraphicsProfiles
2016-12-16 09:16 - 2015-08-18 16:36 - 01225314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 10:19 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-12 09:43 - 2016-07-13 06:02 - 00000000 ___RD C:\Users\tony\OneDrive
2016-12-12 09:43 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-12 09:31 - 2015-07-10 19:04 - 00000199 _____ C:\WINDOWS\win.ini
2016-12-12 09:14 - 2015-11-19 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:14 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-12-12 09:12 - 2015-11-19 20:26 - 00000000 ____D C:\ProgramData\ASUS
2016-12-08 11:35 - 2016-09-13 22:32 - 00000000 ____D C:\Users\tony\Desktop\THESIS
2016-12-07 22:37 - 2016-09-12 23:34 - 00000000 ____D C:\Users\tony\Desktop\ARTWORK
2016-12-07 20:32 - 2016-07-15 18:31 - 00000000 ____D C:\Games
2016-12-07 14:02 - 2015-11-19 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-07 13:29 - 2015-07-10 21:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\McAfee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee
2016-12-07 09:58 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-12-07 08:44 - 2015-11-19 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-07 00:46 - 2016-09-16 18:18 - 00000000 ____D C:\PaintToolSAI
2016-12-07 00:30 - 2015-11-19 19:41 - 00000000 ____D C:\ProgramData\Intel
2016-12-07 00:25 - 2015-08-18 16:34 - 00000000 ____D C:\WINDOWS\Log
2016-12-07 00:17 - 2015-07-10 19:04 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-07 00:10 - 2015-07-10 17:05 - 00000000 ____D C:\Users\Default.migrated
2016-12-07 00:09 - 2015-11-19 20:03 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-07 00:09 - 2015-11-19 19:56 - 00000000 ____D C:\WINDOWS\Cnxt
2016-12-07 00:09 - 2015-08-18 16:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-12-07 00:09 - 2015-07-10 19:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-12-07 00:09 - 2015-07-10 19:04 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-12-07 00:05 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WebStorage
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-12-07 00:04 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:02 - 00000000 ____D C:\ProgramData\Intel.sav
2016-12-07 00:04 - 2015-11-19 19:58 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-07 00:04 - 2015-11-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-07 00:04 - 2015-08-18 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-07 00:04 - 2015-08-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\ICEpower
2016-12-07 00:03 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-12-07 00:03 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-07 00:03 - 2015-08-18 16:38 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-07 00:03 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-12-07 00:03 - 2015-07-10 21:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-07 00:02 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee.com
2016-12-07 00:02 - 2015-11-19 20:12 - 00000000 ____D C:\Program Files\DIFX
2016-12-07 00:02 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files\Intel Corporation
2016-12-07 00:02 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-04 11:58 - 2016-08-27 20:33 - 00000000 ____D C:\Users\tony\.android
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\vmlogs
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\.BigNox
2016-12-02 04:02 - 2016-03-22 06:52 - 03934320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-02 04:02 - 2016-03-22 06:52 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-02 04:02 - 2016-03-22 06:35 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-02 04:02 - 2016-03-22 05:19 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-27 15:05 - 2016-10-29 15:22 - 00000000 ____D C:\GOG Games
2016-11-27 12:45 - 2016-09-18 20:30 - 00000876 _____ C:\Users\tony\Desktop\Steam - Shortcut.lnk
 
==================== Files in the root of some directories =======
 
2016-12-07 00:26 - 2016-12-19 08:33 - 0000165 _____ () C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-19 09:34 - 2016-12-19 09:34 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
 
Some files in TEMP:
====================
C:\Users\tony\AppData\Local\Temp\IDM Patch Uninstaller.exe
C:\Users\tony\AppData\Local\Temp\NvTelemetry.dll
C:\Users\tony\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\tony\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\tony\AppData\Local\Temp\P.exe
C:\Users\tony\AppData\Local\Temp\StoreJet.ToolBox.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-06 23:46
 
==================== End of FRST.txt ============================

Attached Files


Edited by ynottony, 18 December 2016 - 08:55 PM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 19 December 2016 - 03:06 PM

Greetings ynottony and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Unfortunately there is evidence of illegal software on your computer. I am going to request you completely uninstall Microsoft Office Professional Plus 2016 and any other products for which you do not have a valid Product Key, including all "cracked" software. If you are willing to do that please rerun a FRST scan and copy/paste both reports in your reply. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please run this after removal.

===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • CKScanner report
  • FRST report
  • Addition report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 22 December 2016 - 08:28 PM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 23 December 2016 - 03:38 AM

Sorry for the late reply Sir.
I still need help for my computer. But unfortunately Im having some problem with my internet connection thats why I wasnt able to reply immediately.

May be i can have my internet connection back on sunday or monday so that i can send the results you are requesting.I hope that you will understand my situation Sir. thanks

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 23 December 2016 - 11:54 AM

Greetings,

No problem at all. I just need to make sure you haven't abandoned the Topic. See you in a few days.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 27 December 2016 - 11:36 AM

