Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

16 Svchost running rootkit or malware at my wits end


  • This topic is locked This topic is locked
2 replies to this topic

#1 juggalotus420000

juggalotus420000

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 05 January 2017 - 06:43 PM

i have 16 yes 16 svchost running multiple same files 4 wudfhost.exe two conhostexe, two crss.exe i need help as i have alll my daughters an family photos on here an much much else! I posted on this site or one similar a few weeks ago but the hacker/malware/rootkit saw that i was trying to remove it an blocked me out of windows 10 it would get to th login screen an just freeze... anyhow i finally managed to get usb recover drive an am now able to at least use the pc, so anyone who tried to help if this is the site im sorry but anyone any assitance please, an i see i should run farbar recovery scan tool an her are the results an i will be checking this post daily an hope for some help an to learn some computer knowledge from you rockstar pros  :bananas:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by J (administrator) on DESKTOP-H9CBHEV (05-01-2017 15:35:27)
Running from C:\Users\J\Desktop\apps
Loaded Profiles: J (Available Profiles: J)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\RESIDENT EVIL REVELATIONS 2\rerev2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
() C:\Program Files (x86)\qBittorrent\qbittorrent.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.59\opera.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8801024 2016-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Shadow Defender Daemon] => "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Auto
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-06] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Run: [Steam] => C:\games\STEAM\steam.exe [2876704 2016-12-19] (Valve Corporation)
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1299968 2016-09-06] (Microsoft Corporation)
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\MountPoints2: D - "D:\setup.exe" 
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\MountPoints2: {5d539812-6ebf-11e6-9bc6-1002b5277625} - "D:\Setup\rsrc\Autorun.exe" 
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-16] (Microsoft Corporation)
BootExecute: autocheck autochk * Partizan
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3e1de1b2-7798-4937-9173-4e369254958c}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{c4abceea-5f5c-4742-a14c-d9b3b27ec945}: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3720515146-3048848675-1458964446-1001 -> {98F3578C-C487-4C34-A1E9-E3060CF59189} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=33050001005_8.4.0.5165_i_ds
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-15] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3720515146-3048848675-1458964446-1001 -> about:start
 
FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-3720515146-3048848675-1458964446-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\J\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
 
Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\J\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-12-29]
OPR Extension: (Adblock Plus) - C:\Users\J\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-12-16]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [623072 2016-08-28] (Intel Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [227104 2016-09-16] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-11-15] (Intel Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2016-11-04] (SurfRight B.V.)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38760 2016-08-28] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-08-28] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
S2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2016-11-15] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [252008 2016-11-15] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [56344 2016-08-28] (HP)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2014-12-25] (Windows ® Win 7 DDK provider)
S3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-28] (CyberLink Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-11-15] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-11-15] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-30] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-30] (Disc Soft Ltd)
R1 epp64; C:\Program Files (x86)\Emsisoft Anti-Malware\epp64.sys [138504 2016-10-17] (Emsisoft GmbH)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [343608 2016-11-15] (Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30816 2016-08-28] (Intel)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [42520 2016-08-28] (HP)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-11-15] (REALiX™)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [345872 2016-08-28] (Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [140896 2016-08-28] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [78432 2016-08-28] (Intel)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7246096 2016-07-27] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_37b4386700c56708\nvlddmkm.sys [14181304 2016-12-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-10-16] (Greatis Software)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-11-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [752856 2016-11-16] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2016-12-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [62568 2016-11-15] (Synaptics Incorporated)
S3 tapstrong; C:\WINDOWS\System32\drivers\tapstrong.sys [34712 2016-03-09] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-01-04] ()
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [40008 2016-08-28] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-08-28] (HP)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-12-16] (Zemana Ltd.)
S3 cpuz138; \??\C:\Users\J\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-05 15:00 - 2017-01-05 15:01 - 18448344 _____ C:\Users\J\Downloads\unhackme.zip
2017-01-05 13:53 - 2017-01-05 13:54 - 16563352 _____ (Malwarebytes Corp.) C:\Users\J\Desktop\mbar-1.09.3.1001.exe
2017-01-05 13:52 - 2017-01-05 13:53 - 00892416 _____ (Farbar) C:\Users\J\Desktop\MiniToolBox.exe
2017-01-05 13:22 - 2017-01-05 13:22 - 00000000 ____D C:\Users\J\Desktop\WindowexeAllkiller
2017-01-05 12:57 - 2017-01-05 13:13 - 916172707 _____ C:\Users\J\Downloads\The.Binding.of.Isaac.Afterbirth.Plus.Update.1.rar
2017-01-05 12:57 - 2017-01-05 13:04 - 142460505 _____ C:\Users\J\Downloads\Dungeon.Rushers.v1.1.4.rar
2017-01-05 10:27 - 2017-01-05 10:27 - 02459663 _____ C:\Users\J\Downloads\genplus-gx-1.7.5-RC1.7z
2017-01-05 10:26 - 2017-01-05 10:26 - 02397332 _____ C:\Users\J\Downloads\genplus-gx-1.7.4.7z
2017-01-05 10:26 - 2017-01-05 10:26 - 02397332 _____ C:\Users\J\Desktop\genplus-gx-1.7.4.7z
2017-01-05 10:18 - 2017-01-05 10:18 - 01749312 _____ C:\Users\J\Downloads\Snes9x.GX.4.3.7.zip
2017-01-05 10:14 - 2017-01-05 13:15 - 00000000 ____D C:\Users\J\Downloads\100 Best GBA Roms
2017-01-05 10:14 - 2017-01-05 10:21 - 00000000 ____D C:\Users\J\Downloads\sgenroms
2017-01-05 10:09 - 2017-01-05 10:15 - 00000000 ____D C:\Users\J\Downloads\emulator ROMs
2017-01-05 10:07 - 2017-01-05 10:15 - 00000000 ____D C:\Users\J\Downloads\GBA
2017-01-05 09:52 - 2017-01-05 13:40 - 00000000 ____D C:\Users\J\Downloads\Element.2016.HC.HDRip.XviD.AC3-EVO
2017-01-05 09:50 - 2017-01-05 09:55 - 00000000 ____D C:\Users\J\Downloads\N64