here are results you requested. sorry for the late reply

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\autodesk\autodesk_3ds_max_2014_efgjks_win_64bit_dlm\x64\max\autodesk\3ds max 2014\maps\substance\textures\cracked_plaster.sbsar
c:\esupport\edriver\software\audio\conexant\audio\win7_64_win8_64_win81_64_win10_64_8.66.16.50\w8-64\d2keys.ini
c:\program files\conexant\cnxt_audio_hda\d2keys.ini
c:\program files (x86)\asus\atk package\atk hotkey\atkmsgctrl.exe
c:\users\tony\nox_share\other\com.gameloft.android.anmp - copy.gloftwbhm\files\aowgame\cookedandroid_etc\town_cinematic_dragon_crack.xxx
c:\users\tony\nox_share\other\com.gameloft.android.anmp.gloftwbhm\files\aowgame\cookedandroid_etc\town_cinematic_dragon_crack.xxx
c:\windows\autokms.exe
c:\windows\cnxt\rollback\oem16.inf\d2keys.ini
c:\windows\system32\driverstore\filerepository\x40plmwa.inf_amd64_f770504d11398cb1\d2keys.ini
c:\windows.old\program files\conexant\cnxt_audio_hda\d2keys.ini
c:\windows.old\windows\system32\drivers\d2keys.ini
c:\windows.old\windows\system32\driverstore\filerepository\x40plmwa.inf_amd64_f770504d11398cb1\d2keys.ini
scanner sequence 3.FF.11.XMNAXZ
 ----- EOF ----- 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by TONY (administrator) on DESKTOP-2G8ID0A (28-12-2016 00:31:43)
Running from D:\C backup\Downloads\Programs
Loaded Profiles: TONY (Available Profiles: TONY)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\MobileBrServ\mbbService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\System32\IntelCpHDCPSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(Valve Corporation) D:\11111\Steam.exe
(Valve Corporation) D:\11111\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\11111\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\11111\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-06-01] ()
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4015216 2016-12-15] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1dbf2218-e3f7-489f-9a76-05fab60fa58c}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{40993488-4b8e-400e-a544-fa363639f86a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9ac186e3-6fe6-4f95-9023-02928769a9ad}: [DhcpNameServer] 192.168.168.1
Tcpip\..\Interfaces\{baf9ab7d-a322-4227-8c49-1cb89c0ee10d}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-12-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-07] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5 [2016-12-27] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin HKU\S-1-5-21-2339138057-2822180099-2837011375-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2016-12-28]
CHR Extension: (Google Slides) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Google Docs) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Google Sheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-13] (ASUS) [File not signed]
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo)
R3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [607160 2015-08-13] ()
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [187840 2016-10-24] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] ()
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-12] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel® Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
U5 iaLPSS2_I2C; C:\Windows\System32\Drivers\iaLPSS2_I2C.sys [185128 2015-06-17] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 pgldrkod; C:\Users\tony\AppData\Local\Temp\pgldrkod.sys [56584 2016-12-27] (GMER) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-12-27 23:43 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-28 15:17 - 2016-12-28 15:17 - 00000000 ____D C:\Windows.old
2016-12-28 15:16 - 2016-12-28 15:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-28 15:16 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-27 23:57 - 2016-12-28 00:00 - 00000000 ___HD C:\$SysReset
2016-12-27 23:53 - 2016-12-27 23:53 - 00001191 _____ C:\Users\tony\Desktop\dota2.exe - Shortcut.lnk
2016-12-27 23:53 - 2016-12-27 23:53 - 00000876 _____ C:\Users\tony\Desktop\Steam.exe - Shortcut.lnk
2016-12-27 23:47 - 2016-12-27 23:47 - 00000000 ____D C:\ProgramData\USOShared
2016-12-27 23:47 - 2016-12-27 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-27 23:46 - 2016-12-27 23:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-27 23:44 - 2016-12-27 23:44 - 00000020 ___SH C:\Users\tony\ntuser.ini
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-12-27 23:42 - 2016-12-27 23:43 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-12-27 23:42 - 2016-12-27 23:43 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-12-27 23:39 - 2016-12-27 23:39 - 00837818 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-27 23:39 - 2016-12-27 23:39 - 00003556 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-27 23:39 - 2016-12-27 23:39 - 00003308 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7527B890-9B1E-4B62-96B9-900E9F2530ED}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003142 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-27 23:39 - 2016-12-27 23:39 - 00003114 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-12-27 23:39 - 2016-12-27 23:39 - 00003040 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2016-12-27 23:39 - 2016-12-27 23:39 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002996 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-12-27 23:39 - 2016-12-27 23:39 - 00002944 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-12-27 23:39 - 2016-12-27 23:39 - 00002902 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-12-27 23:39 - 2016-12-27 23:39 - 00002830 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-27 23:39 - 2016-12-27 23:39 - 00002820 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-27 23:39 - 2016-12-27 23:39 - 00002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-27 23:39 - 2016-12-27 23:39 - 00002674 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002516 _____ C:\WINDOWS\System32\Tasks\ROG Gaming Center
2016-12-27 23:39 - 2016-12-27 23:39 - 00002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-12-27 23:39 - 2016-12-27 23:39 - 00002198 _____ C:\WINDOWS\System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2016-12-27 23:39 - 2016-12-27 23:39 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-27 23:39 - 2016-12-27 23:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-12-27 23:33 - 2016-12-27 23:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-12-27 23:30 - 2016-12-27 23:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-27 23:28 - 2016-12-27 23:44 - 00000000 ____D C:\Users\tony
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\My Documents
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Videos
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Pictures
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Music
2016-12-27 23:25 - 2016-12-12 02:47 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-27 23:25 - 2016-12-09 16:52 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-27 23:24 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:24 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2016-12-27 23:24 - 2016-12-27 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-12-27 23:23 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Conexant
2016-12-27 23:23 - 2016-12-27 23:23 - 00000000 ____D C:\Program Files\CONEXANT
2016-12-27 23:23 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-27 23:23 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-12-27 23:23 - 2011-09-01 00:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-12-27 23:22 - 2016-12-27 23:44 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-27 23:22 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-27 23:22 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Intel
2016-12-27 23:22 - 2016-12-27 23:22 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-27 23:22 - 2015-08-13 21:42 - 00107008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-12-27 23:22 - 2015-08-13 21:42 - 00101392 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-12-27 23:21 - 2016-12-27 23:34 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-27 23:21 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-27 22:42 - 2016-12-27 23:02 - 00000000 ___HD C:\$WINDOWS.~BT
2016-12-27 21:43 - 2016-12-27 21:43 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-27 21:43 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-27 21:43 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-27 21:40 - 2016-12-12 11:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-27 20:51 - 2016-12-27 20:51 - 00000747 _____ C:\Users\tony\Documents\Downloads - Shortcut.lnk
2016-12-26 16:59 - 2016-12-26 16:59 - 00024576 _____ C:\bcdbackup
2016-12-26 12:37 - 2016-12-26 12:37 - 00000000 ____D C:\New folder
2016-12-25 21:15 - 2016-12-25 21:15 - 00003072 _____ C:\WINDOWS\system32\umstartup.etl
2016-12-25 14:50 - 2016-12-25 14:52 - 00021024 _____ C:\WINDOWS\ntbtlog.txt
2016-12-25 08:08 - 2016-12-25 08:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2016-12-25 00:20 - 2016-12-25 08:25 - 00000000 ____D C:\Users\tony\AppData\Local\SKIDROW
2016-12-24 23:53 - 2016-12-27 21:00 - 00000000 ____D C:\Program Files (x86)\Hitman Absolution
2016-12-24 23:51 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\AppData\Local\Ubisoft Game Launcher
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\Users\tony\AppData\Roaming\Ubisoft
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\ProgramData\Ubisoft
2016-12-24 22:54 - 2016-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-12-24 19:41 - 2016-12-24 19:41 - 00000000 ____D C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903
2016-12-24 19:39 - 2016-12-24 19:39 - 00038961 _____ C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903.zip
2016-12-24 19:30 - 2016-12-24 22:34 - 00000000 ____D C:\Program Files (x86)\R.G. Games
2016-12-24 18:21 - 2016-12-24 18:23 - 00834550 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.21.02_log.txt
2016-12-24 18:18 - 2016-12-24 18:19 - 00102856 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.18.57_log.txt
2016-12-24 17:35 - 2016-12-27 23:31 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2016-12-24 17:35 - 2016-12-24 17:35 - 00707354 _____ C:\WINDOWS\unins000.exe
2016-12-24 17:35 - 2016-12-24 17:35 - 00001537 _____ C:\WINDOWS\unins000.dat
2016-12-24 17:34 - 2016-12-24 17:34 - 00875012 _____ C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2016-12-24 17:34 - 2016-12-24 17:34 - 00000000 ____D C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm
2016-12-23 21:41 - 2016-12-23 21:48 - 00000000 ____D C:\Users\tony\AppData\Local\Darksiders2
2016-12-22 17:14 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\Documents\Ghost Games
2016-12-22 17:01 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-12-22 12:57 - 2016-12-22 13:04 - 53039104 _____ C:\Users\tony\Documents\comodo_rescue_disk_2.0.261647.1.iso
2016-12-21 20:23 - 2016-12-21 20:23 - 00000000 ____D C:\Users\tony\Documents\Activision
2016-12-21 18:57 - 2016-12-21 18:57 - 00000000 ____D C:\Users\tony\AppData\Local\PunkBuster
2016-12-21 18:56 - 2016-12-23 21:41 - 00000000 ____D C:\Users\tony\Documents\My Games
2016-12-21 18:56 - 2016-12-21 18:56 - 00000000 ____D C:\ProgramData\Orbit
2016-12-21 08:29 - 2016-12-21 09:03 - 00000000 ____D C:\ESD
2016-12-21 08:28 - 2016-12-21 08:28 - 00000000 ___HD C:\$Windows.~WS
2016-12-20 19:39 - 2016-12-20 19:39 - 00000000 ____D C:\Users\tony\Documents\lucy-2014-english-yify-30449
2016-12-20 19:38 - 2016-12-20 19:38 - 00023588 _____ C:\Users\tony\Documents\lucy-2014-english-yify-30449.zip
2016-12-20 19:33 - 2016-12-20 19:33 - 00000000 ____D C:\Users\tony\Documents\lucy-english-yify-30601
2016-12-20 19:32 - 2016-12-20 19:32 - 00001919 _____ C:\Users\tony\Documents\lucy-english-yify-30601.zip
2016-12-20 18:59 - 2016-12-20 18:59 - 00000000 ____D C:\Users\tony\Documents\KoeiTecmo
2016-12-19 09:34 - 2016-12-27 23:06 - 00005307 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-19 09:34 - 2016-12-12 22:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-19 09:33 - 2016-12-13 07:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-16 23:02 - 2016-12-16 23:02 - 00000285 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (G) DVD_ROM.lnk
2016-12-16 22:34 - 2016-12-16 22:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DarkSoulsIII
2016-12-16 22:15 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2016-12-16 22:15 - 2016-12-16 22:15 - 00001224 _____ C:\Users\Public\Desktop\RecoveRx.lnk
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Recovered Files
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Program Files (x86)\Transcend
2016-12-16 20:11 - 2016-12-16 20:11 - 00000000 ____D C:\Users\tony\Documents\WB Games
2016-12-16 20:03 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\Middle Earth Shadow of Mordor
2016-12-16 19:47 - 2016-12-16 19:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\Transcend Elite
2016-12-15 19:51 - 2016-10-17 23:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-12-14 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 20:54 - 2016-12-13 20:54 - 941372703 _____ C:\WINDOWS\MEMORY.DMP
2016-12-13 15:38 - 2016-12-13 15:38 - 00000000 ____D C:\Users\tony\AppData\Local\Chromium
2016-12-12 21:13 - 2016-12-28 00:31 - 00000000 ____D C:\FRST
2016-12-12 17:38 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect2
2016-12-12 17:38 - 2016-12-12 17:38 - 00001201 _____ C:\Users\Public\Desktop\Connect2.lnk
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-12 17:35 - 2016-12-12 17:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-12 09:43 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2016-12-12 09:43 - 2016-12-12 09:43 - 00001159 _____ C:\Users\Public\Desktop\GameFirst IV.lnk
2016-12-12 09:43 - 2015-01-14 08:59 - 00051904 _____ (Titan ARC Corp.) C:\WINDOWS\system32\Drivers\netfilter2.sys
2016-12-09 01:00 - 2016-12-09 01:00 - 00000000 ____D C:\Program Files (x86)\MobileBrServ
2016-12-08 19:41 - 2016-12-08 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-08 14:34 - 2016-12-08 20:08 - 00000000 ____D C:\ProgramData\TEMP
2016-12-08 14:32 - 2016-12-10 16:34 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2016-12-08 14:12 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-12-08 14:12 - 2016-12-08 14:12 - 00001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 13:29 - 2016-12-08 13:30 - 00006638 _____ C:\TDSSKiller.3.1.0.12_08.12.2016_13.29.47_log.txt
2016-12-07 21:18 - 2016-12-07 21:21 - 00000000 ____D C:\Users\tony\AppData\Local\NPE
2016-12-07 21:18 - 2016-12-07 21:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Roaming\Steam
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Local\CAPCOM
2016-12-07 20:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-07 20:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-07 20:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-07 20:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-07 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-07 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-07 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-07 20:52 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-07 20:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-07 20:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-07 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-07 20:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-07 20:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-07 15:45 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\ASUS
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\MSBuild
2016-12-07 15:34 - 2016-12-27 23:41 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-07 15:18 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default.migrated
2016-12-07 14:51 - 2016-12-07 14:51 - 00000000 ____D C:\Users\tony\Documents\Custom Office Templates
2016-12-07 13:40 - 2016-12-07 13:09 - 00485032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-07 13:36 - 2016-12-14 09:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-07 13:35 - 2016-12-14 09:38 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-07 13:25 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-07 13:16 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-07 13:03 - 2016-12-07 13:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\Skype
2016-12-07 12:37 - 2016-12-07 12:37 - 00000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2016-12-07 12:16 - 2016-12-07 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-07 11:31 - 2016-12-07 12:59 - 00000230 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-07 09:55 - 2016-12-07 09:55 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Users\tony\AppData\Roaming\Macromedia
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-07 09:35 - 2016-12-07 09:35 - 00000600 _____ C:\Users\tony\PUTTY.RND
2016-12-07 09:06 - 2016-12-07 09:06 - 00001084 _____ C:\Users\tony\Desktop\Internet Download Manager.lnk
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-07 08:50 - 2016-12-02 04:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 08:47 - 2016-12-07 08:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\NVIDIA
2016-12-07 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-07 08:44 - 2016-12-25 08:27 - 00000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2016-12-07 08:44 - 2016-12-19 09:34 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-07 08:44 - 2016-12-13 07:37 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-07 08:44 - 2016-12-12 02:47 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-07 08:44 - 2016-12-07 10:40 - 00000000 ____D C:\Users\tony\AppData\Roaming\uTorrent
2016-12-07 08:44 - 2016-12-07 08:44 - 00000897 _____ C:\Users\tony\Desktop\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000877 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\Users\tony\AppData\Local\Lenovo
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-12-07 08:34 - 2016-12-07 08:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2016-12-07 08:30 - 2016-12-15 09:36 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 08:30 - 2016-12-15 09:36 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 08:27 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\Google
2016-12-07 08:27 - 2016-12-07 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-27 23:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\DMCache
2016-12-07 01:46 - 2016-12-22 12:40 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-07 01:46 - 2016-12-21 10:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\IDM
2016-12-07 01:46 - 2016-12-07 01:46 - 00000000 ____D C:\ProgramData\IDM
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-07 00:54 - 2016-12-07 15:02 - 00000000 ____D C:\Users\tony\AppData\Local\Microsoft Help
2016-12-07 00:54 - 2016-12-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help.old
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\Users\tony\AppData\Roaming\SYSTEMAX Software Development
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-12-07 00:43 - 2016-12-07 00:43 - 00000000 ____D C:\Users\tony\AppData\Local\Comms
2016-12-07 00:41 - 2016-12-24 22:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\vlc
2016-12-07 00:38 - 2016-12-14 08:52 - 00000000 ____D C:\Users\tony\AppData\Local\Steam
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\CEF
2016-12-07 00:35 - 2016-12-07 00:35 - 00000000 ____D C:\Users\tony\AppData\Local\MicrosoftEdge
2016-12-07 00:32 - 2016-12-07 00:32 - 00000000 ____D C:\Users\tony\AppData\Roaming\awsRun
2016-12-07 00:28 - 2016-12-27 23:46 - 00002366 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-07 00:28 - 2016-12-07 00:28 - 00000000 ____D C:\Users\tony\AppData\Local\Conexant
2016-12-07 00:27 - 2016-12-07 08:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DropboxOEM
2016-12-07 00:27 - 2016-12-07 00:27 - 00000000 ____D C:\Users\tony\AppData\Local\DropboxOEM
2016-12-07 00:26 - 2016-12-27 23:52 - 00000165 _____ C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-07 00:25 - 2016-12-27 23:44 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-07 00:25 - 2016-12-27 23:29 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2016-12-07 00:25 - 2016-12-19 09:34 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA Corporation
2016-12-07 00:25 - 2016-12-07 08:46 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA
2016-12-07 00:25 - 2016-12-07 01:35 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\WebStorage
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\Adobe
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\TileDataLayer
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\Publishers
2016-12-07 00:24 - 2016-12-07 01:35 - 00000000 ____D C:\Users\tony\AppData\Local\ConnectedDevicesPlatform
2016-12-07 00:24 - 2016-12-07 00:24 - 00000000 ____D C:\Users\tony\AppData\Roaming\Intel
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-12-07 00:17 - 2016-12-27 23:39 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-06 09:05 - 2016-12-06 09:05 - 00000000 ____D C:\NPE
2016-12-06 07:54 - 2016-12-06 07:54 - 00000000 ____D C:\Users\tony\AppData\LocalLow\uTorrent
2016-12-05 21:47 - 2016-12-05 21:47 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-12-05 21:46 - 2016-12-05 21:47 - 00202104 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.46.10_log.txt
2016-12-05 21:32 - 2016-12-05 21:32 - 00006660 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.32.14_log.txt
2016-12-05 20:28 - 2016-12-05 20:29 - 00008900 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.28.27_log.txt
2016-12-05 20:27 - 2016-12-05 20:28 - 00006638 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.27.50_log.txt
2016-12-05 12:56 - 2016-12-05 21:24 - 00181038 _____ C:\spyhunter.fix
2016-12-05 10:24 - 2016-12-05 10:24 - 00000000 ___HD C:\TMRescueDisk
2016-12-05 08:06 - 2016-12-05 08:06 - 00000000 _____ C:\autoexec.bat
2016-12-04 22:08 - 2016-12-04 22:08 - 00000385 _____ C:\Users\tony\AppData\Roaminguser_gensett.xml
2016-12-04 22:06 - 2016-12-05 09:55 - 00002367 _____ C:\bdlog.txt
2016-12-04 01:33 - 2016-12-04 21:56 - 00000000 ___HD C:\$AVG
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-07-16 19:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-28 00:27 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-28 00:25 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 00:25 - 2015-07-10 21:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-28 00:24 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-28 00:22 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 00:22 - 2015-07-10 19:04 - 00000108 _____ C:\WINDOWS\win.ini
2016-12-28 00:07 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-28 00:01 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-27 23:47 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-27 23:46 - 2016-07-13 06:02 - 00000000 ___RD C:\Users\tony\OneDrive
2016-12-27 23:46 - 2015-11-19 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-27 23:44 - 2016-07-13 05:59 - 00000000 __SHD C:\Users\tony\IntelGraphicsProfiles
2016-12-27 23:44 - 2015-11-19 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-27 23:43 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-27 23:43 - 2016-07-16 14:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-27 23:42 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Registration
2016-12-27 23:41 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-27 23:38 - 2016-07-16 19:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-27 23:33 - 2016-07-16 14:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-27 23:33 - 2015-08-18 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\IME
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Help
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-27 23:31 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-27 23:31 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-12-27 23:31 - 2015-11-19 20:03 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-27 23:31 - 2015-08-18 16:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-12-27 23:31 - 2015-08-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-12-27 23:30 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files\Intel Corporation
2016-12-27 23:30 - 2015-07-10 19:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-27 23:27 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-22 17:13 - 2015-11-19 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-19 09:34 - 2015-11-19 19:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-15 10:19 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-12 09:43 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-12 09:14 - 2015-11-19 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:12 - 2015-11-19 20:26 - 00000000 ____D C:\ProgramData\ASUS
2016-12-07 20:32 - 2016-07-15 18:31 - 00000000 ____D C:\Games
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\McAfee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee
2016-12-07 09:58 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-12-07 00:46 - 2016-09-16 18:18 - 00000000 ____D C:\PaintToolSAI
2016-12-07 00:30 - 2015-11-19 19:41 - 00000000 ____D C:\ProgramData\Intel
2016-12-07 00:25 - 2015-08-18 16:34 - 00000000 ____D C:\WINDOWS\Log
2016-12-07 00:09 - 2015-11-19 19:56 - 00000000 ____D C:\WINDOWS\Cnxt
2016-12-07 00:05 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WebStorage
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:02 - 00000000 ____D C:\ProgramData\Intel.sav
2016-12-07 00:04 - 2015-11-19 19:58 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\ICEpower
2016-12-07 00:03 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-12-07 00:03 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-07 00:03 - 2015-08-18 16:38 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-07 00:03 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-12-07 00:02 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee.com
2016-12-07 00:02 - 2015-11-19 20:12 - 00000000 ____D C:\Program Files\DIFX
2016-12-07 00:02 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-04 11:58 - 2016-08-27 20:33 - 00000000 ____D C:\Users\tony\.android
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\vmlogs
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\.BigNox
 
==================== Files in the root of some directories =======
 
2016-12-07 00:26 - 2016-12-27 23:52 - 0000165 _____ () C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-19 09:34 - 2016-12-27 23:36 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 09:34 - 2016-12-27 23:06 - 0005307 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
Some files in TEMP:
====================
C:\Users\tony\AppData\Local\Temp\ose00000.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-27 23:21
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by TONY (28-12-2016 00:32:31)
Running from D:\C backup\Downloads\Programs
Windows 10 Home Version 1607 (X64) (2016-12-27 15:43:58)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2339138057-2822180099-2837011375-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2339138057-2822180099-2837011375-503 - Limited - Disabled)
Guest (S-1-5-21-2339138057-2822180099-2837011375-501 - Limited - Disabled)
TONY (S-1-5-21-2339138057-2822180099-2837011375-1001 - Administrator - Enabled) => C:\Users\tony
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.1.1.3444 - Lenovo)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
GameFirst IV (x32 Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.164 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.01.238 - Huawei Technologies Co.,Ltd)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
RecoveRx version 3.1 (HKLM-x32\...\{3DE055DA-690F-43B8-9B7B-54E7D70806F9}_is1) (Version: 3.1 - Transcend Information, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (08/06/2015 8.0.0.19) (HKLM\...\149F37A1996406108DA0EB71D7EBC48895119059) (Version: 08/06/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {016829A4-701A-4994-8B9B-B6E1D9DB42D6} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {17807461-0EFA-4D27-8835-87AE1D6CAA29} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {20D4DCDB-F2F6-476B-A18D-A645ED4595E3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {331496C3-D463-4BAC-B585-287706DB01FB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {3A28EBF0-A121-43BD-B926-0EEECC012924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {3C9529AA-CF78-4213-AC19-7F349509A094} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {408A86ED-5ED3-47A7-9361-97EE74AC9DB2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {583E68E9-FD22-4E58-BFEA-DCB62AE4523C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {5B91FA03-EB76-4384-9D2D-648EF5A1A285} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {5F35619E-7F8E-4260-B30F-E3B3657AA91C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-07] ()
Task: {674DE2B8-3DF6-40FC-A861-233598B0BF9B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-30] ()
Task: {7F69EC01-4429-4177-AFBF-706C34D82382} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.)
Task: {80A7DD4E-4C00-4EDD-82DD-94F97D679090} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {918E83CB-068F-47A4-9019-B8AE25757D65} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {92F90DAB-B481-43D3-B4FE-EE930EB0741E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-18] (AsusTek)
Task: {942F8220-788D-416E-A2EC-F1C3CC5AE85E} - System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C} => pcalua.exe -a "D:\C backup\Downloads\Programs\win64_154510.4542.exe" -d "D:\C backup\Downloads\Programs"
Task: {9A7CD84F-53F0-4BB9-900B-54718BE85D80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {A6019B32-39A1-439F-9ED6-BE0763AEF55D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-06] (Intel Corporation)
Task: {A726AD0F-AED4-4344-802C-84BE057B337E} - System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE} => pcalua.exe -a C:\Users\tony\Downloads\Programs\win64_154510.4542.exe -d C:\Users\tony\Downloads\Programs
Task: {A7D67B3E-5279-4164-A517-9659FB60F5CD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-26] (ASUS)
Task: {AB9378E9-791A-44F7-A5C9-337F2F37D138} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B99BE41E-FF46-4A9D-870C-02E726508F60} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {B9C08214-7E14-4E02-9017-B71DE0664BC0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {BAB28B37-1A9F-4252-82A8-2AB3931C436D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {C7E13D18-BB7D-4CF7-9A38-64DFE1AA1DE2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {C894B456-DED6-4229-A61B-2328597AFB9E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {D5E44518-4149-4AD2-A394-1109E398B629} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E360CFDA-B244-4DAE-B4CA-4C0839EA8441} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E3743588-7A16-4C43-8C71-1C01151FD07B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-15] (ASUSTek Computer Inc.)
Task: {E97CA0EB-A9DE-428B-B819-D020A430F626} - System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789} => pcalua.exe -a D:\DOTA\war3.exe -d D:\DOTA
Task: {F329A320-85FA-4DBF-AFD3-D165E0A1A23C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-26] (ASUSTek Computer Inc.)
Task: {F7A3DD2A-4078-4328-890A-D29CE39EC3D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-09 01:00 - 2016-03-24 10:54 - 00242264 _____ () C:\Program Files (x86)\MobileBrServ\mbbservice.exe
2016-12-07 08:44 - 2016-12-13 07:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-20 11:10 - 2015-08-13 21:42 - 00607160 _____ () C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-12-27 23:25 - 2016-12-12 02:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-20 11:10 - 2015-08-13 21:42 - 00415656 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-12 09:43 - 2016-12-12 09:43 - 01678560 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 19:43 - 2016-07-16 19:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-19 09:34 - 2016-12-13 07:33 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2016-12-19 09:34 - 2016-12-13 07:33 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2016-12-19 09:34 - 2016-12-13 07:33 - 00018880 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2016-12-15 09:36 - 2016-12-08 16:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 09:36 - 2016-12-08 16:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-07-22 16:18 - 2015-07-22 16:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-12-07 08:44 - 2016-12-12 22:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-07 08:44 - 2016-12-12 22:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 09:34 - 2016-12-12 22:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-12-07 08:44 - 2016-12-13 07:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-27 23:46 - 2016-12-27 23:46 - 01244376 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\ClientTelemetry.dll
2016-12-19 09:34 - 2016-12-13 07:34 - 00018880 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2016-12-13 15:38 - 2016-12-08 23:13 - 00656160 _____ () D:\11111\SDL2.dll
2016-10-17 08:12 - 2016-09-01 09:02 - 04969248 _____ () D:\11111\v8.dll
2016-12-21 08:09 - 2016-12-20 10:25 - 02322720 _____ () D:\11111\video.dll
2016-10-17 08:12 - 2016-09-01 09:02 - 01563936 _____ () D:\11111\icui18n.dll
2016-10-17 08:12 - 2016-09-01 09:02 - 01195296 _____ () D:\11111\icuuc.dll
2016-10-17 08:12 - 2016-01-27 15:49 - 02549760 _____ () D:\11111\libavcodec-56.dll
2016-10-17 08:12 - 2016-01-27 15:49 - 00491008 _____ () D:\11111\libavformat-56.dll
2016-10-17 08:12 - 2016-01-27 15:49 - 00332800 _____ () D:\11111\libavresample-2.dll
2016-10-17 08:12 - 2016-01-27 15:49 - 00442880 _____ () D:\11111\libavutil-54.dll
2016-10-17 08:12 - 2016-01-27 15:49 - 00485888 _____ () D:\11111\libswscale-3.dll
2016-12-21 08:09 - 2016-12-20 10:25 - 00838944 _____ () D:\11111\bin\chromehtml.DLL
2016-10-17 08:12 - 2016-07-05 06:17 - 00266560 _____ () D:\11111\openvr_api.dll
2016-12-13 15:38 - 2016-12-06 00:21 - 67304736 _____ () D:\11111\bin\cef\cef.win7\libcef.dll
2016-12-21 08:09 - 2016-12-20 10:25 - 00388384 _____ () D:\11111\steam.dll
2016-10-17 08:12 - 2015-09-25 07:52 - 00119208 _____ () D:\11111\winh264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [149]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 19:04 - 2015-07-10 19:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{1C92788A-15BB-4556-923D-EE2760AB5DB5}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{3F469ABA-FABE-454A-9770-F263E5371233}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BAF3B46A-93D7-4CAF-9E05-02FA9BF86097}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{308D748D-FD4D-4C1B-A715-A0E14C756DDE}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8DAEFB94-DA88-489A-BC3B-C277D0448DCF}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBEED6A3-9739-4676-BCEE-DA77D5ED06EB}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2D7CDBD0-3DCA-43DA-A8B8-ED5CFF83B592}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79A3CD65-F871-42A4-B768-190FFE44E736}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{8FB5806F-8ABB-4DE7-AEA3-A8EBD84256C0}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{E3450C03-00E4-4B22-ACDE-5D0E1D68D039}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{207364E0-299E-49F7-A84F-2A7B6A7BE87E}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{0DF883EE-93F5-4EC2-8919-EBC06C9B33BF}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{F217CC85-F837-4823-9A28-89CFBF600C26}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{6157CD1F-BD8F-4CB9-8047-4A8D8B8CAACC}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{67386A29-903E-4C43-A233-4DFF4EA737ED}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8DA8BAC-FDD0-4DD9-B930-AD70D4D13F4E}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FDCAAF1-0071-47BE-A3EA-D8103F5FC454}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9BD35128-D215-4D31-899F-D3DD50AB6DCB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03D1142-0D1B-44A5-B47C-D6FDC2F63599}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2C47CCD8-C592-4835-B3AD-C2B4DB920AE8}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7DE7E810-D170-4865-A5F2-302C3FCC3891}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FD55F31D-1E7D-4B20-864F-34469CB9600C}] => D:\Steam\Steam.exe
FirewallRules: [{2875B16E-2E8C-4420-BD2F-C14A90C98DFB}] => D:\Steam\Steam.exe
FirewallRules: [{8D686A34-C3A9-42DC-BE8B-6DB20EDB0D6A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A128391E-21FE-4983-B883-60A4EDBC7B72}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A24A4013-168D-45EA-B886-2F4368E696B2}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{99C1059B-1257-4C22-B994-DB4D3ADF9A00}] => C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{283D518F-FA32-4F94-A253-D32949BCC04E}] => C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{CE10E4E5-E1AA-4FED-8385-EAF5DA9F0828}] => C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{ACFE884C-AECD-4C8B-A6CC-C75E21F60CBC}] => C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{92557CDC-DBCD-40A3-825A-BD8B25B4266E}] => C:\Windows\system32\ftp.exe
FirewallRules: [{B17D2FDD-549E-498C-9459-A9513BB1DBE5}] => C:\Windows\system32\ftp.exe
FirewallRules: [{CFCB0E73-2E52-4091-9214-7691BE64408E}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{A90F36A1-7D4B-4819-BB9F-C0E0326EFFD3}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{139149B7-2C6B-41ED-8D4E-066CDA8C5216}] => D:\11111\Steam.exe
FirewallRules: [{B6B029C2-60C0-462C-9953-CF23CD985027}] => D:\11111\Steam.exe
FirewallRules: [{DB07F914-B80D-4AF2-943B-CCDC7DC4727B}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B6411674-992F-4952-ACBD-207BD65A33CE}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
 
==================== Restore Points =========================
 
28-12-2016 00:21:01 Removed Microsoft Office Professional Plus 2016
28-12-2016 00:21:11 PROPLUS
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/28/2016 12:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/28/2016 12:21:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/27/2016 11:43:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-2G8ID0A$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:51 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
 
 
System errors:
=============
Error: (12/28/2016 12:29:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/27/2016 11:44:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B} did not register with DCOM within the required timeout.
 
Error: (12/27/2016 11:44:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/27/2016 11:44:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/27/2016 11:44:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/27/2016 11:44:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/27/2016 11:43:23 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (12/27/2016 11:42:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B} did not register with DCOM within the required timeout.
 
Error: (12/27/2016 11:41:42 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.
 
Error: (12/27/2016 11:40:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-27 23:24:29.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 16282.51 MB
Available physical RAM: 11996.32 MB
Total Virtual: 19226.51 MB
Available Virtual: 15056.22 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:371.41 GB) (Free:291.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:240.97 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5EAD28EC)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 27 December 2016 - 06:39 PM

Greetings,

Please rerun FRST and uncheck the Services box under Whitelist. In addition, boot into Safe Mode, run GMER again, and see if those entries appear again.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 28 December 2016 - 02:09 AM