2017-01-05 09:39 - 2017-01-05 09:52 - 202861305 _____ C:\Users\J\Downloads\emulator ROMs.rar
2017-01-05 09:36 - 2017-01-05 09:36 - 00000000 ____D C:\Users\J\Downloads\Mame.Rom.Starter.Set-99.6-m172b Supplement Sets
2017-01-05 09:35 - 2017-01-05 09:50 - 1623296066 _____ C:\Users\J\Downloads\Mame32.rar
2017-01-05 09:22 - 2017-01-05 09:22 - 00000989 _____ C:\Users\J\Desktop\WBFS Manager 3.0.lnk
2017-01-05 09:22 - 2017-01-05 09:22 - 00000000 ____D C:\Users\J\Documents\WBFS Manager Covers
2017-01-05 09:22 - 2017-01-05 09:22 - 00000000 ____D C:\Users\J\AppData\Roaming\Adobe
2017-01-05 08:10 - 2017-01-05 08:24 - 00000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-01-05 07:51 - 2017-01-05 07:51 - 02845640 _____ C:\Users\J\Downloads\WBFSManager3.0-RTW-x64 (1).zip
2017-01-05 07:48 - 2017-01-05 07:48 - 02392518 _____ C:\Users\J\Downloads\R259 (1).zip
2017-01-05 07:36 - 2017-01-05 07:51 - 00254252 _____ C:\TDSSKiller.3.1.0.12_05.01.2017_07.36.20_log.txt
2017-01-05 07:30 - 2017-01-05 07:33 - 08782031 _____ C:\Users\J\Downloads\DMLizard.zip
2017-01-05 07:20 - 2017-01-05 07:21 - 02392518 _____ C:\Users\J\Downloads\R259.zip
2017-01-05 07:03 - 2017-01-05 07:03 - 00000000 ____D C:\Users\J\Downloads\Suicide.Squad.2016.WEBRip.480p.x26.AAC-VYTO [P2PDL.com]
2017-01-05 06:57 - 2017-01-05 06:57 - 02845640 _____ C:\Users\J\Downloads\WBFSManager3.0-RTW-x64.zip
2017-01-05 06:56 - 2017-01-05 14:11 - 00000000 ____D C:\Users\J\Desktop\wii
2017-01-05 06:56 - 2017-01-05 06:56 - 00008757 _____ C:\Users\J\Downloads\Priiloader_hacks.zip
2017-01-05 06:54 - 2017-01-05 06:54 - 00001296 _____ C:\Users\J\Downloads\nboot.bin
2017-01-05 06:52 - 2017-01-05 06:52 - 02623374 _____ C:\Users\J\Downloads\WBFSManager3.0.1-RTW-x86.zip
2017-01-05 06:18 - 2017-01-05 08:23 - 00000000 ____D C:\Users\J\Downloads\Fear and Loathing in Las Vegas 1998 (1080p x265 10bit Joy)
2017-01-05 05:44 - 2017-01-05 07:59 - 00000000 ____D C:\Users\J\Downloads\The Accountant 2016 HC 720p WEBRip 950 MB - iExTV
2017-01-05 05:41 - 2017-01-05 05:42 - 06191892 _____ C:\Users\J\Downloads\WiiMC.1.3.4.Update.zip
2017-01-05 05:41 - 2017-01-05 05:41 - 06279579 _____ C:\Users\J\Downloads\WiiMC.1.3.4.New.Install (1).zip
2017-01-05 00:26 - 2017-01-05 00:26 - 00000042 _____ C:\cmdlog.txt
2017-01-05 00:26 - 2017-01-05 00:26 - 00000000 ____D C:\Users\J\Documents\LucasArts
2017-01-05 00:26 - 2017-01-05 00:26 - 00000000 ____D C:\Users\J\AppData\Local\LucasArts
2017-01-05 00:20 - 2017-01-05 00:24 - 01388448 _____ C:\Users\Public\ASR.dat
2017-01-04 23:49 - 2017-01-04 23:55 - 00000000 ____D C:\Users\J\Downloads\DC Week+ (01-04-2017)
2017-01-04 23:41 - 2017-01-04 23:41 - 00000000 ____D C:\Users\J\AppData\LocalLow\MinMax Games
2017-01-04 22:04 - 2017-01-04 22:05 - 06276293 _____ C:\Users\J\Downloads\WiiMC.1.2.7.New.Install.zip
2017-01-04 21:53 - 2017-01-04 21:54 - 02867921 _____ C:\Users\J\Downloads\MPlayerWii-0.07.zip
2017-01-04 21:36 - 2017-01-04 21:37 - 01373697 _____ C:\Users\J\Downloads\FCE.Ultra.GX.3.3.9.zip
2017-01-04 19:51 - 2017-01-04 19:51 - 00003754 _____ C:\WINDOWS\system32\NVIDIA System Information 01-04-2017 19-51-21.txt
2017-01-04 19:39 - 2017-01-04 19:39 - 00000000 _____ C:\Users\J\Desktop\New Text Document (2).txt
2017-01-04 17:24 - 2017-01-04 17:24 - 00001998 _____ C:\Users\Public\Desktop\iNetBet Casino.lnk
2017-01-04 17:24 - 2017-01-04 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iNetBet Casino
2017-01-04 17:22 - 2017-01-04 17:26 - 00000000 ____D C:\Program Files (x86)\iNetBet Casino
2017-01-04 16:42 - 2017-01-04 16:57 - 00000000 ____D C:\Users\J\Downloads\Miracles From Heaven 2016 720p BluRay 800 MB - iExTV
2017-01-04 16:17 - 2017-01-04 16:43 - 00000000 ____D C:\Users\J\Downloads\The.Magnificent.Seven.2016.720p.BRRip.x264.AAC-ETRG
2017-01-04 16:16 - 2017-01-04 16:56 - 875020638 _____ C:\Users\J\Downloads\Suicide Squad (2016) 1080P WEB-DL Extended cut Hevc Bluury.mkv
2017-01-04 12:42 - 2017-01-04 12:52 - 00000000 ____D C:\Users\J\Downloads\Marvel Week+ (01-04-2017)
2017-01-04 07:32 - 2017-01-04 07:32 - 00000000 ____D C:\Users\J\Documents\Dolphin Emulator
2017-01-04 03:59 - 2017-01-04 03:48 - 1459978240 _____ C:\Users\J\Downloads\Metal Gear Solid - The Twin Snakes (USA) (Disc 1).iso
2017-01-04 03:34 - 2017-01-04 03:46 - 1303699618 _____ C:\Users\J\Downloads\Metal Gear Solid - The Twin Snakes (USA) (Disc 2).7z
2017-01-04 03:34 - 2017-01-04 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2017-01-04 03:34 - 2017-01-04 03:35 - 00000000 ____D C:\Program Files\Dolphin
2017-01-04 03:34 - 2017-01-04 03:34 - 00000837 _____ C:\Users\Public\Desktop\Dolphin.lnk
2017-01-04 03:33 - 2017-01-04 03:34 - 19327064 _____ C:\Users\J\Desktop\dolphin-x64-5.0.exe
2017-01-04 03:32 - 2017-01-04 03:48 - 1306413109 _____ C:\Users\J\Downloads\Metal Gear Solid - The Twin Snakes (USA) (Disc 1).7z
2017-01-04 02:07 - 2016-03-09 14:25 - 00034712 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapstrong.sys
2017-01-04 00:33 - 2017-01-04 00:33 - 00001455 _____ C:\Users\Public\Desktop\Dragon Age Inquisition Deluxe Edition.lnk
2017-01-03 23:48 - 2017-01-03 23:48 - 00000052 _____ C:\Users\J\Downloads\Win10_UnistoreSvc_Service_Startup.cmd
2017-01-03 22:46 - 2017-01-03 23:42 - 00000000 ____D C:\Users\J\Downloads\codex-war.for.the.overworld.crucible
2017-01-03 10:22 - 2017-01-03 10:22 - 00001419 _____ C:\Users\J\Desktop\DukeForever.exe - Shortcut.lnk
2016-12-30 15:14 - 2016-12-30 15:14 - 00000923 _____ C:\Users\Public\Desktop\STAR WARS - The Force Unleashed II.lnk
2016-12-30 15:14 - 2016-12-30 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2016-12-29 23:10 - 2016-12-29 23:10 - 02840616 _____ C:\Users\J\Downloads\SecurityTaskManager_Setup.exe
2016-12-29 18:55 - 2016-12-30 14:44 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-12-29 18:27 - 2016-12-29 18:27 - 00000000 _____ C:\Users\J\Desktop\New Text Document.txt
2016-12-29 17:54 - 2017-01-04 17:07 - 00000000 ____D C:\Program Files (x86)\Cool Cat Casino
2016-12-29 17:54 - 2016-12-29 17:54 - 00002007 _____ C:\Users\Public\Desktop\Cool Cat Casino.lnk
2016-12-29 17:54 - 2016-12-29 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Cat Casino
2016-12-29 16:27 - 2017-01-05 00:18 - 00004076 _____ C:\Users\J\Desktop\Rkill.txt
2016-12-29 14:47 - 2009-09-01 18:14 - 00000000 ____D C:\Users\J\Downloads\World of Warcraft 1.12
2016-12-29 13:52 - 2017-01-04 01:33 - 00000883 _____ C:\Users\J\Desktop\War for the Overworld Crucible.lnk
2016-12-29 13:52 - 2017-01-04 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\War for the Overworld Crucible
2016-12-29 02:43 - 2016-12-29 07:33 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-12-29 01:49 - 2016-12-29 01:49 - 02133200 _____ C:\Users\J\Downloads\cemu_1.6.4.zip
2016-12-29 01:49 - 2016-12-29 01:49 - 02133200 _____ C:\Users\J\Downloads\cemu_1.6.4 (1).zip
2016-12-29 00:27 - 2016-12-29 00:27 - 00000986 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2016-12-29 00:27 - 2016-12-29 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2016-12-28 23:41 - 2016-12-28 23:41 - 00000000 ____D C:\Users\J\Downloads\cemu_1.6.4b
2016-12-28 23:25 - 2017-01-04 23:37 - 00003320 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-28 23:25 - 2017-01-04 20:03 - 00003320 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-28 22:59 - 2016-12-28 22:59 - 00000000 ____D C:\ProgramData\Network Security Task Manager
2016-12-28 22:33 - 2016-12-28 22:33 - 00002094 _____ C:\Users\Public\Desktop\The.Walking.Dead.A.New.Frontier.Episode.1.And.2.REPACK-KaOs.lnk