here are the new results

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by TONY (administrator) on DESKTOP-2G8ID0A (28-12-2016 14:43:10)
Running from D:\APPSINSTALLER\FORVIRUS&RECOVERY
Loaded Profiles: TONY (Available Profiles: TONY)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MobileBrServ\mbbService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-06-01] ()
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4015216 2016-12-15] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1dbf2218-e3f7-489f-9a76-05fab60fa58c}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{40993488-4b8e-400e-a544-fa363639f86a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9ac186e3-6fe6-4f95-9023-02928769a9ad}: [DhcpNameServer] 192.168.168.1
Tcpip\..\Interfaces\{baf9ab7d-a322-4227-8c49-1cb89c0ee10d}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-12-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-07] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5 [2016-12-28] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin HKU\S-1-5-21-2339138057-2822180099-2837011375-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2016-12-28]
CHR Extension: (Google Slides) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Google Docs) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Google Sheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (All) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AJRouter; C:\WINDOWS\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\WINDOWS\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [125952 2016-07-16] (Microsoft Corporation)
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [560128 2016-07-16] (Microsoft Corporation)
S3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [2264064 2016-07-16] (Microsoft Corporation)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [123704 2015-07-08] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-13] (ASUS) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [107320 2015-04-02] (ASUSTek Computer Inc.)
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [337920 2016-07-16] (Microsoft Corporation)
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [944640 2016-07-16] (Microsoft Corporation)
S3 AxInstSV; C:\WINDOWS\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [354304 2016-07-16] (Microsoft Corporation)
R2 BFE; C:\WINDOWS\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
S3 BITS; C:\WINDOWS\System32\qmgr.dll [1052672 2016-07-16] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\bisrv.dll [765440 2016-07-16] (Microsoft Corporation)
S3 Browser; C:\WINDOWS\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\WINDOWS\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
S3 bthserv; C:\WINDOWS\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [409088 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 CertPropSvc; C:\WINDOWS\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
S3 ClipSVC; C:\WINDOWS\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo)
R2 CoreMessagingRegistrar; C:\WINDOWS\system32\coremessaging.dll [765456 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\WINDOWS\SysWOW64\coremessaging.dll [483840 2016-07-16] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [300472 2015-08-13] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [607160 2015-08-13] ()
R2 CryptSvc; C:\WINDOWS\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
R2 CxAudMsg; C:\WINDOWS\system32\CxAudMsg64.exe [207576 2014-10-20] (Conexant Systems Inc.)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\WINDOWS\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R3 DeviceAssociationService; C:\WINDOWS\system32\das.dll [447488 2016-07-16] (Microsoft Corporation)
S3 DeviceInstall; C:\WINDOWS\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\WINDOWS\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [1980416 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [407552 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [298496 2016-07-16] (Microsoft Corporation)
S3 dmwappushservice; C:\WINDOWS\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [264192 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\WINDOWS\system32\dosvc.dll [1234944 2016-07-16] (Microsoft Corporation)
S3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\WINDOWS\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
R3 DsmSvc; C:\WINDOWS\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
S3 DsSvc; C:\WINDOWS\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\WINDOWS\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\WINDOWS\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [285696 2016-07-16] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1708544 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [640928 2015-06-12] (Intel® Corporation)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
S3 fdPHost; C:\WINDOWS\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 FDResPub; C:\WINDOWS\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\WINDOWS\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\WINDOWS\system32\FntCache.dll [1840640 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [265808 2014-12-17] (WildTangent, Inc.)
R2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1225728 2016-07-16] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-12-07] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-12-07] (Google Inc.)
S3 hidserv; C:\WINDOWS\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
S3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\WINDOWS\system32\ListSvc.dll [274432 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\WINDOWS\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\WINDOWS\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 HvHost; C:\WINDOWS\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [217888 2015-06-03] (Intel Corporation)
S3 icssvc; C:\WINDOWS\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
R2 IKEEXT; C:\WINDOWS\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
R2 iphlpsvc; C:\WINDOWS\System32\iphlpsvc.dll [945664 2016-07-16] (Microsoft Corporation)
S3 irmon; C:\WINDOWS\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R3 KeyIso; C:\WINDOWS\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
S3 KtmRm; C:\WINDOWS\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [283136 2016-07-16] (Microsoft Corporation)
S3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
S3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [23040 2016-07-16] (Microsoft Corporation)
S3 lltdsvc; C:\WINDOWS\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
S3 lmhosts; C:\WINDOWS\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [415520 2015-07-22] (Intel Corporation)
R2 LSM; C:\WINDOWS\System32\lsm.dll [691712 2016-07-16] (Microsoft Corporation)
S2 MapsBroker; C:\WINDOWS\System32\moshost.dll [77312 2016-07-16] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [187840 2016-10-24] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MessagingService; C:\WINDOWS\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] ()
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
R2 MpsSvc; C:\WINDOWS\system32\mpssvc.dll [893952 2016-07-16] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\WINDOWS\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S3 NcaSvc; C:\WINDOWS\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\WINDOWS\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
S3 NcdAutoSetup; C:\WINDOWS\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\WINDOWS\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [265216 2016-07-16] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
R3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [983040 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [368640 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-12] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S2 OneSyncSvc; C:\WINDOWS\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 p2pimsvc; C:\WINDOWS\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\WINDOWS\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\WINDOWS\System32\pcasvc.dll [500064 2016-07-16] (Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 PerfHost; C:\WINDOWS\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [781312 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [203776 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\WINDOWS\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\WINDOWS\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R3 PlugPlay; C:\WINDOWS\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 PNRPAutoReg; C:\WINDOWS\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\WINDOWS\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
R3 PolicyAgent; C:\WINDOWS\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\WINDOWS\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3318272 2016-07-16] (Microsoft Corporation)
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [358400 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\WINDOWS\System32\rasmans.dll [647680 2016-07-16] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [157088 2015-06-12] (Intel® Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [495104 2016-07-16] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [430592 2016-07-16] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [650752 2016-07-16] (Microsoft Corporation)
S3 RmSvc; C:\WINDOWS\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
R2 RpcEptMapper; C:\WINDOWS\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [57400 2016-07-16] (Microsoft Corporation)
R2 SAService; C:\WINDOWS\SysWOW64\SAsrv.exe [447104 2011-09-01] (Conexant Systems, Inc.)
S2 SCardSvr; C:\WINDOWS\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [201728 2016-07-16] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
R3 SDRSVC; C:\WINDOWS\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\WINDOWS\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\System32\sens.dll [70656 2016-07-16] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1312768 2016-07-16] (Microsoft Corporation)
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [417792 2016-07-16] (Microsoft Corporation)
S3 SensrSvc; C:\WINDOWS\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [386560 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [331264 2016-07-16] (Microsoft Corporation)
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [541696 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\WINDOWS\System32\smphost.dll [23552 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\WINDOWS\SysWOW64\smphost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [787968 2016-07-16] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [5622600 2016-07-16] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\WINDOWS\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\system32\windows.staterepository.dll [4136448 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\SysWOW64\windows.staterepository.dll [3369984 2016-07-16] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1467168 2016-12-20] (Valve Corporation)
S3 stisvc; C:\WINDOWS\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\WINDOWS\system32\storsvc.dll [396800 2016-07-16] (Microsoft Corporation)
S3 svsvc; C:\WINDOWS\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\WINDOWS\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\WINDOWS\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\WINDOWS\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\WINDOWS\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\WINDOWS\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\WINDOWS\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [122880 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [95232 2016-07-16] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
S3 UmRdpService; C:\WINDOWS\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1184256 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [968704 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_b7a763; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1512448 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1020928 2016-07-16] (Microsoft Corporation)
R3 UsoSvc; C:\WINDOWS\system32\usocore.dll [539136 2016-07-16] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [649216 2016-07-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1443328 2016-07-16] (Microsoft Corporation)
S3 W32Time; C:\WINDOWS\system32\w32time.dll [520192 2016-07-16] (Microsoft Corporation)
S3 WalletService; C:\WINDOWS\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1547264 2016-07-16] (Microsoft Corporation)
S2 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [837632 2016-07-16] (Microsoft Corporation)
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [718848 2016-07-16] (Microsoft Corporation)
S3 wcncsvc; C:\WINDOWS\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\WINDOWS\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\WINDOWS\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
R3 WerSvc; C:\WINDOWS\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\WINDOWS\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\system32\winhttp.dll [814592 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\SysWOW64\winhttp.dll [631808 2016-07-16] (Microsoft Corporation)
R2 Winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2716672 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2333184 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2368512 2016-07-16] (Microsoft Corporation)
R3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2104832 2016-07-16] (Microsoft Corporation)
S3 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-07-16] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1836032 2016-07-16] (Microsoft Corporation)
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\WINDOWS\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\WINDOWS\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [187904 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903680 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [773120 2016-07-16] (Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [2314752 2016-07-16] (Microsoft Corporation)
R3 wudfsvc; C:\WINDOWS\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1281536 2016-07-16] (Microsoft Corporation)
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1012224 2016-07-16] (Microsoft Corporation)
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
U5 iaLPSS2_I2C; C:\Windows\System32\Drivers\iaLPSS2_I2C.sys [185128 2015-06-17] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-12-28 09:09 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-28 15:17 - 2016-12-28 15:17 - 00000000 ____D C:\Windows.old
2016-12-28 15:16 - 2016-12-28 15:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-28 15:16 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-28 14:43 - 2016-12-28 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-28 09:01 - 2016-12-28 09:09 - 00000000 ___HD C:\$WINDOWS.~BT
2016-12-28 08:30 - 2016-12-28 08:30 - 00000000 ___HD C:\$SysReset
2016-12-28 00:34 - 2016-12-28 00:34 - 00000000 ____D C:\Users\tony\Downloads\Compressed
2016-12-27 23:53 - 2016-12-28 12:33 - 00000998 _____ C:\Users\tony\Desktop\Steam.exe - Shortcut.lnk
2016-12-27 23:53 - 2016-12-28 11:38 - 00001289 _____ C:\Users\tony\Desktop\dota2.exe - Shortcut.lnk
2016-12-27 23:47 - 2016-12-27 23:47 - 00000000 ____D C:\ProgramData\USOShared
2016-12-27 23:46 - 2016-12-27 23:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-27 23:44 - 2016-12-27 23:44 - 00000020 ___SH C:\Users\tony\ntuser.ini
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-12-27 23:42 - 2016-12-28 09:09 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-12-27 23:42 - 2016-12-28 09:09 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-12-27 23:39 - 2016-12-28 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-27 23:39 - 2016-12-28 12:00 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-27 23:39 - 2016-12-28 11:48 - 00858932 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-27 23:39 - 2016-12-28 11:46 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-12-27 23:39 - 2016-12-28 11:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-27 23:39 - 2016-12-27 23:39 - 00003556 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-27 23:39 - 2016-12-27 23:39 - 00003308 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7527B890-9B1E-4B62-96B9-900E9F2530ED}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003142 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-27 23:39 - 2016-12-27 23:39 - 00003114 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003040 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2016-12-27 23:39 - 2016-12-27 23:39 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002996 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-12-27 23:39 - 2016-12-27 23:39 - 00002944 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-12-27 23:39 - 2016-12-27 23:39 - 00002902 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-12-27 23:39 - 2016-12-27 23:39 - 00002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-27 23:39 - 2016-12-27 23:39 - 00002674 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002516 _____ C:\WINDOWS\System32\Tasks\ROG Gaming Center
2016-12-27 23:39 - 2016-12-27 23:39 - 00002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-12-27 23:39 - 2016-12-27 23:39 - 00002198 _____ C:\WINDOWS\System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2016-12-27 23:39 - 2016-12-27 23:39 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-12-27 23:33 - 2016-12-27 23:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-12-27 23:30 - 2016-12-27 23:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-27 23:28 - 2016-12-27 23:44 - 00000000 ____D C:\Users\tony
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\My Documents
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Videos
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Pictures
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Music
2016-12-27 23:25 - 2016-12-12 02:47 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-27 23:25 - 2016-12-09 16:52 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-27 23:24 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:24 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2016-12-27 23:24 - 2016-12-27 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-12-27 23:23 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Conexant
2016-12-27 23:23 - 2016-12-27 23:23 - 00000000 ____D C:\Program Files\CONEXANT
2016-12-27 23:23 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-27 23:23 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-12-27 23:23 - 2011-09-01 00:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-12-27 23:22 - 2016-12-28 14:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-27 23:22 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-27 23:22 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Intel
2016-12-27 23:22 - 2016-12-27 23:22 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-27 23:22 - 2015-08-13 21:42 - 00107008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-12-27 23:22 - 2015-08-13 21:42 - 00101392 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-12-27 23:21 - 2016-12-28 11:41 - 00334288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-27 23:21 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-27 21:43 - 2016-12-27 21:43 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-27 21:43 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-27 21:43 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-27 21:40 - 2016-12-12 11:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-27 20:51 - 2016-12-27 20:51 - 00000747 _____ C:\Users\tony\Documents\Downloads - Shortcut.lnk
2016-12-26 16:59 - 2016-12-26 16:59 - 00024576 _____ C:\bcdbackup
2016-12-26 12:37 - 2016-12-26 12:37 - 00000000 ____D C:\New folder
2016-12-25 21:15 - 2016-12-25 21:15 - 00003072 _____ C:\WINDOWS\system32\umstartup.etl
2016-12-25 14:50 - 2016-12-25 14:52 - 00021024 _____ C:\WINDOWS\ntbtlog.txt
2016-12-25 08:08 - 2016-12-25 08:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2016-12-25 00:20 - 2016-12-25 08:25 - 00000000 ____D C:\Users\tony\AppData\Local\SKIDROW
2016-12-24 23:53 - 2016-12-27 21:00 - 00000000 ____D C:\Program Files (x86)\Hitman Absolution
2016-12-24 23:51 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\AppData\Local\Ubisoft Game Launcher
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\Users\tony\AppData\Roaming\Ubisoft
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\ProgramData\Ubisoft
2016-12-24 22:54 - 2016-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-12-24 19:41 - 2016-12-24 19:41 - 00000000 ____D C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903
2016-12-24 19:39 - 2016-12-24 19:39 - 00038961 _____ C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903.zip
2016-12-24 19:30 - 2016-12-24 22:34 - 00000000 ____D C:\Program Files (x86)\R.G. Games
2016-12-24 18:21 - 2016-12-24 18:23 - 00834550 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.21.02_log.txt
2016-12-24 18:18 - 2016-12-24 18:19 - 00102856 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.18.57_log.txt
2016-12-24 17:35 - 2016-12-27 23:31 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2016-12-24 17:35 - 2016-12-24 17:35 - 00707354 _____ C:\WINDOWS\unins000.exe
2016-12-24 17:35 - 2016-12-24 17:35 - 00001537 _____ C:\WINDOWS\unins000.dat
2016-12-24 17:34 - 2016-12-24 17:34 - 00875012 _____ C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2016-12-24 17:34 - 2016-12-24 17:34 - 00000000 ____D C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm
2016-12-23 21:41 - 2016-12-23 21:48 - 00000000 ____D C:\Users\tony\AppData\Local\Darksiders2
2016-12-22 17:14 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\Documents\Ghost Games
2016-12-22 17:01 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-12-22 12:57 - 2016-12-22 13:04 - 53039104 _____ C:\Users\tony\Documents\comodo_rescue_disk_2.0.261647.1.iso
2016-12-21 20:23 - 2016-12-21 20:23 - 00000000 ____D C:\Users\tony\Documents\Activision
2016-12-21 18:57 - 2016-12-21 18:57 - 00000000 ____D C:\Users\tony\AppData\Local\PunkBuster
2016-12-21 18:56 - 2016-12-23 21:41 - 00000000 ____D C:\Users\tony\Documents\My Games
2016-12-21 18:56 - 2016-12-21 18:56 - 00000000 ____D C:\ProgramData\Orbit
2016-12-21 08:29 - 2016-12-21 09:03 - 00000000 ____D C:\ESD
2016-12-21 08:28 - 2016-12-21 08:28 - 00000000 ___HD C:\$Windows.~WS
2016-12-20 19:39 - 2016-12-20 19:39 - 00000000 ____D C:\Users\tony\Documents\lucy-2014-english-yify-30449
2016-12-20 19:38 - 2016-12-20 19:38 - 00023588 _____ C:\Users\tony\Documents\lucy-2014-english-yify-30449.zip
2016-12-20 19:33 - 2016-12-20 19:33 - 00000000 ____D C:\Users\tony\Documents\lucy-english-yify-30601
2016-12-20 19:32 - 2016-12-20 19:32 - 00001919 _____ C:\Users\tony\Documents\lucy-english-yify-30601.zip
2016-12-20 18:59 - 2016-12-20 18:59 - 00000000 ____D C:\Users\tony\Documents\KoeiTecmo
2016-12-19 09:34 - 2016-12-28 11:40 - 00006973 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-19 09:34 - 2016-12-12 22:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-19 09:33 - 2016-12-13 07:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-16 23:02 - 2016-12-16 23:02 - 00000285 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (G) DVD_ROM.lnk
2016-12-16 22:34 - 2016-12-16 22:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DarkSoulsIII
2016-12-16 22:15 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2016-12-16 22:15 - 2016-12-16 22:15 - 00001224 _____ C:\Users\Public\Desktop\RecoveRx.lnk
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Recovered Files
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Program Files (x86)\Transcend
2016-12-16 20:11 - 2016-12-16 20:11 - 00000000 ____D C:\Users\tony\Documents\WB Games
2016-12-16 20:03 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\Middle Earth Shadow of Mordor
2016-12-16 19:47 - 2016-12-16 19:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\Transcend Elite
2016-12-15 19:51 - 2016-10-17 23:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-12-14 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 20:54 - 2016-12-13 20:54 - 941372703 _____ C:\WINDOWS\MEMORY.DMP
2016-12-13 15:38 - 2016-12-13 15:38 - 00000000 ____D C:\Users\tony\AppData\Local\Chromium
2016-12-12 21:13 - 2016-12-28 14:43 - 00000000 ____D C:\FRST
2016-12-12 17:38 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect2
2016-12-12 17:38 - 2016-12-12 17:38 - 00001201 _____ C:\Users\Public\Desktop\Connect2.lnk
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-12 17:35 - 2016-12-12 17:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-12 09:43 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2016-12-12 09:43 - 2016-12-12 09:43 - 00001159 _____ C:\Users\Public\Desktop\GameFirst IV.lnk
2016-12-12 09:43 - 2015-01-14 08:59 - 00051904 _____ (Titan ARC Corp.) C:\WINDOWS\system32\Drivers\netfilter2.sys
2016-12-09 01:00 - 2016-12-09 01:00 - 00000000 ____D C:\Program Files (x86)\MobileBrServ
2016-12-08 19:41 - 2016-12-08 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-08 14:34 - 2016-12-08 20:08 - 00000000 ____D C:\ProgramData\TEMP
2016-12-08 14:32 - 2016-12-10 16:34 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2016-12-08 14:12 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-12-08 14:12 - 2016-12-08 14:12 - 00001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 13:29 - 2016-12-08 13:30 - 00006638 _____ C:\TDSSKiller.3.1.0.12_08.12.2016_13.29.47_log.txt
2016-12-07 21:18 - 2016-12-07 21:21 - 00000000 ____D C:\Users\tony\AppData\Local\NPE
2016-12-07 21:18 - 2016-12-07 21:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Roaming\Steam
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Local\CAPCOM
2016-12-07 20:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-07 20:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-07 20:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-07 20:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-07 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-07 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-07 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-07 20:52 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-07 20:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-07 20:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-07 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-07 20:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-07 20:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-07 15:45 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\ASUS
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\MSBuild
2016-12-07 15:34 - 2016-12-27 23:41 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-07 15:18 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default.migrated
2016-12-07 14:51 - 2016-12-07 14:51 - 00000000 ____D C:\Users\tony\Documents\Custom Office Templates
2016-12-07 13:40 - 2016-12-07 13:09 - 00485032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-07 13:36 - 2016-12-14 09:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-07 13:35 - 2016-12-14 09:38 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-07 13:25 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-07 13:16 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-07 13:03 - 2016-12-07 13:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\Skype
2016-12-07 12:37 - 2016-12-07 12:37 - 00000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2016-12-07 12:16 - 2016-12-07 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-07 11:31 - 2016-12-07 12:59 - 00000230 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-07 09:55 - 2016-12-07 09:55 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Users\tony\AppData\Roaming\Macromedia
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-07 09:35 - 2016-12-07 09:35 - 00000600 _____ C:\Users\tony\PUTTY.RND
2016-12-07 09:06 - 2016-12-07 09:06 - 00001084 _____ C:\Users\tony\Desktop\Internet Download Manager.lnk
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-07 08:50 - 2016-12-02 04:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 08:47 - 2016-12-07 08:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\NVIDIA
2016-12-07 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-07 08:44 - 2016-12-25 08:27 - 00000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2016-12-07 08:44 - 2016-12-19 09:34 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-07 08:44 - 2016-12-13 07:37 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-07 08:44 - 2016-12-12 02:47 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-07 08:44 - 2016-12-07 10:40 - 00000000 ____D C:\Users\tony\AppData\Roaming\uTorrent
2016-12-07 08:44 - 2016-12-07 08:44 - 00000897 _____ C:\Users\tony\Desktop\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000877 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\Users\tony\AppData\Local\Lenovo
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-12-07 08:34 - 2016-12-07 08:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2016-12-07 08:30 - 2016-12-15 09:36 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 08:30 - 2016-12-15 09:36 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 08:27 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\Google
2016-12-07 08:27 - 2016-12-07 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
2016-12-07 01:46 - 2016-12-28 12:42 - 00000000 ____D C:\Users\tony\AppData\Roaming\DMCache
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-22 12:40 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-07 01:46 - 2016-12-21 10:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\IDM
2016-12-07 01:46 - 2016-12-07 01:46 - 00000000 ____D C:\ProgramData\IDM
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-07 00:54 - 2016-12-07 15:02 - 00000000 ____D C:\Users\tony\AppData\Local\Microsoft Help
2016-12-07 00:54 - 2016-12-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help.old
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\Users\tony\AppData\Roaming\SYSTEMAX Software Development
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-12-07 00:43 - 2016-12-07 00:43 - 00000000 ____D C:\Users\tony\AppData\Local\Comms
2016-12-07 00:41 - 2016-12-24 22:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\vlc
2016-12-07 00:38 - 2016-12-14 08:52 - 00000000 ____D C:\Users\tony\AppData\Local\Steam
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\CEF
2016-12-07 00:35 - 2016-12-07 00:35 - 00000000 ____D C:\Users\tony\AppData\Local\MicrosoftEdge
2016-12-07 00:32 - 2016-12-07 00:32 - 00000000 ____D C:\Users\tony\AppData\Roaming\awsRun
2016-12-07 00:28 - 2016-12-27 23:46 - 00002366 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-07 00:28 - 2016-12-07 00:28 - 00000000 ____D C:\Users\tony\AppData\Local\Conexant
2016-12-07 00:27 - 2016-12-07 08:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DropboxOEM
2016-12-07 00:27 - 2016-12-07 00:27 - 00000000 ____D C:\Users\tony\AppData\Local\DropboxOEM
2016-12-07 00:26 - 2016-12-28 14:42 - 00000165 _____ C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-07 00:25 - 2016-12-28 14:42 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-07 00:25 - 2016-12-27 23:29 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2016-12-07 00:25 - 2016-12-19 09:34 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA Corporation
2016-12-07 00:25 - 2016-12-07 08:46 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA
2016-12-07 00:25 - 2016-12-07 01:35 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\WebStorage
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\Adobe
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\TileDataLayer
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\Publishers
2016-12-07 00:24 - 2016-12-07 01:35 - 00000000 ____D C:\Users\tony\AppData\Local\ConnectedDevicesPlatform
2016-12-07 00:24 - 2016-12-07 00:24 - 00000000 ____D C:\Users\tony\AppData\Roaming\Intel
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-12-07 00:17 - 2016-12-27 23:39 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-06 09:05 - 2016-12-06 09:05 - 00000000 ____D C:\NPE
2016-12-06 07:54 - 2016-12-06 07:54 - 00000000 ____D C:\Users\tony\AppData\LocalLow\uTorrent
2016-12-05 21:47 - 2016-12-05 21:47 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-12-05 21:46 - 2016-12-05 21:47 - 00202104 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.46.10_log.txt
2016-12-05 21:32 - 2016-12-05 21:32 - 00006660 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.32.14_log.txt
2016-12-05 20:28 - 2016-12-05 20:29 - 00008900 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.28.27_log.txt
2016-12-05 20:27 - 2016-12-05 20:28 - 00006638 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.27.50_log.txt
2016-12-05 12:56 - 2016-12-05 21:24 - 00181038 _____ C:\spyhunter.fix
2016-12-05 10:24 - 2016-12-05 10:24 - 00000000 ___HD C:\TMRescueDisk
2016-12-05 08:06 - 2016-12-05 08:06 - 00000000 _____ C:\autoexec.bat
2016-12-04 22:08 - 2016-12-04 22:08 - 00000385 _____ C:\Users\tony\AppData\Roaminguser_gensett.xml
2016-12-04 22:06 - 2016-12-05 09:55 - 00002367 _____ C:\bdlog.txt
2016-12-04 01:33 - 2016-12-04 21:56 - 00000000 ___HD C:\$AVG
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-07-16 19:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-28 14:41 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-28 14:41 - 2016-07-13 05:59 - 00000000 __SHD C:\Users\tony\IntelGraphicsProfiles
2016-12-28 14:41 - 2015-11-19 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-28 11:40 - 2016-07-16 14:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-28 10:26 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-28 10:14 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-28 00:25 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 00:25 - 2015-07-10 21:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-28 00:24 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-28 00:22 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 00:22 - 2015-07-10 19:04 - 00000108 _____ C:\WINDOWS\win.ini
2016-12-27 23:47 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-27 23:46 - 2016-07-13 06:02 - 00000000 ___RD C:\Users\tony\OneDrive
2016-12-27 23:44 - 2015-11-19 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-27 23:43 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-27 23:43 - 2016-07-16 14:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-27 23:42 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Registration
2016-12-27 23:41 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-27 23:38 - 2016-07-16 19:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-27 23:33 - 2015-08-18 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\IME
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Help
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-27 23:31 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-27 23:31 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-12-27 23:31 - 2015-11-19 20:03 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-27 23:31 - 2015-08-18 16:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-12-27 23:31 - 2015-08-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-12-27 23:30 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files\Intel Corporation
2016-12-27 23:30 - 2015-07-10 19:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-27 23:27 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-22 17:13 - 2015-11-19 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-19 09:34 - 2015-11-19 19:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-15 10:19 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-12 09:43 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-12 09:14 - 2015-11-19 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:12 - 2015-11-19 20:26 - 00000000 ____D C:\ProgramData\ASUS
2016-12-07 20:32 - 2016-07-15 18:31 - 00000000 ____D C:\Games
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\McAfee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee
2016-12-07 09:58 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-12-07 00:46 - 2016-09-16 18:18 - 00000000 ____D C:\PaintToolSAI
2016-12-07 00:30 - 2015-11-19 19:41 - 00000000 ____D C:\ProgramData\Intel
2016-12-07 00:25 - 2015-08-18 16:34 - 00000000 ____D C:\WINDOWS\Log
2016-12-07 00:09 - 2015-11-19 19:56 - 00000000 ____D C:\WINDOWS\Cnxt
2016-12-07 00:05 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WebStorage
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:02 - 00000000 ____D C:\ProgramData\Intel.sav
2016-12-07 00:04 - 2015-11-19 19:58 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\ICEpower
2016-12-07 00:03 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-12-07 00:03 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-07 00:03 - 2015-08-18 16:38 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-07 00:03 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-12-07 00:02 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee.com
2016-12-07 00:02 - 2015-11-19 20:12 - 00000000 ____D C:\Program Files\DIFX
2016-12-07 00:02 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-04 11:58 - 2016-08-27 20:33 - 00000000 ____D C:\Users\tony\.android
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\vmlogs
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\.BigNox
 