2016-12-28 22:33 - 2016-12-28 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaOs
2016-12-28 21:34 - 2015-05-18 23:28 - 00000000 ____D C:\Users\J\Downloads\DFE3B7FD
2016-12-28 21:27 - 2016-12-28 21:52 - 00000000 ____D C:\Users\J\Downloads\DC Week+ (12-28-2016)
2016-12-28 21:20 - 2016-12-28 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-12-28 12:26 - 2016-12-28 12:26 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-28 12:24 - 2016-12-28 12:24 - 00000000 ____D C:\Users\J\Documents\Rockstar Games
2016-12-28 12:24 - 2016-12-28 12:24 - 00000000 ____D C:\Users\J\AppData\Local\Rockstar Games
2016-12-28 06:49 - 2016-12-28 06:49 - 00000208 _____ C:\Users\J\Desktop\No More Room in Hell.url
2016-12-28 03:19 - 2016-12-28 21:35 - 00002271 _____ C:\Users\J\Desktop\Grand Theft Auto V.lnk
2016-12-28 03:19 - 2016-12-28 03:19 - 00000000 ____D C:\Users\J\AppData\Roaming\Grand Theft Auto V
2016-12-28 03:14 - 2016-12-28 03:14 - 00000000 ____D C:\Users\J\Downloads\Windows 10 default services
2016-12-28 03:13 - 2016-12-28 03:13 - 00412586 _____ C:\Users\J\Downloads\Windows_10_default_services.zip
2016-12-28 03:13 - 2016-12-28 03:13 - 00412586 _____ C:\Users\J\Downloads\Windows_10_default_services (1).zip
2016-12-27 22:03 - 2016-12-27 22:04 - 02133038 _____ C:\Users\J\Downloads\cemu_1.6.4b.zip
2016-12-27 13:38 - 2016-12-27 13:38 - 00004408 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-12-12 15:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-27 13:38 - 2016-12-12 15:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-27 13:38 - 2016-12-12 06:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-27 13:06 - 2016-12-27 13:08 - 06279579 _____ C:\Users\J\Downloads\WiiMC.1.3.4.New.Install.zip
2016-12-25 14:59 - 2016-12-25 15:19 - 293873214 _____ C:\Users\J\Downloads\The.Curse.of.Oak.Island.S04E01.Going.for.Broke.HDTV.x264-SDI.mp4
2016-12-22 14:55 - 2016-12-22 14:55 - 00015142 _____ C:\Users\J\Downloads\423DD7CB73EB53955436F333A6508A5D7C87DFB8.torrent
2016-12-22 07:56 - 2016-12-22 07:56 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2016-12-22 07:53 - 2016-12-09 02:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-22 07:53 - 2016-12-09 02:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-22 07:53 - 2016-12-09 02:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-22 07:53 - 2016-12-09 02:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-22 07:53 - 2016-12-09 02:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-22 07:53 - 2016-12-09 02:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-22 07:53 - 2016-12-09 02:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-22 07:53 - 2016-12-09 02:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-22 07:53 - 2016-12-09 02:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-22 07:53 - 2016-12-09 02:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-22 07:53 - 2016-12-09 02:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-22 07:53 - 2016-12-09 02:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-22 07:53 - 2016-12-09 02:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-22 07:53 - 2016-12-09 02:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-22 07:53 - 2016-12-09 02:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-22 07:53 - 2016-12-09 02:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-22 07:53 - 2016-12-09 02:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-22 07:53 - 2016-12-09 01:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-22 07:53 - 2016-12-09 01:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-22 07:53 - 2016-12-09 01:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-22 07:53 - 2016-12-09 01:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-22 07:53 - 2016-12-09 01:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-22 07:53 - 2016-12-09 01:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-22 07:53 - 2016-12-09 01:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-22 07:53 - 2016-12-09 01:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-22 07:53 - 2016-12-09 01:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-22 07:53 - 2016-12-09 01:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-22 07:53 - 2016-12-09 01:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-22 07:53 - 2016-12-09 01:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-22 07:53 - 2016-12-09 01:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-22 07:53 - 2016-12-09 01:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-22 07:53 - 2016-12-09 01:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-22 07:53 - 2016-12-09 01:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-22 07:53 - 2016-12-09 01:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-22 07:53 - 2016-12-09 01:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-22 07:53 - 2016-12-09 01:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-22 07:53 - 2016-12-09 01:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-22 07:53 - 2016-12-09 01:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-22 07:53 - 2016-12-09 01:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-22 07:53 - 2016-12-09 01:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-22 07:53 - 2016-12-09 01:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-22 07:53 - 2016-12-09 01:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-22 07:53 - 2016-12-09 01:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-22 07:53 - 2016-12-09 01:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-22 07:53 - 2016-12-09 01:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-22 07:53 - 2016-12-09 01:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-22 07:53 - 2016-12-09 01:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-22 07:53 - 2016-12-09 01:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-22 07:53 - 2016-12-09 01:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-22 07:53 - 2016-12-09 01:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-22 07:53 - 2016-12-09 01:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-22 07:53 - 2016-12-09 01:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-22 07:53 - 2016-12-09 01:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-22 07:53 - 2016-12-09 01:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-22 07:53 - 2016-12-09 01:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-22 07:53 - 2016-12-09 01:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-22 07:53 - 2016-12-09 01:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-22 07:53 - 2016-12-09 01:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-22 07:53 - 2016-12-09 01:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-22 07:53 - 2016-11-02 02:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-22 07:52 - 2016-12-09 02:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-22 07:52 - 2016-12-09 02:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-22 07:52 - 2016-12-09 02:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-22 07:52 - 2016-12-09 02:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-22 07:52 - 2016-12-09 02:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-22 07:52 - 2016-12-09 02:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-22 07:52 - 2016-12-09 02:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-22 07:52 - 2016-12-09 02:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-22 07:52 - 2016-12-09 02:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-22 07:52 - 2016-12-09 02:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-22 07:52 - 2016-12-09 02:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-22 07:52 - 2016-12-09 02:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-22 07:52 - 2016-12-09 02:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-22 07:52 - 2016-12-09 02:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-22 07:52 - 2016-12-09 02:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-22 07:52 - 2016-12-09 02:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-22 07:52 - 2016-12-09 02:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-22 07:52 - 2016-12-09 02:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-22 07:52 - 2016-12-09 02:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-22 07:52 - 2016-12-09 02:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-22 07:52 - 2016-12-09 01:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-22 07:52 - 2016-12-09 01:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-22 07:52 - 2016-12-09 01:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-22 07:52 - 2016-12-09 01:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-22 07:52 - 2016-12-09 01:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-22 07:52 - 2016-12-09 01:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-22 07:52 - 2016-12-09 01:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-22 07:52 - 2016-12-09 01:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-22 07:52 - 2016-12-09 01:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-22 07:52 - 2016-12-09 01:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-22 07:52 - 2016-12-09 01:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-22 07:52 - 2016-12-09 01:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-22 07:52 - 2016-12-09 01:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-22 07:52 - 2016-12-09 01:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-22 07:52 - 2016-12-09 01:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-22 07:52 - 2016-12-09 01:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-22 07:52 - 2016-12-09 01:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-22 07:52 - 2016-12-09 01:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-22 07:52 - 2016-12-09 01:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-22 07:52 - 2016-12-09 01:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-22 07:52 - 2016-12-09 01:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-22 07:52 - 2016-12-09 01:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-22 07:52 - 2016-12-09 01:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-22 07:52 - 2016-12-09 01:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-22 07:52 - 2016-12-09 01:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-22 07:52 - 2016-12-09 01:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-22 07:52 - 2016-12-09 01:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-22 07:52 - 2016-12-09 01:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-22 07:52 - 2016-12-09 01:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-22 07:52 - 2016-12-09 01:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-22 07:52 - 2016-12-09 01:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-22 07:52 - 2016-12-09 01:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-22 07:52 - 2016-12-09 01:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-22 07:52 - 2016-12-09 00:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-22 07:52 - 2016-11-02 02:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-22 07:52 - 2016-09-15 08:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-20 07:10 - 2017-01-04 19:54 - 00124492 ____H C:\Users\J\AppData\Local\IconCache.db
2016-12-19 06:04 - 2016-12-19 06:04 - 00937592 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\J\Downloads\rufus-2.11 (1).exe
2016-12-16 18:35 - 2017-01-04 19:40 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-16 18:34 - 2017-01-04 19:40 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-12-16 18:34 - 2017-01-04 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-12-16 18:10 - 2016-12-16 18:10 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2016-12-16 18:09 - 2016-12-16 18:09 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
2016-12-16 16:23 - 2016-12-16 16:23 - 00000000 _____ C:\Users\J\Downloads\E15F.tmp
2016-12-16 15:48 - 2016-12-16 15:48 - 00000218 _____ C:\Users\J\AppData\Local\recently-used.xbel
2016-12-16 15:32 - 2016-12-16 15:35 - 00937592 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\J\Desktop\rufus-2.11.exe
2016-12-16 15:26 - 2017-01-05 15:35 - 00333637 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-12-16 15:26 - 2017-01-04 20:03 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-12-16 15:26 - 2017-01-03 23:58 - 00127154 _____ C:\WINDOWS\ZAM.krnl.trace
2016-12-16 15:26 - 2016-12-16 15:26 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-12-16 15:26 - 2016-12-16 15:26 - 00000000 ____D C:\Users\J\AppData\Local\Zemana
2016-12-16 15:24 - 2016-12-16 15:24 - 00224968 _____ (ESET) C:\Users\J\Desktop\ESETPoweliksCleaner.exe
2016-12-16 15:01 - 2016-12-16 18:15 - 00524288 ___SH C:\Users\J\ntuser.dat{48a200d3-c3e3-11e6-9c3c-824cad976898}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 15:01 - 2016-12-16 18:15 - 00524288 ___SH C:\Users\J\ntuser.dat{48a200d3-c3e3-11e6-9c3c-824cad976898}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 15:01 - 2016-12-16 18:15 - 00065536 ___SH C:\Users\J\ntuser.dat{48a200d3-c3e3-11e6-9c3c-824cad976898}.TM.blf
2016-12-16 15:00 - 2016-12-25 05:38 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{48a200bd-c3e3-11e6-9c3c-1002b5277621}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 15:00 - 2016-12-25 05:38 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{48a200bd-c3e3-11e6-9c3c-1002b5277621}.TM.blf
2016-12-16 15:00 - 2016-12-16 15:08 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{48a200bd-c3e3-11e6-9c3c-1002b5277621}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 12:39 - 2016-12-16 12:39 - 01048576 ___SH C:\Users\J\ntuser.dat{7870db51-c2f1-11e6-9c3d-d430a4ed15ea}.TxR.2.regtrans-ms
2016-12-16 12:39 - 2016-12-16 12:39 - 01048576 ___SH C:\Users\J\ntuser.dat{7870db51-c2f1-11e6-9c3d-d430a4ed15ea}.TxR.1.regtrans-ms
2016-12-16 12:39 - 2016-12-16 12:39 - 01048576 ___SH C:\Users\J\ntuser.dat{7870db51-c2f1-11e6-9c3d-d430a4ed15ea}.TxR.0.regtrans-ms
2016-12-16 12:39 - 2016-12-16 12:39 - 00065536 ___SH C:\Users\J\ntuser.dat{7870db51-c2f1-11e6-9c3d-d430a4ed15ea}.TxR.blf
2016-12-15 16:42 - 2016-12-16 15:54 - 00000000 ____D C:\Users\J\Downloads\Windows 10 Pro v.1511 En-us x64 July2016 Pre-Activated-=TEAM OS=-
2016-12-15 14:06 - 2016-12-16 15:35 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-15 13:15 - 2016-12-15 13:15 - 00075027 _____ C:\Users\J\Documents\SAHIT.txt
2016-12-15 13:14 - 2016-12-15 13:14 - 00420237 _____ C:\Users\J\Documents\SALO.txt
2016-12-15 12:57 - 2016-12-15 12:57 - 00000000 ____D C:\Users\J\Documents\ProcAlyzer Dumps
2016-12-15 12:56 - 2016-12-31 11:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-15 12:56 - 2016-12-30 14:44 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-15 12:56 - 2016-12-16 14:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-12-15 12:06 - 2016-12-31 11:36 - 00099106 _____ C:\WINDOWS\PFRO.log
2016-12-15 10:15 - 2016-12-27 23:17 - 00002961 _____ C:\WINDOWS\setupact.log
2016-12-15 10:15 - 2016-12-15 10:15 - 00000000 _____ C:\WINDOWS\setuperr.log