==================== Files in the root of some directories =======
 
2016-12-07 00:26 - 2016-12-28 14:42 - 0000165 _____ () C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-19 09:34 - 2016-12-28 14:42 - 0003771 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 09:34 - 2016-12-28 11:40 - 0006973 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-27 23:21
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by TONY (28-12-2016 14:44:28)
Running from D:\APPSINSTALLER\FORVIRUS&RECOVERY
Windows 10 Home Version 1607 (X64) (2016-12-27 15:43:58)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2339138057-2822180099-2837011375-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2339138057-2822180099-2837011375-503 - Limited - Disabled)
Guest (S-1-5-21-2339138057-2822180099-2837011375-501 - Limited - Disabled)
TONY (S-1-5-21-2339138057-2822180099-2837011375-1001 - Administrator - Enabled) => C:\Users\tony
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.1.1.3444 - Lenovo)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
GameFirst IV (x32 Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.164 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.01.238 - Huawei Technologies Co.,Ltd)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
RecoveRx version 3.1 (HKLM-x32\...\{3DE055DA-690F-43B8-9B7B-54E7D70806F9}_is1) (Version: 3.1 - Transcend Information, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (08/06/2015 8.0.0.19) (HKLM\...\149F37A1996406108DA0EB71D7EBC48895119059) (Version: 08/06/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {016829A4-701A-4994-8B9B-B6E1D9DB42D6} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {17807461-0EFA-4D27-8835-87AE1D6CAA29} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {20D4DCDB-F2F6-476B-A18D-A645ED4595E3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {331496C3-D463-4BAC-B585-287706DB01FB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {3A28EBF0-A121-43BD-B926-0EEECC012924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {3C9529AA-CF78-4213-AC19-7F349509A094} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {408A86ED-5ED3-47A7-9361-97EE74AC9DB2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {583E68E9-FD22-4E58-BFEA-DCB62AE4523C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {5B91FA03-EB76-4384-9D2D-648EF5A1A285} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {5F35619E-7F8E-4260-B30F-E3B3657AA91C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-07] ()
Task: {674DE2B8-3DF6-40FC-A861-233598B0BF9B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-30] ()
Task: {7F69EC01-4429-4177-AFBF-706C34D82382} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.)
Task: {80A7DD4E-4C00-4EDD-82DD-94F97D679090} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {830D582D-C58C-42E5-8EE1-91D2C8E48801} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {918E83CB-068F-47A4-9019-B8AE25757D65} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {92F90DAB-B481-43D3-B4FE-EE930EB0741E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-18] (AsusTek)
Task: {942F8220-788D-416E-A2EC-F1C3CC5AE85E} - System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C} => pcalua.exe -a "D:\C backup\Downloads\Programs\win64_154510.4542.exe" -d "D:\C backup\Downloads\Programs"
Task: {9A7CD84F-53F0-4BB9-900B-54718BE85D80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {A6019B32-39A1-439F-9ED6-BE0763AEF55D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-06] (Intel Corporation)
Task: {A726AD0F-AED4-4344-802C-84BE057B337E} - System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE} => pcalua.exe -a C:\Users\tony\Downloads\Programs\win64_154510.4542.exe -d C:\Users\tony\Downloads\Programs
Task: {A7D67B3E-5279-4164-A517-9659FB60F5CD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-26] (ASUS)
Task: {B99BE41E-FF46-4A9D-870C-02E726508F60} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {BAB28B37-1A9F-4252-82A8-2AB3931C436D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {C7E13D18-BB7D-4CF7-9A38-64DFE1AA1DE2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {C894B456-DED6-4229-A61B-2328597AFB9E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {D5E44518-4149-4AD2-A394-1109E398B629} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E3743588-7A16-4C43-8C71-1C01151FD07B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-15] (ASUSTek Computer Inc.)
Task: {E802FFFA-6A6D-4983-BCDA-249EC612DADA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E97CA0EB-A9DE-428B-B819-D020A430F626} - System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789} => pcalua.exe -a D:\DOTA\war3.exe -d D:\DOTA
Task: {ED679713-BF2F-4695-9A16-C897FF4F3524} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {F329A320-85FA-4DBF-AFD3-D165E0A1A23C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-26] (ASUSTek Computer Inc.)
Task: {F7A3DD2A-4078-4328-890A-D29CE39EC3D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-12-07 08:44 - 2016-12-13 07:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-09 01:00 - 2016-03-24 10:54 - 00242264 _____ () C:\Program Files (x86)\MobileBrServ\mbbservice.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00236488 _____ () c:\windows\system32\WerEtw.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-20 11:10 - 2015-08-13 21:42 - 00415656 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-27 23:46 - 2016-12-27 23:46 - 01678560 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\amd64\ClientTelemetry.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 19:43 - 2016-07-16 19:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 00:15 - 2015-06-01 00:15 - 00063272 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
2015-07-22 16:18 - 2015-07-22 16:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-12-27 23:46 - 2016-12-27 23:46 - 01244376 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\ClientTelemetry.dll
2016-12-07 08:44 - 2016-12-13 07:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-07 08:44 - 2016-12-12 22:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-07 08:44 - 2016-12-12 22:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 09:34 - 2016-12-12 22:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [149]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 19:04 - 2015-07-10 19:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{1C92788A-15BB-4556-923D-EE2760AB5DB5}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{3F469ABA-FABE-454A-9770-F263E5371233}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BAF3B46A-93D7-4CAF-9E05-02FA9BF86097}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{308D748D-FD4D-4C1B-A715-A0E14C756DDE}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8DAEFB94-DA88-489A-BC3B-C277D0448DCF}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBEED6A3-9739-4676-BCEE-DA77D5ED06EB}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2D7CDBD0-3DCA-43DA-A8B8-ED5CFF83B592}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79A3CD65-F871-42A4-B768-190FFE44E736}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{8FB5806F-8ABB-4DE7-AEA3-A8EBD84256C0}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{E3450C03-00E4-4B22-ACDE-5D0E1D68D039}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{207364E0-299E-49F7-A84F-2A7B6A7BE87E}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{0DF883EE-93F5-4EC2-8919-EBC06C9B33BF}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{F217CC85-F837-4823-9A28-89CFBF600C26}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{6157CD1F-BD8F-4CB9-8047-4A8D8B8CAACC}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{67386A29-903E-4C43-A233-4DFF4EA737ED}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8DA8BAC-FDD0-4DD9-B930-AD70D4D13F4E}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FDCAAF1-0071-47BE-A3EA-D8103F5FC454}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9BD35128-D215-4D31-899F-D3DD50AB6DCB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03D1142-0D1B-44A5-B47C-D6FDC2F63599}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2C47CCD8-C592-4835-B3AD-C2B4DB920AE8}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7DE7E810-D170-4865-A5F2-302C3FCC3891}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FD55F31D-1E7D-4B20-864F-34469CB9600C}] => D:\Steam\Steam.exe
FirewallRules: [{2875B16E-2E8C-4420-BD2F-C14A90C98DFB}] => D:\Steam\Steam.exe
FirewallRules: [{8D686A34-C3A9-42DC-BE8B-6DB20EDB0D6A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A128391E-21FE-4983-B883-60A4EDBC7B72}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A24A4013-168D-45EA-B886-2F4368E696B2}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{99C1059B-1257-4C22-B994-DB4D3ADF9A00}] => C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{283D518F-FA32-4F94-A253-D32949BCC04E}] => C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{CE10E4E5-E1AA-4FED-8385-EAF5DA9F0828}] => C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{ACFE884C-AECD-4C8B-A6CC-C75E21F60CBC}] => C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{92557CDC-DBCD-40A3-825A-BD8B25B4266E}] => C:\Windows\system32\ftp.exe
FirewallRules: [{B17D2FDD-549E-498C-9459-A9513BB1DBE5}] => C:\Windows\system32\ftp.exe
FirewallRules: [{CFCB0E73-2E52-4091-9214-7691BE64408E}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{A90F36A1-7D4B-4819-BB9F-C0E0326EFFD3}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{139149B7-2C6B-41ED-8D4E-066CDA8C5216}] => D:\11111\Steam.exe
FirewallRules: [{B6B029C2-60C0-462C-9953-CF23CD985027}] => D:\11111\Steam.exe
FirewallRules: [{DB07F914-B80D-4AF2-943B-CCDC7DC4727B}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B6411674-992F-4952-ACBD-207BD65A33CE}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D657E969-0382-488B-9D87-214D939F99AA}] => D:\GAMES\DOTA2\Steam.exe
FirewallRules: [{885641D3-ED2C-46C9-8F1C-9ABB78D25623}] => D:\GAMES\DOTA2\Steam.exe
FirewallRules: [{A3AD40C7-C4D5-4B8F-8F4E-A59EFA71F6E1}] => D:\GAMES\DOTA2\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DAADDF7-1A43-419C-A26A-92D6F55F72DC}] => D:\GAMES\DOTA2\bin\cef\cef.win7\steamwebhelper.exe
 
==================== Restore Points =========================
 
28-12-2016 00:21:01 Removed Microsoft Office Professional Plus 2016
28-12-2016 00:21:11 PROPLUS
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/28/2016 02:41:01 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 11:42:14 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-2G8ID0A$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(297ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (12/28/2016 10:36:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5653d523
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x57f40aa7
Exception code: 0xc0000005
Fault offset: 0x000093c4
Faulting process id: 0x317c
Faulting application start time: 0x01d260b33154df78
Faulting application path: c:\games\counter-strike global offensive\csgo.exe
Faulting module path: c:\games\counter-strike global offensive\bin\tier0.dll
Report Id: 5de54e01-20d4-41ef-90d9-1114a486f563
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/28/2016 08:25:57 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 12:40:08 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 12:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/28/2016 12:21:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/27/2016 11:43:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-2G8ID0A$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
 
System errors:
=============
Error: (12/28/2016 02:41:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The connect2hotspot service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (12/28/2016 11:41:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the connect2hotspot service to connect.
 
Error: (12/28/2016 11:41:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:40:40 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-27 23:24:29.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 15%
Total physical RAM: 16282.51 MB
Available physical RAM: 13826.39 MB
Total Virtual: 19226.51 MB
Available Virtual: 16809.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:371.41 GB) (Free:291.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:325.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5EAD28EC)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-12-28 14:57:17
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003c HGST_HTS721010A9E630 rev.JB0OA3J0 931.51GB
Running: 727k05mp.exe; Driver: C:\Users\tony\AppData\Local\Temp\pgldrkod.sys
 
 
---- Threads - GMER 2.2 ----
 
Thread  C:\WINDOWS\system32\csrss.exe [636:660]  ffffee9018396c20
 
---- EOF - GMER 2.2 ----
 


#11 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 28 December 2016 - 02:12 AM

here are the new results

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by TONY (administrator) on DESKTOP-2G8ID0A (28-12-2016 14:43:10)
Running from D:\APPSINSTALLER\FORVIRUS&RECOVERY
Loaded Profiles: TONY (Available Profiles: TONY)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MobileBrServ\mbbService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-06-01] ()
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4015216 2016-12-15] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1dbf2218-e3f7-489f-9a76-05fab60fa58c}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{40993488-4b8e-400e-a544-fa363639f86a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9ac186e3-6fe6-4f95-9023-02928769a9ad}: [DhcpNameServer] 192.168.168.1
Tcpip\..\Interfaces\{baf9ab7d-a322-4227-8c49-1cb89c0ee10d}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-11] (Internet Download Manager, Tonec Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-24] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-09-23] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-09-23] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-12-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-12-07] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\tony\AppData\Roaming\IDM\idmmzcc5 [2016-12-28] [not signed]
FF HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-23] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin HKU\S-1-5-21-2339138057-2822180099-2837011375-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2016-12-28]
CHR Extension: (Google Slides) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Google Docs) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Google Sheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (IDM Integration Module) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-12-15]
 