2016-12-15 10:10 - 2016-12-15 10:10 - 00524288 ___SH C:\Users\J\ntuser.dat{7870db52-c2f1-11e6-9c3d-d430a4ed15ea}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 10:10 - 2016-12-15 10:10 - 00524288 ___SH C:\Users\J\ntuser.dat{7870db52-c2f1-11e6-9c3d-d430a4ed15ea}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 10:10 - 2016-12-15 10:10 - 00065536 ___SH C:\Users\J\ntuser.dat{7870db52-c2f1-11e6-9c3d-d430a4ed15ea}.TM.blf
2016-12-15 09:59 - 2016-12-15 10:03 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{0c41a641-c2f0-11e6-9c3c-1002b5277621}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 09:59 - 2016-12-15 10:03 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{0c41a641-c2f0-11e6-9c3c-1002b5277621}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 09:59 - 2016-12-15 10:03 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{0c41a641-c2f0-11e6-9c3c-1002b5277621}.TM.blf
2016-12-15 09:59 - 2016-12-15 09:59 - 00524288 ___SH C:\Users\J\ntuser.dat{0c41a645-c2f0-11e6-9c3c-1002b5277621}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 09:59 - 2016-12-15 09:59 - 00524288 ___SH C:\Users\J\ntuser.dat{0c41a645-c2f0-11e6-9c3c-1002b5277621}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 09:59 - 2016-12-15 09:59 - 00065536 ___SH C:\Users\J\ntuser.dat{0c41a645-c2f0-11e6-9c3c-1002b5277621}.TM.blf
2016-12-15 08:23 - 2017-01-03 22:34 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-12-15 08:23 - 2016-12-15 09:51 - 00000000 ____D C:\@RestoreQuarantine
2016-12-15 08:21 - 2016-12-15 08:21 - 02711552 _____ C:\Users\J\CE4CF87733651BF1F44DD1E02FC1A8E8
2016-12-15 08:20 - 2016-12-15 08:20 - 00049152 _____ C:\Users\J\~DF761850272DD25CED.TMP
2016-12-15 08:13 - 2016-12-15 09:46 - 00000000 ___SD C:\Users\J\nsn329F.tmp
2016-12-15 08:07 - 2016-12-15 08:07 - 00032768 _____ C:\Users\J\~DF0A2730A4AC9F772F.TMP
2016-12-15 08:05 - 2016-12-15 08:05 - 02695168 _____ C:\Users\J\904D57F61A9D7FE5185C01B47D54C2FB
2016-12-15 08:05 - 2016-12-15 08:05 - 00049152 _____ C:\Users\J\~DF4C5127BE8D85860C.TMP
2016-12-15 07:58 - 2016-12-15 07:58 - 15347712 ___SH C:\WINDOWS\system32\config\SYSTEM.tmp.LOG1
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SYSTEM.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SOFTWARE.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SOFTWARE.tmp.LOG1
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SECURITY.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SECURITY.tmp.LOG1
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SAM.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\SAM.tmp.LOG1
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\DEFAULT.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\WINDOWS\system32\config\DEFAULT.tmp.LOG1
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\Users\J\NTUSER.tmp.LOG2
2016-12-15 07:58 - 2016-12-15 07:58 - 00000000 ___SH C:\Users\J\NTUSER.tmp.LOG1
2016-12-15 07:49 - 2016-12-15 07:53 - 00000000 ____D C:\Users\J\msdt
2016-12-15 03:50 - 2016-12-15 03:50 - 00000000 ____D C:\Users\J\New folder
2016-12-15 01:28 - 2016-12-15 01:28 - 00000000 ____D C:\ProgramData\ESET
2016-12-15 01:28 - 2016-12-15 01:28 - 00000000 ____D C:\Program Files\ESET
2016-12-15 01:19 - 2017-01-04 19:40 - 00000000 ____D C:\Program Files\RogueKiller
2016-12-15 01:19 - 2016-12-16 18:34 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-14 23:51 - 2016-12-14 23:51 - 00175391 _____ C:\Users\J\Downloads\WindowexeAllkiller.zip
2016-12-14 23:42 - 2016-12-16 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-14 23:42 - 2016-12-16 14:52 - 00000000 ____D C:\Program Files\CCleaner
2016-12-14 21:24 - 2016-12-16 14:51 - 00000000 ____D C:\Users\J\Downloads\CCleaner Professional Plus v5.25.0.5902 x86-x64 Setup
2016-12-14 10:57 - 2016-12-15 09:46 - 00000000 ____D C:\Users\J\Downloads\codex-the.elder.scrolls.v.skyrim.special.edition.upd.1.3
2016-12-14 01:42 - 2016-12-14 05:38 - 00000000 ____D C:\Users\J\AppData\Roaming\HandymanStudios
2016-12-14 01:42 - 2016-12-14 01:43 - 00000000 ____D C:\Users\J\AppData\Roaming\EdgeOfSpace
2016-12-14 01:42 - 2016-12-14 01:42 - 00000000 ____D C:\Users\J\AppData\LocalLow\PaulAsh
2016-12-14 00:33 - 2016-12-14 00:33 - 00000000 ____D C:\Users\J\AppData\Local\Deployment
2016-12-14 00:33 - 2016-12-14 00:33 - 00000000 ____D C:\Users\J\AppData\Local\Apps\2.0
2016-12-14 00:33 - 2016-12-14 00:33 - 00000000 ____D C:\Users\J\AppData\Local\Apps
2016-12-13 23:18 - 2016-12-13 23:30 - 00000000 ____D C:\Users\J\Downloads\New folder
2016-12-13 12:37 - 2016-12-13 12:37 - 00000000 ____D C:\Users\J\AppData\Local\SplitMediaLabs
2016-12-13 11:53 - 2016-12-13 11:53 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-12-13 11:52 - 2016-12-13 12:34 - 00000000 ____D C:\Users\J\AppData\Roaming\SplitmediaLabs
2016-12-13 09:38 - 2016-12-13 09:38 - 00000000 ____D C:\Users\J\Downloads\Pokemon Star Sapphire EUR Inmortalgames
2016-12-13 05:29 - 2016-12-15 09:46 - 00000000 ____D C:\Users\J\Downloads\gba drw 8-12 update 2
2016-12-13 05:27 - 2016-12-15 09:46 - 00000000 ____D C:\Users\J\Downloads\citra 17-10-2016 MM
2016-12-12 22:04 - 2016-12-12 22:04 - 00000208 _____ C:\Users\J\Desktop\Edge of Space.url
2016-12-12 19:28 - 2016-12-15 09:46 - 00000000 ____D C:\Users\J\Downloads\citra-latest-windows-amd64
2016-12-12 13:04 - 2016-12-13 23:30 - 00000000 ____D C:\Users\J\Downloads\Collection of 250 decrypted 3DS ROMs for Citra Emulator
2016-12-12 12:30 - 2016-12-12 12:30 - 00000000 ____D C:\Users\J\AppData\Local\Chromium
2016-12-12 12:19 - 2016-12-15 09:46 - 00000000 ____D C:\Users\J\Downloads\ppsspp
2016-12-12 12:18 - 2016-12-12 12:26 - 278875841 _____ C:\Users\J\Downloads\Dungeons_And_Dragons_Tactics_USA_PSP-EMiNENT.rar
2016-12-12 12:14 - 2016-12-12 12:15 - 16485661 _____ C:\Users\J\Downloads\ppsspp_win.zip
2016-12-12 10:42 - 2017-01-04 07:50 - 00000000 ____D C:\Users\J\Downloads\Xenoblade Chronicles NTSC-U Scrubbed
2016-12-10 23:08 - 2016-12-11 02:57 - 00000000 ____D C:\re-ad7e0
2016-12-10 20:21 - 2016-12-16 14:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-12-10 20:06 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\AppData\Local\Star_Vault
2016-12-10 20:02 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-12-10 20:02 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-12-10 20:02 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-12-10 20:02 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-12-10 20:02 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-12-10 20:02 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-12-10 20:02 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-12-10 20:02 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-12-10 20:00 - 2016-12-10 20:00 - 00000000 ____D C:\New folder
2016-12-10 19:39 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\Monster_Hunter_Generations_USA_3DS-SUXXORS
2016-12-10 16:03 - 2016-12-10 16:03 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\J\Desktop\iExplore64.exe
2016-12-10 14:50 - 2016-12-27 19:37 - 00002465 _____ C:\Users\J\Desktop\Citra Edge.lnk
2016-12-10 14:50 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
2016-12-10 14:50 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\AppData\Roaming\Citra
2016-12-10 14:49 - 2016-12-27 19:36 - 00000000 ____D C:\Users\J\AppData\Local\citra
2016-12-10 14:49 - 2016-12-10 14:50 - 00000000 ____D C:\Users\J\AppData\Local\SquirrelTemp
2016-12-10 13:36 - 2016-12-10 13:36 - 00000000 ____D C:\Users\J\AppData\Roaming\Wayforward Technologies
2016-12-10 03:34 - 2016-12-10 03:34 - 00000208 _____ C:\Users\J\Desktop\Dark Eden.url