==================== Services (All) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AJRouter; C:\WINDOWS\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\WINDOWS\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [125952 2016-07-16] (Microsoft Corporation)
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [560128 2016-07-16] (Microsoft Corporation)
S3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [2264064 2016-07-16] (Microsoft Corporation)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [123704 2015-07-08] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-06-01] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-13] (ASUS) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [107320 2015-04-02] (ASUSTek Computer Inc.)
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [337920 2016-07-16] (Microsoft Corporation)
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [944640 2016-07-16] (Microsoft Corporation)
S3 AxInstSV; C:\WINDOWS\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [354304 2016-07-16] (Microsoft Corporation)
R2 BFE; C:\WINDOWS\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
S3 BITS; C:\WINDOWS\System32\qmgr.dll [1052672 2016-07-16] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\bisrv.dll [765440 2016-07-16] (Microsoft Corporation)
S3 Browser; C:\WINDOWS\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\WINDOWS\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
S3 bthserv; C:\WINDOWS\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [409088 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 CertPropSvc; C:\WINDOWS\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
S3 ClipSVC; C:\WINDOWS\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-11-29] (Lenovo)
R2 CoreMessagingRegistrar; C:\WINDOWS\system32\coremessaging.dll [765456 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\WINDOWS\SysWOW64\coremessaging.dll [483840 2016-07-16] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [300472 2015-08-13] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [607160 2015-08-13] ()
R2 CryptSvc; C:\WINDOWS\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
R2 CxAudMsg; C:\WINDOWS\system32\CxAudMsg64.exe [207576 2014-10-20] (Conexant Systems Inc.)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\WINDOWS\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R3 DeviceAssociationService; C:\WINDOWS\system32\das.dll [447488 2016-07-16] (Microsoft Corporation)
S3 DeviceInstall; C:\WINDOWS\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\WINDOWS\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [1980416 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [407552 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [298496 2016-07-16] (Microsoft Corporation)
S3 dmwappushservice; C:\WINDOWS\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [264192 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\WINDOWS\system32\dosvc.dll [1234944 2016-07-16] (Microsoft Corporation)
S3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\WINDOWS\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
R3 DsmSvc; C:\WINDOWS\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
S3 DsSvc; C:\WINDOWS\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\WINDOWS\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\WINDOWS\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [285696 2016-07-16] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-07-13] (Intel Corporation)
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1708544 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [640928 2015-06-12] (Intel® Corporation)
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
S3 fdPHost; C:\WINDOWS\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 FDResPub; C:\WINDOWS\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\WINDOWS\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\WINDOWS\system32\FntCache.dll [1840640 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [265808 2014-12-17] (WildTangent, Inc.)
R2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1225728 2016-07-16] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-12-07] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-12-07] (Google Inc.)
S3 hidserv; C:\WINDOWS\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
S3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\WINDOWS\system32\ListSvc.dll [274432 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\WINDOWS\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\WINDOWS\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 HvHost; C:\WINDOWS\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-07-14] (Intel Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [217888 2015-06-03] (Intel Corporation)
S3 icssvc; C:\WINDOWS\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
R2 IKEEXT; C:\WINDOWS\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel)
R2 iphlpsvc; C:\WINDOWS\System32\iphlpsvc.dll [945664 2016-07-16] (Microsoft Corporation)
S3 irmon; C:\WINDOWS\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R3 KeyIso; C:\WINDOWS\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
S3 KtmRm; C:\WINDOWS\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [283136 2016-07-16] (Microsoft Corporation)
S3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
S3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [23040 2016-07-16] (Microsoft Corporation)
S3 lltdsvc; C:\WINDOWS\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
S3 lmhosts; C:\WINDOWS\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [415520 2015-07-22] (Intel Corporation)
R2 LSM; C:\WINDOWS\System32\lsm.dll [691712 2016-07-16] (Microsoft Corporation)
S2 MapsBroker; C:\WINDOWS\System32\moshost.dll [77312 2016-07-16] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [187840 2016-10-24] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-09-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MessagingService; C:\WINDOWS\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] ()
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
R2 MpsSvc; C:\WINDOWS\system32\mpssvc.dll [893952 2016-07-16] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\WINDOWS\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S3 NcaSvc; C:\WINDOWS\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\WINDOWS\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
S3 NcdAutoSetup; C:\WINDOWS\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\WINDOWS\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [265216 2016-07-16] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
R3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [983040 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [368640 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-12] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S2 OneSyncSvc; C:\WINDOWS\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 p2pimsvc; C:\WINDOWS\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\WINDOWS\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\WINDOWS\System32\pcasvc.dll [500064 2016-07-16] (Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 PerfHost; C:\WINDOWS\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [781312 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [203776 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\WINDOWS\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\WINDOWS\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R3 PlugPlay; C:\WINDOWS\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 PNRPAutoReg; C:\WINDOWS\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\WINDOWS\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
R3 PolicyAgent; C:\WINDOWS\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\WINDOWS\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3318272 2016-07-16] (Microsoft Corporation)
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [358400 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\WINDOWS\System32\rasmans.dll [647680 2016-07-16] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [157088 2015-06-12] (Intel® Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [495104 2016-07-16] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [430592 2016-07-16] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [650752 2016-07-16] (Microsoft Corporation)
S3 RmSvc; C:\WINDOWS\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK COMPUTER INC.)
R2 RpcEptMapper; C:\WINDOWS\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [57400 2016-07-16] (Microsoft Corporation)
R2 SAService; C:\WINDOWS\SysWOW64\SAsrv.exe [447104 2011-09-01] (Conexant Systems, Inc.)
S2 SCardSvr; C:\WINDOWS\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [201728 2016-07-16] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
R3 SDRSVC; C:\WINDOWS\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\WINDOWS\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\System32\sens.dll [70656 2016-07-16] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1312768 2016-07-16] (Microsoft Corporation)
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [417792 2016-07-16] (Microsoft Corporation)
S3 SensrSvc; C:\WINDOWS\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [386560 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [331264 2016-07-16] (Microsoft Corporation)
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [541696 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\WINDOWS\System32\smphost.dll [23552 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\WINDOWS\SysWOW64\smphost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [787968 2016-07-16] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [5622600 2016-07-16] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\WINDOWS\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\system32\windows.staterepository.dll [4136448 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\SysWOW64\windows.staterepository.dll [3369984 2016-07-16] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1467168 2016-12-20] (Valve Corporation)
S3 stisvc; C:\WINDOWS\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\WINDOWS\system32\storsvc.dll [396800 2016-07-16] (Microsoft Corporation)
S3 svsvc; C:\WINDOWS\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\WINDOWS\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\WINDOWS\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\WINDOWS\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\WINDOWS\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\WINDOWS\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\WINDOWS\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [122880 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [95232 2016-07-16] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
S3 UmRdpService; C:\WINDOWS\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1184256 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [968704 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_b7a763; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1512448 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1020928 2016-07-16] (Microsoft Corporation)
R3 UsoSvc; C:\WINDOWS\system32\usocore.dll [539136 2016-07-16] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [649216 2016-07-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\system32\vssvc.exe [1443328 2016-07-16] (Microsoft Corporation)
S3 W32Time; C:\WINDOWS\system32\w32time.dll [520192 2016-07-16] (Microsoft Corporation)
S3 WalletService; C:\WINDOWS\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1547264 2016-07-16] (Microsoft Corporation)
S2 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [837632 2016-07-16] (Microsoft Corporation)
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [718848 2016-07-16] (Microsoft Corporation)
S3 wcncsvc; C:\WINDOWS\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\WINDOWS\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\WINDOWS\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
R3 WerSvc; C:\WINDOWS\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\WINDOWS\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\system32\winhttp.dll [814592 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\SysWOW64\winhttp.dll [631808 2016-07-16] (Microsoft Corporation)
R2 Winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2716672 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2333184 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2368512 2016-07-16] (Microsoft Corporation)
R3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2104832 2016-07-16] (Microsoft Corporation)
S3 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-07-16] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1836032 2016-07-16] (Microsoft Corporation)
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\WINDOWS\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\WINDOWS\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_b7a763; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_b7a763; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [187904 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903680 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [773120 2016-07-16] (Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [2314752 2016-07-16] (Microsoft Corporation)
R3 wudfsvc; C:\WINDOWS\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1281536 2016-07-16] (Microsoft Corporation)
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1012224 2016-07-16] (Microsoft Corporation)
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-08-13] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-18] (ASUS Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
U5 iaLPSS2_I2C; C:\Windows\System32\Drivers\iaLPSS2_I2C.sys [185128 2015-06-17] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257776 2015-07-14] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-08-13] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Windows ® Win 7 DDK provider)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-12-28 09:09 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-28 15:17 - 2016-12-28 15:17 - 00000000 ____D C:\Windows.old
2016-12-28 15:16 - 2016-12-28 15:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-12-28 15:16 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-12-28 14:43 - 2016-12-28 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-12-28 09:01 - 2016-12-28 09:09 - 00000000 ___HD C:\$WINDOWS.~BT
2016-12-28 08:30 - 2016-12-28 08:30 - 00000000 ___HD C:\$SysReset
2016-12-28 00:34 - 2016-12-28 00:34 - 00000000 ____D C:\Users\tony\Downloads\Compressed
2016-12-27 23:53 - 2016-12-28 12:33 - 00000998 _____ C:\Users\tony\Desktop\Steam.exe - Shortcut.lnk
2016-12-27 23:53 - 2016-12-28 11:38 - 00001289 _____ C:\Users\tony\Desktop\dota2.exe - Shortcut.lnk
2016-12-27 23:47 - 2016-12-27 23:47 - 00000000 ____D C:\ProgramData\USOShared
2016-12-27 23:46 - 2016-12-27 23:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-27 23:44 - 2016-12-27 23:44 - 00000020 ___SH C:\Users\tony\ntuser.ini
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\My Documents
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-12-27 23:43 - 2016-12-27 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-12-27 23:42 - 2016-12-28 09:09 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-12-27 23:42 - 2016-12-28 09:09 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-12-27 23:39 - 2016-12-28 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-12-27 23:39 - 2016-12-28 12:00 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-12-27 23:39 - 2016-12-28 11:48 - 00858932 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-27 23:39 - 2016-12-28 11:46 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-12-27 23:39 - 2016-12-28 11:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-27 23:39 - 2016-12-27 23:39 - 00003556 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-27 23:39 - 2016-12-27 23:39 - 00003308 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7527B890-9B1E-4B62-96B9-900E9F2530ED}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003142 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-27 23:39 - 2016-12-27 23:39 - 00003114 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00003040 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2016-12-27 23:39 - 2016-12-27 23:39 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002996 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-12-27 23:39 - 2016-12-27 23:39 - 00002944 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-12-27 23:39 - 2016-12-27 23:39 - 00002902 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-12-27 23:39 - 2016-12-27 23:39 - 00002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-27 23:39 - 2016-12-27 23:39 - 00002674 _____ C:\WINDOWS\System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002516 _____ C:\WINDOWS\System32\Tasks\ROG Gaming Center
2016-12-27 23:39 - 2016-12-27 23:39 - 00002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2016-12-27 23:39 - 2016-12-27 23:39 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002324 _____ C:\WINDOWS\System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-12-27 23:39 - 2016-12-27 23:39 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-12-27 23:39 - 2016-12-27 23:39 - 00002198 _____ C:\WINDOWS\System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789}
2016-12-27 23:39 - 2016-12-27 23:39 - 00002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2016-12-27 23:39 - 2016-12-27 23:39 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-12-27 23:39 - 2016-12-27 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-12-27 23:33 - 2016-12-27 23:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-12-27 23:33 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-12-27 23:30 - 2016-12-27 23:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-12-27 23:28 - 2016-12-27 23:44 - 00000000 ____D C:\Users\tony
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\My Documents
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Videos
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Pictures
2016-12-27 23:28 - 2016-12-27 23:28 - 00000000 _SHDL C:\Users\tony\Documents\My Music
2016-12-27 23:25 - 2016-12-12 02:47 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-27 23:25 - 2016-12-09 16:52 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-27 23:24 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-27 23:24 - 2016-12-27 23:24 - 00001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2016-12-27 23:24 - 2016-12-27 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-12-27 23:23 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Conexant
2016-12-27 23:23 - 2016-12-27 23:23 - 00000000 ____D C:\Program Files\CONEXANT
2016-12-27 23:23 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-12-27 23:23 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-12-27 23:23 - 2011-09-01 00:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-12-27 23:22 - 2016-12-28 14:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-27 23:22 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-27 23:22 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Intel
2016-12-27 23:22 - 2016-12-27 23:22 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-12-27 23:22 - 2016-12-27 23:22 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-12-27 23:22 - 2015-08-13 21:42 - 00107008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-12-27 23:22 - 2015-08-13 21:42 - 00101392 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-12-27 23:21 - 2016-12-28 11:41 - 00334288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-27 23:21 - 2016-12-27 23:21 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-27 21:43 - 2016-12-27 21:43 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-27 21:43 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-27 21:43 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-27 21:43 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-27 21:40 - 2016-12-12 11:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-27 21:40 - 2016-12-12 11:03 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-12-27 21:40 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-12-27 20:51 - 2016-12-27 20:51 - 00000747 _____ C:\Users\tony\Documents\Downloads - Shortcut.lnk
2016-12-26 16:59 - 2016-12-26 16:59 - 00024576 _____ C:\bcdbackup
2016-12-26 12:37 - 2016-12-26 12:37 - 00000000 ____D C:\New folder
2016-12-25 21:15 - 2016-12-25 21:15 - 00003072 _____ C:\WINDOWS\system32\umstartup.etl
2016-12-25 14:50 - 2016-12-25 14:52 - 00021024 _____ C:\WINDOWS\ntbtlog.txt
2016-12-25 08:08 - 2016-12-25 08:08 - 00000000 ____D C:\Program Files (x86)\2K Games
2016-12-25 00:20 - 2016-12-25 08:25 - 00000000 ____D C:\Users\tony\AppData\Local\SKIDROW
2016-12-24 23:53 - 2016-12-27 21:00 - 00000000 ____D C:\Program Files (x86)\Hitman Absolution