2016-12-10 03:29 - 2016-12-25 05:32 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-10 03:29 - 2016-12-25 05:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-10 03:29 - 2016-12-21 16:45 - 00003974 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-10 03:29 - 2016-12-20 16:45 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-10 03:29 - 2016-12-10 03:56 - 00000000 ____D C:\Users\J\AppData\Local\Adobe
2016-12-10 02:26 - 2016-12-19 10:16 - 00000768 _____ C:\WINDOWS\system32\Drivers\etc\HOSTS
2016-12-10 00:11 - 2016-12-10 00:11 - 00000208 _____ C:\Users\J\Desktop\Mortal Online.url
2016-12-09 20:36 - 2016-12-09 20:37 - 00000000 ____D C:\Users\J\AppData\LocalLow\EastFog
2016-12-09 19:48 - 2016-12-09 19:48 - 00000000 ____D C:\Users\J\Documents\Spiderweb Software
2016-12-09 19:28 - 2016-12-09 19:28 - 00000208 _____ C:\Users\J\Desktop\Path of Exile.url
2016-12-09 19:11 - 2016-12-09 19:11 - 00000000 ____D C:\Users\J\AppData\LocalLow\Dead Mage
2016-12-09 18:38 - 2016-12-09 18:38 - 00000000 ____D C:\Users\J\AppData\LocalLow\Square Enix Ltd_
2016-12-09 17:55 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\Dungeon.Souls.v1.0.1
2016-12-09 17:46 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\ppt-krum
2016-12-09 17:39 - 2016-12-09 17:39 - 00000000 ____D C:\Users\J\AppData\LocalLow\Landfall
2016-12-09 16:23 - 2016-12-09 16:23 - 00000000 ____D C:\Users\J\AppData\LocalLow\Daedalic Entertainment GmbH
2016-12-09 16:23 - 2016-12-09 16:23 - 00000000 ____D C:\Users\J\AppData\Local\Daedalic Entertainment GmbH
2016-12-09 16:06 - 2016-12-09 16:06 - 888148399 _____ C:\WINDOWS\MEMORY.DMP
2016-12-09 14:20 - 2016-12-16 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Security Task Manager
2016-12-09 14:17 - 2016-12-09 14:18 - 00536128 _____ (Neuber Software) C:\Users\J\Desktop\SvchostAnalyzer.exe
2016-12-09 13:49 - 2016-12-09 13:50 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\J\Desktop\iExplore.exe
2016-12-09 13:40 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-12-09 13:40 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-12-09 13:40 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-12-09 13:40 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-12-09 13:40 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-12-09 13:40 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-12-09 13:40 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-12-09 13:40 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-12-09 13:40 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-12-09 12:35 - 2016-12-09 12:35 - 00000208 _____ C:\Users\J\Desktop\Terraria.url
2016-12-09 12:19 - 2016-12-16 18:24 - 00000703 _____ C:\Users\Public\Desktop\Steam.lnk
2016-12-09 12:19 - 2016-12-09 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-09 12:15 - 2016-12-09 12:15 - 00000000 ____D C:\WINDOWS\system32\System32
2016-12-09 12:07 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\4444
2016-12-09 11:36 - 2017-01-04 16:10 - 00003648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-12-09 10:26 - 2016-11-11 02:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 10:26 - 2016-11-11 02:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 10:26 - 2016-11-11 01:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 10:26 - 2016-11-11 01:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 10:26 - 2016-11-11 01:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 10:26 - 2016-11-11 01:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 10:26 - 2016-11-10 23:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 10:26 - 2016-11-10 23:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 10:26 - 2016-11-10 23:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 10:26 - 2016-11-10 23:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-09 10:26 - 2016-11-10 23:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-09 10:25 - 2016-11-11 02:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 10:25 - 2016-11-11 02:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 10:25 - 2016-11-11 02:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 10:25 - 2016-11-11 02:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 10:25 - 2016-11-11 02:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 10:25 - 2016-11-11 02:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 10:25 - 2016-11-11 02:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 10:25 - 2016-11-11 02:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 10:25 - 2016-11-11 02:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 10:25 - 2016-11-11 02:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 10:25 - 2016-11-11 02:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 10:25 - 2016-11-11 02:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 10:25 - 2016-11-11 02:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 10:25 - 2016-11-11 02:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 10:25 - 2016-11-11 02:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 10:25 - 2016-11-11 02:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 10:25 - 2016-11-11 02:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 10:25 - 2016-11-11 02:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 10:25 - 2016-11-11 02:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 10:25 - 2016-11-11 01:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 10:25 - 2016-11-11 01:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 10:25 - 2016-11-11 01:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 10:25 - 2016-11-11 01:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 10:25 - 2016-11-11 01:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 10:25 - 2016-11-11 01:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-09 10:25 - 2016-11-11 01:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 10:25 - 2016-11-11 01:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 10:25 - 2016-11-11 01:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 10:25 - 2016-11-11 01:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 10:25 - 2016-11-11 01:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 10:25 - 2016-11-11 01:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 10:25 - 2016-11-11 01:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 10:25 - 2016-11-11 01:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 10:25 - 2016-11-11 01:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 10:25 - 2016-11-11 01:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 10:25 - 2016-11-11 01:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 10:25 - 2016-11-11 01:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 10:25 - 2016-11-11 01:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 10:25 - 2016-11-11 01:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 10:25 - 2016-11-11 01:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 10:25 - 2016-11-11 01:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 10:25 - 2016-11-11 01:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 10:25 - 2016-11-11 01:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 10:25 - 2016-11-11 01:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 10:25 - 2016-11-11 01:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 10:25 - 2016-11-11 01:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 10:25 - 2016-11-11 01:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 10:25 - 2016-11-11 01:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 