2016-12-24 23:51 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\AppData\Local\Ubisoft Game Launcher
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\Users\tony\AppData\Roaming\Ubisoft
2016-12-24 23:09 - 2016-12-24 23:09 - 00000000 ____D C:\ProgramData\Ubisoft
2016-12-24 22:54 - 2016-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-12-24 19:41 - 2016-12-24 19:41 - 00000000 ____D C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903
2016-12-24 19:39 - 2016-12-24 19:39 - 00038961 _____ C:\Users\tony\Documents\godsofegypt2016brripxvidac3-evo-english-84903.zip
2016-12-24 19:30 - 2016-12-24 22:34 - 00000000 ____D C:\Program Files (x86)\R.G. Games
2016-12-24 18:21 - 2016-12-24 18:23 - 00834550 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.21.02_log.txt
2016-12-24 18:18 - 2016-12-24 18:19 - 00102856 _____ C:\TDSSKiller.3.1.0.12_24.12.2016_18.18.57_log.txt
2016-12-24 17:35 - 2016-12-27 23:31 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2016-12-24 17:35 - 2016-12-24 17:35 - 00707354 _____ C:\WINDOWS\unins000.exe
2016-12-24 17:35 - 2016-12-24 17:35 - 00001537 _____ C:\WINDOWS\unins000.dat
2016-12-24 17:34 - 2016-12-24 17:34 - 00875012 _____ C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2016-12-24 17:34 - 2016-12-24 17:34 - 00000000 ____D C:\Users\tony\Documents\add_gpedit_msc_by_jwils876-d3kh6vm
2016-12-23 21:41 - 2016-12-23 21:48 - 00000000 ____D C:\Users\tony\AppData\Local\Darksiders2
2016-12-22 17:14 - 2016-12-27 21:02 - 00000000 ____D C:\Users\tony\Documents\Ghost Games
2016-12-22 17:01 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-12-22 12:57 - 2016-12-22 13:04 - 53039104 _____ C:\Users\tony\Documents\comodo_rescue_disk_2.0.261647.1.iso
2016-12-21 20:23 - 2016-12-21 20:23 - 00000000 ____D C:\Users\tony\Documents\Activision
2016-12-21 18:57 - 2016-12-21 18:57 - 00000000 ____D C:\Users\tony\AppData\Local\PunkBuster
2016-12-21 18:56 - 2016-12-23 21:41 - 00000000 ____D C:\Users\tony\Documents\My Games
2016-12-21 18:56 - 2016-12-21 18:56 - 00000000 ____D C:\ProgramData\Orbit
2016-12-21 08:29 - 2016-12-21 09:03 - 00000000 ____D C:\ESD
2016-12-21 08:28 - 2016-12-21 08:28 - 00000000 ___HD C:\$Windows.~WS
2016-12-20 19:39 - 2016-12-20 19:39 - 00000000 ____D C:\Users\tony\Documents\lucy-2014-english-yify-30449
2016-12-20 19:38 - 2016-12-20 19:38 - 00023588 _____ C:\Users\tony\Documents\lucy-2014-english-yify-30449.zip
2016-12-20 19:33 - 2016-12-20 19:33 - 00000000 ____D C:\Users\tony\Documents\lucy-english-yify-30601
2016-12-20 19:32 - 2016-12-20 19:32 - 00001919 _____ C:\Users\tony\Documents\lucy-english-yify-30601.zip
2016-12-20 18:59 - 2016-12-20 18:59 - 00000000 ____D C:\Users\tony\Documents\KoeiTecmo
2016-12-19 09:34 - 2016-12-28 11:40 - 00006973 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-19 09:34 - 2016-12-12 22:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-19 09:33 - 2016-12-13 07:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-19 09:33 - 2016-12-13 07:36 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-16 23:02 - 2016-12-16 23:02 - 00000285 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Drive (G) DVD_ROM.lnk
2016-12-16 22:34 - 2016-12-16 22:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DarkSoulsIII
2016-12-16 22:15 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcend
2016-12-16 22:15 - 2016-12-16 22:15 - 00001224 _____ C:\Users\Public\Desktop\RecoveRx.lnk
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Recovered Files
2016-12-16 22:15 - 2016-12-16 22:15 - 00000000 ____D C:\Program Files (x86)\Transcend
2016-12-16 20:11 - 2016-12-16 20:11 - 00000000 ____D C:\Users\tony\Documents\WB Games
2016-12-16 20:03 - 2016-12-27 21:02 - 00000000 ____D C:\Program Files (x86)\Middle Earth Shadow of Mordor
2016-12-16 19:47 - 2016-12-16 19:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\Transcend Elite
2016-12-15 19:51 - 2016-10-17 23:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-12-14 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 20:54 - 2016-12-13 20:54 - 941372703 _____ C:\WINDOWS\MEMORY.DMP
2016-12-13 15:38 - 2016-12-13 15:38 - 00000000 ____D C:\Users\tony\AppData\Local\Chromium
2016-12-12 21:13 - 2016-12-28 14:43 - 00000000 ____D C:\FRST
2016-12-12 17:38 - 2016-12-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect2
2016-12-12 17:38 - 2016-12-12 17:38 - 00001201 _____ C:\Users\Public\Desktop\Connect2.lnk
2016-12-12 17:38 - 2016-12-12 17:38 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-12 17:35 - 2016-12-12 17:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-12 09:43 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2016-12-12 09:43 - 2016-12-12 09:43 - 00001159 _____ C:\Users\Public\Desktop\GameFirst IV.lnk
2016-12-12 09:43 - 2015-01-14 08:59 - 00051904 _____ (Titan ARC Corp.) C:\WINDOWS\system32\Drivers\netfilter2.sys
2016-12-09 01:00 - 2016-12-09 01:00 - 00000000 ____D C:\Program Files (x86)\MobileBrServ
2016-12-08 19:41 - 2016-12-08 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-08 14:34 - 2016-12-08 20:08 - 00000000 ____D C:\ProgramData\TEMP
2016-12-08 14:32 - 2016-12-10 16:34 - 00000000 ____D C:\Program Files\A-FF Find and Mount
2016-12-08 14:12 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-12-08 14:12 - 2016-12-08 14:12 - 00001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-12-08 14:12 - 2016-12-08 14:12 - 00000000 ____D C:\Program Files\Recuva
2016-12-08 13:29 - 2016-12-08 13:30 - 00006638 _____ C:\TDSSKiller.3.1.0.12_08.12.2016_13.29.47_log.txt
2016-12-07 21:18 - 2016-12-07 21:21 - 00000000 ____D C:\Users\tony\AppData\Local\NPE
2016-12-07 21:18 - 2016-12-07 21:18 - 00000000 ____D C:\ProgramData\Norton
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Roaming\Steam
2016-12-07 21:07 - 2016-12-07 21:07 - 00000000 ____D C:\Users\tony\AppData\Local\CAPCOM
2016-12-07 20:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-12-07 20:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-07 20:52 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-12-07 20:52 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-12-07 20:52 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-12-07 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-07 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-07 20:52 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-12-07 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-12-07 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-12-07 20:52 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-12-07 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-12-07 20:52 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-12-07 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-12-07 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-12-07 20:52 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-12-07 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-12-07 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-12-07 20:52 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-07 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-12-07 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-12-07 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-12-07 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-12-07 20:52 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-12-07 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-12-07 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-12-07 20:52 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-12-07 20:52 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-12-07 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-12-07 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-12-07 20:52 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-12-07 20:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-12-07 20:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-12-07 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-12-07 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-12-07 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-12-07 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-12-07 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-12-07 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-12-07 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-12-07 15:45 - 2016-12-07 00:09 - 00000000 ____D C:\WINDOWS\ASUS
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:31 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-07 15:39 - 2016-12-27 23:30 - 00000000 ____D C:\Program Files\MSBuild
2016-12-07 15:34 - 2016-12-27 23:41 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-12-07 15:18 - 2016-12-27 23:33 - 00000000 ____D C:\Users\Default.migrated
2016-12-07 14:51 - 2016-12-07 14:51 - 00000000 ____D C:\Users\tony\Documents\Custom Office Templates
2016-12-07 13:40 - 2016-12-07 13:09 - 00485032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-07 13:36 - 2016-12-14 09:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-07 13:35 - 2016-12-14 09:38 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-07 13:25 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-07 13:16 - 2016-12-28 00:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-07 13:03 - 2016-12-07 13:03 - 00000000 ____D C:\Users\tony\AppData\Roaming\Skype
2016-12-07 12:37 - 2016-12-07 12:37 - 00000000 ____D C:\Users\tony\AppData\Local\ElevatedDiagnostics
2016-12-07 12:16 - 2016-12-07 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-07 11:31 - 2016-12-07 12:59 - 00000230 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 09:56 - 2016-12-07 09:56 - 00000000 ____D C:\ProgramData\Intel Security
2016-12-07 09:55 - 2016-12-07 09:55 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Users\tony\AppData\Roaming\Macromedia
2016-12-07 09:50 - 2016-12-07 09:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-07 09:35 - 2016-12-07 09:35 - 00000600 _____ C:\Users\tony\PUTTY.RND
2016-12-07 09:06 - 2016-12-07 09:06 - 00001084 _____ C:\Users\tony\Desktop\Internet Download Manager.lnk
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2016-12-07 08:57 - 2016-12-07 08:57 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-07 08:50 - 2016-12-02 04:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 08:50 - 2016-12-02 04:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 08:47 - 2016-12-07 08:47 - 00000000 ____D C:\Users\tony\AppData\Roaming\NVIDIA
2016-12-07 08:44 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-07 08:44 - 2016-12-25 08:27 - 00000000 ____D C:\Users\tony\AppData\Local\CrashDumps
2016-12-07 08:44 - 2016-12-19 09:34 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-07 08:44 - 2016-12-13 07:37 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-07 08:44 - 2016-12-13 07:37 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-07 08:44 - 2016-12-12 02:47 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-07 08:44 - 2016-12-07 10:40 - 00000000 ____D C:\Users\tony\AppData\Roaming\uTorrent
2016-12-07 08:44 - 2016-12-07 08:44 - 00000897 _____ C:\Users\tony\Desktop\µTorrent.lnk
2016-12-07 08:44 - 2016-12-07 08:44 - 00000877 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\Users\tony\AppData\Local\Lenovo
2016-12-07 08:39 - 2016-12-12 17:39 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\SHAREit
2016-12-07 08:39 - 2016-12-07 08:39 - 00000000 ____D C:\Program Files (x86)\SHAREit
2016-12-07 08:34 - 2016-12-07 08:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\WinRAR
2016-12-07 08:30 - 2016-12-15 09:36 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-07 08:30 - 2016-12-15 09:36 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-07 08:27 - 2016-12-07 08:39 - 00000000 ____D C:\Users\tony\AppData\Local\Google
2016-12-07 08:27 - 2016-12-07 08:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
2016-12-07 01:46 - 2016-12-28 12:42 - 00000000 ____D C:\Users\tony\AppData\Roaming\DMCache
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-12-07 01:46 - 2016-12-22 12:40 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-07 01:46 - 2016-12-21 10:06 - 00000000 ____D C:\Users\tony\AppData\Roaming\IDM
2016-12-07 01:46 - 2016-12-07 01:46 - 00000000 ____D C:\ProgramData\IDM
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-07 00:58 - 2016-12-07 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-27 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-07 00:56 - 2016-12-07 00:56 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-07 00:54 - 2016-12-07 15:02 - 00000000 ____D C:\Users\tony\AppData\Local\Microsoft Help
2016-12-07 00:54 - 2016-12-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft Help.old
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\Users\tony\AppData\Roaming\SYSTEMAX Software Development
2016-12-07 00:45 - 2016-12-07 00:45 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-12-07 00:43 - 2016-12-07 00:43 - 00000000 ____D C:\Users\tony\AppData\Local\Comms
2016-12-07 00:41 - 2016-12-24 22:34 - 00000000 ____D C:\Users\tony\AppData\Roaming\vlc
2016-12-07 00:38 - 2016-12-14 08:52 - 00000000 ____D C:\Users\tony\AppData\Local\Steam
2016-12-07 00:38 - 2016-12-07 00:38 - 00000000 ____D C:\Users\tony\AppData\Local\CEF
2016-12-07 00:35 - 2016-12-07 00:35 - 00000000 ____D C:\Users\tony\AppData\Local\MicrosoftEdge
2016-12-07 00:32 - 2016-12-07 00:32 - 00000000 ____D C:\Users\tony\AppData\Roaming\awsRun
2016-12-07 00:28 - 2016-12-27 23:46 - 00002366 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-07 00:28 - 2016-12-07 00:28 - 00000000 ____D C:\Users\tony\AppData\Local\Conexant
2016-12-07 00:27 - 2016-12-07 08:35 - 00000000 ____D C:\Users\tony\AppData\Roaming\DropboxOEM
2016-12-07 00:27 - 2016-12-07 00:27 - 00000000 ____D C:\Users\tony\AppData\Local\DropboxOEM
2016-12-07 00:26 - 2016-12-28 14:42 - 00000165 _____ C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-07 00:25 - 2016-12-28 14:42 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-12-07 00:25 - 2016-12-27 23:29 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2016-12-07 00:25 - 2016-12-19 09:34 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA Corporation
2016-12-07 00:25 - 2016-12-07 08:46 - 00000000 ____D C:\Users\tony\AppData\Local\NVIDIA
2016-12-07 00:25 - 2016-12-07 01:35 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\WebStorage
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Roaming\Adobe
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\TileDataLayer
2016-12-07 00:25 - 2016-12-07 00:25 - 00000000 ____D C:\Users\tony\AppData\Local\Publishers
2016-12-07 00:24 - 2016-12-07 01:35 - 00000000 ____D C:\Users\tony\AppData\Local\ConnectedDevicesPlatform
2016-12-07 00:24 - 2016-12-07 00:24 - 00000000 ____D C:\Users\tony\AppData\Roaming\Intel
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-12-07 00:22 - 2016-12-07 00:22 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-12-07 00:17 - 2016-12-27 23:39 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-06 09:05 - 2016-12-06 09:05 - 00000000 ____D C:\NPE
2016-12-06 07:54 - 2016-12-06 07:54 - 00000000 ____D C:\Users\tony\AppData\LocalLow\uTorrent
2016-12-05 21:47 - 2016-12-05 21:47 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-12-05 21:46 - 2016-12-05 21:47 - 00202104 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.46.10_log.txt
2016-12-05 21:32 - 2016-12-05 21:32 - 00006660 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_21.32.14_log.txt
2016-12-05 20:28 - 2016-12-05 20:29 - 00008900 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.28.27_log.txt
2016-12-05 20:27 - 2016-12-05 20:28 - 00006638 _____ C:\TDSSKiller.3.1.0.12_05.12.2016_20.27.50_log.txt
2016-12-05 12:56 - 2016-12-05 21:24 - 00181038 _____ C:\spyhunter.fix
2016-12-05 10:24 - 2016-12-05 10:24 - 00000000 ___HD C:\TMRescueDisk
2016-12-05 08:06 - 2016-12-05 08:06 - 00000000 _____ C:\autoexec.bat
2016-12-04 22:08 - 2016-12-04 22:08 - 00000385 _____ C:\Users\tony\AppData\Roaminguser_gensett.xml
2016-12-04 22:06 - 2016-12-05 09:55 - 00002367 _____ C:\bdlog.txt
2016-12-04 01:33 - 2016-12-04 21:56 - 00000000 ___HD C:\$AVG
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-28 15:20 - 2016-07-16 19:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-12-28 14:41 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-28 14:41 - 2016-07-13 05:59 - 00000000 __SHD C:\Users\tony\IntelGraphicsProfiles
2016-12-28 14:41 - 2015-11-19 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-28 11:40 - 2016-07-16 14:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-28 10:26 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-28 10:14 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-28 00:25 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 00:25 - 2015-07-10 21:14 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-28 00:24 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-28 00:22 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 00:22 - 2015-07-10 19:04 - 00000108 _____ C:\WINDOWS\win.ini
2016-12-27 23:47 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-27 23:46 - 2016-07-13 06:02 - 00000000 ___RD C:\Users\tony\OneDrive
2016-12-27 23:44 - 2015-11-19 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-27 23:43 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-27 23:43 - 2016-07-16 14:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-27 23:42 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Registration
2016-12-27 23:41 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-27 23:38 - 2016-07-16 19:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-27 23:33 - 2015-08-18 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-12-27 23:31 - 2016-07-16 22:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\IME
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Help
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-27 23:31 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-27 23:31 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-27 23:31 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-12-27 23:31 - 2015-11-19 20:03 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-12-27 23:31 - 2015-08-18 16:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-12-27 23:31 - 2015-08-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-12-27 23:31 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-12-27 23:30 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files\Intel Corporation
2016-12-27 23:30 - 2015-07-10 19:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-27 23:27 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-12-27 23:25 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-22 17:13 - 2015-11-19 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-19 09:34 - 2015-11-19 19:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-15 10:19 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-12 09:43 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-12 09:14 - 2015-11-19 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 09:12 - 2015-11-19 20:26 - 00000000 ____D C:\ProgramData\ASUS
2016-12-07 20:32 - 2016-07-15 18:31 - 00000000 ____D C:\Games
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\ProgramData\McAfee
2016-12-07 11:00 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee
2016-12-07 09:58 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-12-07 00:46 - 2016-09-16 18:18 - 00000000 ____D C:\PaintToolSAI
2016-12-07 00:30 - 2015-11-19 19:41 - 00000000 ____D C:\ProgramData\Intel
2016-12-07 00:25 - 2015-08-18 16:34 - 00000000 ____D C:\WINDOWS\Log
2016-12-07 00:09 - 2015-11-19 19:56 - 00000000 ____D C:\WINDOWS\Cnxt
2016-12-07 00:05 - 2015-11-19 20:31 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WildTangent
2016-12-07 00:05 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\WebStorage
2016-12-07 00:04 - 2015-11-19 20:31 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:07 - 00000000 ____D C:\ProgramData\Intel Corporation
2016-12-07 00:04 - 2015-11-19 20:02 - 00000000 ____D C:\ProgramData\Intel.sav
2016-12-07 00:04 - 2015-11-19 19:58 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\ProgramData\ASUS WebStorage
2016-12-07 00:04 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\mcafee.com
2016-12-07 00:03 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files (x86)\ICEpower
2016-12-07 00:03 - 2015-11-19 20:07 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-12-07 00:03 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-12-07 00:03 - 2015-08-18 16:38 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-07 00:03 - 2015-08-18 16:37 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-12-07 00:02 - 2015-11-19 20:16 - 00000000 ____D C:\Program Files\mcafee.com
2016-12-07 00:02 - 2015-11-19 20:12 - 00000000 ____D C:\Program Files\DIFX
2016-12-07 00:02 - 2015-11-19 20:02 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-12-04 11:58 - 2016-08-27 20:33 - 00000000 ____D C:\Users\tony\.android
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\vmlogs
2016-12-04 11:56 - 2016-08-27 20:32 - 00000000 ____D C:\Users\tony\.BigNox
 
==================== Files in the root of some directories =======
 
2016-12-07 00:26 - 2016-12-28 14:42 - 0000165 _____ () C:\Users\tony\AppData\Roaming\sp_data.sys
2016-12-19 09:34 - 2016-12-28 14:42 - 0003771 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 09:34 - 2016-12-28 11:40 - 0006973 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-27 23:21
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by TONY (28-12-2016 14:44:28)
Running from D:\APPSINSTALLER\FORVIRUS&RECOVERY
Windows 10 Home Version 1607 (X64) (2016-12-27 15:43:58)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2339138057-2822180099-2837011375-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2339138057-2822180099-2837011375-503 - Limited - Disabled)
Guest (S-1-5-21-2339138057-2822180099-2837011375-501 - Limited - Disabled)
TONY (S-1-5-21-2339138057-2822180099-2837011375-1001 - Administrator - Enabled) => C:\Users\tony
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.1.1.3444 - Lenovo)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
GameFirst IV (x32 Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.164 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.01.238 - Huawei Technologies Co.,Ltd)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
RecoveRx version 3.1 (HKLM-x32\...\{3DE055DA-690F-43B8-9B7B-54E7D70806F9}_is1) (Version: 3.1 - Transcend Information, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (08/06/2015 8.0.0.19) (HKLM\...\149F37A1996406108DA0EB71D7EBC48895119059) (Version: 08/06/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {016829A4-701A-4994-8B9B-B6E1D9DB42D6} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {17807461-0EFA-4D27-8835-87AE1D6CAA29} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {20D4DCDB-F2F6-476B-A18D-A645ED4595E3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {331496C3-D463-4BAC-B585-287706DB01FB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {3A28EBF0-A121-43BD-B926-0EEECC012924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {3C9529AA-CF78-4213-AC19-7F349509A094} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {408A86ED-5ED3-47A7-9361-97EE74AC9DB2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {583E68E9-FD22-4E58-BFEA-DCB62AE4523C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {5B91FA03-EB76-4384-9D2D-648EF5A1A285} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {5F35619E-7F8E-4260-B30F-E3B3657AA91C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-07] ()
Task: {674DE2B8-3DF6-40FC-A861-233598B0BF9B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-30] ()
Task: {7F69EC01-4429-4177-AFBF-706C34D82382} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.)
Task: {80A7DD4E-4C00-4EDD-82DD-94F97D679090} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {830D582D-C58C-42E5-8EE1-91D2C8E48801} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {918E83CB-068F-47A4-9019-B8AE25757D65} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-11] (ASUSTek Computer Inc.)
Task: {92F90DAB-B481-43D3-B4FE-EE930EB0741E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-18] (AsusTek)
Task: {942F8220-788D-416E-A2EC-F1C3CC5AE85E} - System32\Tasks\{26C441CB-49DF-4DD0-B4CA-2D2CE085D82C} => pcalua.exe -a "D:\C backup\Downloads\Programs\win64_154510.4542.exe" -d "D:\C backup\Downloads\Programs"
Task: {9A7CD84F-53F0-4BB9-900B-54718BE85D80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {A6019B32-39A1-439F-9ED6-BE0763AEF55D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-06] (Intel Corporation)
Task: {A726AD0F-AED4-4344-802C-84BE057B337E} - System32\Tasks\{496FBD46-38B6-41FE-A56A-79BE49545BCE} => pcalua.exe -a C:\Users\tony\Downloads\Programs\win64_154510.4542.exe -d C:\Users\tony\Downloads\Programs
Task: {A7D67B3E-5279-4164-A517-9659FB60F5CD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-26] (ASUS)
Task: {B99BE41E-FF46-4A9D-870C-02E726508F60} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {BAB28B37-1A9F-4252-82A8-2AB3931C436D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-07] (Google Inc.)
Task: {C7E13D18-BB7D-4CF7-9A38-64DFE1AA1DE2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {C894B456-DED6-4229-A61B-2328597AFB9E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation)
Task: {D5E44518-4149-4AD2-A394-1109E398B629} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E3743588-7A16-4C43-8C71-1C01151FD07B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-15] (ASUSTek Computer Inc.)
Task: {E802FFFA-6A6D-4983-BCDA-249EC612DADA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E97CA0EB-A9DE-428B-B819-D020A430F626} - System32\Tasks\{0EBCF799-E248-43CB-8004-73EC62822789} => pcalua.exe -a D:\DOTA\war3.exe -d D:\DOTA
Task: {ED679713-BF2F-4695-9A16-C897FF4F3524} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {F329A320-85FA-4DBF-AFD3-D165E0A1A23C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-26] (ASUSTek Computer Inc.)
Task: {F7A3DD2A-4078-4328-890A-D29CE39EC3D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-12-07 08:44 - 2016-12-13 07:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-09 01:00 - 2016-03-24 10:54 - 00242264 _____ () C:\Program Files (x86)\MobileBrServ\mbbservice.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00236488 _____ () c:\windows\system32\WerEtw.dll
2016-12-27 23:25 - 2016-12-12 02:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-20 11:10 - 2015-08-13 21:42 - 00415656 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-27 23:46 - 2016-12-27 23:46 - 01678560 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\amd64\ClientTelemetry.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 19:43 - 2016-07-16 19:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 19:43 - 2016-07-16 22:27 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 00:15 - 2015-06-01 00:15 - 00063272 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
2015-07-22 16:18 - 2015-07-22 16:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-07 08:44 - 2016-12-13 07:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-26 01:40 - 2015-08-26 01:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-12-27 23:46 - 2016-12-27 23:46 - 01244376 _____ () C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\ClientTelemetry.dll
2016-12-07 08:44 - 2016-12-13 07:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-07 08:44 - 2016-12-12 22:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-07 08:44 - 2016-12-12 22:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-07 08:44 - 2016-12-12 22:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-19 09:34 - 2016-12-12 22:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [149]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 19:04 - 2015-07-10 19:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{1C92788A-15BB-4556-923D-EE2760AB5DB5}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{3F469ABA-FABE-454A-9770-F263E5371233}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{BAF3B46A-93D7-4CAF-9E05-02FA9BF86097}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{308D748D-FD4D-4C1B-A715-A0E14C756DDE}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8DAEFB94-DA88-489A-BC3B-C277D0448DCF}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FBEED6A3-9739-4676-BCEE-DA77D5ED06EB}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2D7CDBD0-3DCA-43DA-A8B8-ED5CFF83B592}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{79A3CD65-F871-42A4-B768-190FFE44E736}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{8FB5806F-8ABB-4DE7-AEA3-A8EBD84256C0}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{E3450C03-00E4-4B22-ACDE-5D0E1D68D039}] => C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{207364E0-299E-49F7-A84F-2A7B6A7BE87E}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{0DF883EE-93F5-4EC2-8919-EBC06C9B33BF}] => C:\Users\tony\Downloads\Compressed\KMSpico Portable\KMSpico Portable\AutoPico.exe
FirewallRules: [{F217CC85-F837-4823-9A28-89CFBF600C26}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{6157CD1F-BD8F-4CB9-8047-4A8D8B8CAACC}] => C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{67386A29-903E-4C43-A233-4DFF4EA737ED}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8DA8BAC-FDD0-4DD9-B930-AD70D4D13F4E}] => C:\Users\tony\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FDCAAF1-0071-47BE-A3EA-D8103F5FC454}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9BD35128-D215-4D31-899F-D3DD50AB6DCB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03D1142-0D1B-44A5-B47C-D6FDC2F63599}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2C47CCD8-C592-4835-B3AD-C2B4DB920AE8}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7DE7E810-D170-4865-A5F2-302C3FCC3891}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FD55F31D-1E7D-4B20-864F-34469CB9600C}] => D:\Steam\Steam.exe
FirewallRules: [{2875B16E-2E8C-4420-BD2F-C14A90C98DFB}] => D:\Steam\Steam.exe
FirewallRules: [{8D686A34-C3A9-42DC-BE8B-6DB20EDB0D6A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A128391E-21FE-4983-B883-60A4EDBC7B72}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A24A4013-168D-45EA-B886-2F4368E696B2}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{99C1059B-1257-4C22-B994-DB4D3ADF9A00}] => C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{283D518F-FA32-4F94-A253-D32949BCC04E}] => C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{CE10E4E5-E1AA-4FED-8385-EAF5DA9F0828}] => C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{ACFE884C-AECD-4C8B-A6CC-C75E21F60CBC}] => C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{92557CDC-DBCD-40A3-825A-BD8B25B4266E}] => C:\Windows\system32\ftp.exe
FirewallRules: [{B17D2FDD-549E-498C-9459-A9513BB1DBE5}] => C:\Windows\system32\ftp.exe
FirewallRules: [{CFCB0E73-2E52-4091-9214-7691BE64408E}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{A90F36A1-7D4B-4819-BB9F-C0E0326EFFD3}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{139149B7-2C6B-41ED-8D4E-066CDA8C5216}] => D:\11111\Steam.exe
FirewallRules: [{B6B029C2-60C0-462C-9953-CF23CD985027}] => D:\11111\Steam.exe
FirewallRules: [{DB07F914-B80D-4AF2-943B-CCDC7DC4727B}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B6411674-992F-4952-ACBD-207BD65A33CE}] => D:\11111\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D657E969-0382-488B-9D87-214D939F99AA}] => D:\GAMES\DOTA2\Steam.exe
FirewallRules: [{885641D3-ED2C-46C9-8F1C-9ABB78D25623}] => D:\GAMES\DOTA2\Steam.exe
FirewallRules: [{A3AD40C7-C4D5-4B8F-8F4E-A59EFA71F6E1}] => D:\GAMES\DOTA2\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DAADDF7-1A43-419C-A26A-92D6F55F72DC}] => D:\GAMES\DOTA2\bin\cef\cef.win7\steamwebhelper.exe
 
==================== Restore Points =========================
 
28-12-2016 00:21:01 Removed Microsoft Office Professional Plus 2016
28-12-2016 00:21:11 PROPLUS
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/28/2016 02:41:01 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 11:42:14 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-2G8ID0A$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(297ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (12/28/2016 10:36:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5653d523
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x57f40aa7
Exception code: 0xc0000005
Fault offset: 0x000093c4
Faulting process id: 0x317c
Faulting application start time: 0x01d260b33154df78
Faulting application path: c:\games\counter-strike global offensive\csgo.exe
Faulting module path: c:\games\counter-strike global offensive\bin\tier0.dll
Report Id: 5de54e01-20d4-41ef-90d9-1114a486f563
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/28/2016 08:25:57 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 12:40:08 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (12/28/2016 12:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/28/2016 12:21:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/27/2016 11:43:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-2G8ID0A$ via https://INTC-KeyId-5e73c89aa3e902b272b9f0741f7d8730e3ec724a.microsoftaik.azure.net/templates/Aik/scep failed:
 
GetCACaps
 
Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
Error: (12/27/2016 11:39:57 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/DEFAULT namespace does not exist. The query will be ignored.
 
 
System errors:
=============
Error: (12/28/2016 02:41:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The connect2hotspot service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (12/28/2016 11:41:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the connect2hotspot service to connect.
 
Error: (12/28/2016 11:41:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:41:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 11:40:40 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/28/2016 08:26:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-27 23:24:29.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-12-27 23:24:29.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 15%
Total physical RAM: 16282.51 MB
Available physical RAM: 13826.39 MB
Total Virtual: 19226.51 MB
Available Virtual: 16809.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:371.41 GB) (Free:291.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:325.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5EAD28EC)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-12-28 14:57:17
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003c HGST_HTS721010A9E630 rev.JB0OA3J0 931.51GB
Running: 727k05mp.exe; Driver: C:\Users\tony\AppData\Local\Temp\pgldrkod.sys
 
 
---- Threads - GMER 2.2 ----
 
Thread  C:\WINDOWS\system32\csrss.exe [636:660]  ffffee9018396c20
 
---- EOF - GMER 2.2 ----
 


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 28 December 2016 - 10:47 AM

Greetings,

Please consider and do the following. If you set a Group Policy Restriction please remove the following line from the Fixlist.

GroupPolicy: Restriction <======= ATTENTION


===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows Key + R on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
FF Plugin HKU\S-1-5-21-2339138057-2822180099-2837011375-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
2016-12-27 23:39 - 2016-12-27 23:39 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
Task: {5F35619E-7F8E-4260-B30F-E3B3657AA91C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-07] ()
Task: {D5E44518-4149-4AD2-A394-1109E398B629} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [149]
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 ynottony

ynottony
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 29 December 2016 - 06:01 AM

here is the result

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by TONY (29-12-2016 18:24:01) Run:1
Running from D:\APPSINSTALLER\FORVIRUS&RECOVERY
Loaded Profiles: TONY (Available Profiles: TONY)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
FF Plugin HKU\S-1-5-21-2339138057-2822180099-2837011375-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
2016-12-27 23:39 - 2016-12-27 23:39 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-12-07 11:31 - 2016-12-07 11:31 - 00614400 _____ C:\WINDOWS\AutoKMS.exe
2016-12-07 11:31 - 2016-12-07 11:31 - 00000135 _____ C:\WINDOWS\AutoKMS.ini
2016-12-07 11:29 - 2016-12-07 11:29 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-12-07 11:29 - 2016-12-07 11:29 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-12-07 08:26 - 2016-12-07 08:29 - 00000000 ____D C:\Program Files (x86)\GUMDD0E.tmp
Task: {5F35619E-7F8E-4260-B30F-E3B3657AA91C} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-07] ()
Task: {D5E44518-4149-4AD2-A394-1109E398B629} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [149]
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-2339138057-2822180099-2837011375-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => key removed successfully
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => not found.
"C:\WINDOWS\System32\Tasks\AutoKMS" => not found.
"C:\WINDOWS\AutoKMS.exe" => not found.
C:\WINDOWS\AutoKMS.ini => moved successfully
C:\WINDOWS\SECOH-QAD.exe => moved successfully
C:\WINDOWS\SECOH-QAD.dll => moved successfully
C:\Program Files (x86)\GUMDD0E.tmp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F35619E-7F8E-4260-B30F-E3B3657AA91C} => key not found. 
C:\WINDOWS\System32\Tasks\AutoKMS => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5E44518-4149-4AD2-A394-1109E398B629}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5E44518-4149-4AD2-A394-1109E398B629}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully
C:\WINDOWS\Tasks\AutoKMS.job => not found.
C:\ProgramData\TEMP => ":6DDED7D9" ADS removed successfully.
 
 
The system needed a reboot.
 
==== End of Fixlog 18:24:24 ====


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 29 December 2016 - 10:15 AM

The rootkit entries you are seeing are false positives. Most likely those entries are related to McAfee protection mechanisms that are being misread by GMER. What I do know is your computer is clean. What I am guessing is McAfee is responsible for the false positive. Whether or not it is McAfee, I believe a legitimate program is the cause of the "Rootkit" detection. Although I don't think it is necessary to follow up any further, if you wanted to evaluate it further I guess you could uninstall McAfee and rerun GMER. I am not suggesting you need to but you could do that if you want.

Please run these.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,624 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:06 AM

Posted 03 January 2017 - 10:35 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users