10:25 - 2016-11-11 01:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 10:25 - 2016-11-11 01:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 10:25 - 2016-11-11 01:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 10:25 - 2016-11-11 01:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 10:25 - 2016-11-11 01:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 10:25 - 2016-11-11 01:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 10:25 - 2016-11-11 01:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 10:25 - 2016-11-11 01:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 10:25 - 2016-11-11 01:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 10:25 - 2016-11-11 01:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 10:25 - 2016-11-11 01:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 10:25 - 2016-11-11 01:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-09 10:25 - 2016-11-11 01:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 10:25 - 2016-11-11 01:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 10:25 - 2016-11-11 01:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-09 10:25 - 2016-11-11 01:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 10:25 - 2016-11-11 01:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 10:25 - 2016-11-11 01:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 10:25 - 2016-11-11 01:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 10:25 - 2016-11-11 01:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 10:25 - 2016-11-11 01:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 10:25 - 2016-11-11 01:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 10:25 - 2016-11-11 01:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 10:25 - 2016-11-11 01:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 10:25 - 2016-11-11 01:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 10:25 - 2016-11-11 01:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 10:25 - 2016-11-11 01:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 10:25 - 2016-11-11 01:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 10:25 - 2016-11-11 01:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 10:25 - 2016-11-11 01:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 10:25 - 2016-11-11 01:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 10:25 - 2016-11-11 01:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 10:25 - 2016-11-11 01:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 10:25 - 2016-11-11 01:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 10:25 - 2016-11-11 01:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 10:25 - 2016-11-11 01:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 10:25 - 2016-11-11 01:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 10:25 - 2016-11-11 01:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 10:25 - 2016-11-11 01:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 10:25 - 2016-11-11 01:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-09 10:25 - 2016-11-11 01:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 10:25 - 2016-11-11 01:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 10:25 - 2016-11-11 01:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 10:25 - 2016-11-11 01:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 10:25 - 2016-11-11 01:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 10:25 - 2016-11-11 01:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 10:25 - 2016-11-11 01:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 10:25 - 2016-11-11 01:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 10:25 - 2016-11-11 01:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 10:25 - 2016-11-11 01:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-09 10:25 - 2016-11-11 01:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 10:25 - 2016-11-11 01:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 10:25 - 2016-11-11 01:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 10:25 - 2016-11-11 01:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 10:25 - 2016-11-11 00:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 10:25 - 2016-11-11 00:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-09 10:25 - 2016-11-10 23:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-09 10:25 - 2016-11-10 23:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-09 10:25 - 2016-11-10 23:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-09 10:25 - 2016-11-10 23:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 10:25 - 2016-11-10 23:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-09 10:25 - 2016-11-10 23:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-09 10:25 - 2016-11-10 23:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 10:25 - 2016-11-10 23:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 10:25 - 2016-11-10 23:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 10:25 - 2016-11-10 23:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-09 10:25 - 2016-11-10 23:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 10:25 - 2016-11-10 23:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 10:25 - 2016-11-10 23:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-09 10:25 - 2016-11-10 23:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-09 10:25 - 2016-11-10 23:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-09 10:25 - 2016-11-10 23:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 10:25 - 2016-11-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-09 10:25 - 2016-11-10 23:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-09 10:25 - 2016-11-10 23:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-09 10:25 - 2016-11-10 23:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-09 10:25 - 2016-11-10 23:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-09 10:25 - 2016-11-10 23:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-09 10:25 - 2016-11-10 23:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 10:25 - 2016-11-10 23:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-09 10:25 - 2016-11-10 23:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 10:25 - 2016-11-10 23:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-09 10:25 - 2016-11-10 23:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-09 10:25 - 2016-11-10 23:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-09 10:25 - 2016-11-10 23:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-09 10:25 - 2016-11-10 23:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-09 10:25 - 2016-11-10 23:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-09 10:25 - 2016-11-10 23:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-09 10:25 - 2016-11-10 23:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-09 10:25 - 2016-11-10 23:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-09 10:25 - 2016-11-10 23:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-09 10:25 - 2016-11-10 23:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-09 10:25 - 2016-11-10 23:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-09 10:25 - 2016-11-10 23:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-09 10:25 - 2016-11-10 23:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-09 10:25 - 2016-11-10 23:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-09 10:25 - 2016-11-10 23:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-09 10:25 - 2016-11-10 23:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-09 10:25 - 2016-11-10 23:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-09 10:25 - 2016-11-10 23:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-09 10:25 - 2016-11-10 23:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-09 10:25 - 2016-11-10 23:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 10:25 - 2016-11-10 23:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-09 10:25 - 2016-11-10 23:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-09 10:25 - 2016-11-10 23:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-09 10:25 - 2016-11-10 23:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-09 10:25 - 2016-11-10 23:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-09 10:25 - 2016-11-10 23:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-09 10:25 - 2016-11-10 23:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-09 10:25 - 2016-11-10 23:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-09 10:25 - 2016-11-10 23:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-09 10:25 - 2016-11-10 23:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-09 10:25 - 2016-11-10 23:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-09 10:25 - 2016-11-10 23:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-09 10:24 - 2016-11-11 02:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 10:24 - 2016-11-11 01:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 10:24 - 2016-11-11 01:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 10:24 - 2016-11-11 01:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 10:24 - 2016-11-11 01:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 10:24 - 2016-11-11 01:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 10:24 - 2016-11-11 01:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 10:24 - 2016-11-11 01:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 10:24 - 2016-11-11 01:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 10:24 - 2016-11-11 01:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 10:24 - 2016-11-11 01:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 10:24 - 2016-11-11 01:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 10:24 - 2016-11-11 01:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 10:24 - 2016-11-11 01:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 10:24 - 2016-11-11 01:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 10:24 - 2016-11-11 01:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 10:24 - 2016-11-11 01:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 10:24 - 2016-11-11 01:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 10:24 - 2016-11-11 01:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 10:24 - 2016-11-11 01:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-09 10:24 - 2016-11-11 01:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 10:24 - 2016-11-11 01:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 10:24 - 2016-11-11 01:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 10:24 - 2016-11-11 01:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 10:24 - 2016-11-11 01:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 10:24 - 2016-11-11 01:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 10:24 - 2016-11-11 01:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 10:24 - 2016-11-11 01:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 10:24 - 2016-11-11 01:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 10:24 - 2016-11-11 01:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 10:24 - 2016-11-11 01:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-09 10:24 - 2016-11-11 01:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 10:24 - 2016-11-11 01:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 10:24 - 2016-11-11 01:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 10:24 - 2016-11-11 01:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 10:24 - 2016-11-11 01:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 10:24 - 2016-11-11 01:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 10:24 - 2016-11-11 01:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-09 10:24 - 2016-11-11 01:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 10:24 - 2016-11-11 01:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 10:24 - 2016-11-11 01:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 10:24 - 2016-11-11 01:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 10:24 - 2016-11-11 00:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-09 10:24 - 2016-11-11 00:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-09 10:24 - 2016-11-11 00:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-09 10:24 - 2016-11-10 23:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 10:24 - 2016-11-10 23:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-09 10:24 - 2016-11-10 23:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 10:24 - 2016-11-10 23:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-09 10:24 - 2016-11-10 23:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-09 10:24 - 2016-11-10 23:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-09 10:24 - 2016-11-10 23:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-09 10:24 - 2016-11-10 23:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 10:24 - 2016-11-10 23:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-09 10:24 - 2016-11-10 23:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-09 10:24 - 2016-11-10 23:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-09 10:24 - 2016-11-10 23:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-09 10:24 - 2016-11-10 23:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 10:24 - 2016-11-10 23:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-09 09:15 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\22
2016-12-09 09:15 - 2016-12-16 14:56 - 00000000 ____D C:\Users\J\Downloads\11
2016-12-09 09:14 - 2011-02-19 23:03 - 00421200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp100_1.dll
2016-12-09 09:14 - 2011-02-19 00:40 - 00773968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_1.dll
2016-12-09 09:14 - 2010-03-18 14:27 - 00827744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400_1.dll
2016-12-09 09:14 - 2010-03-18 13:16 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400_1.dll
2016-12-09 09:14 - 2010-03-18 09:36 - 05522768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc100u_1.dll
2016-12-09 09:14 - 2010-03-18 09:36 - 05493576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc100_1.dll
2016-12-09 09:14 - 2010-03-18 09:36 - 00827728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_1.dll
2016-12-09 09:14 - 2010-03-18 09:36 - 00607568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100_1.dll
2016-12-09 09:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3_1.dll
2016-12-09 09:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3_1.dll
2016-12-09 09:11 - 2016-12-09 09:11 - 00000000 ____D C:\Users\J\AppData\LocalLow\Spellbind Studios
2016-12-09 08:49 - 2016-12-09 08:58 - 00000000 ____D C:\Users\J\Documents\RPGTycoon
2016-12-09 08:49 - 2016-12-09 08:49 - 00000000 ____D C:\Users\J\AppData\Roaming\RPGTycoon
2016-12-09 08:47 - 2016-12-09 08:47 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-12-09 07:59 - 2016-12-15 06:37 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{588c70b9-be28-11e6-9c36-dc4a3eaae2e0}.TMContainer00000000000000000001.regtrans-ms
2016-12-09 07:59 - 2016-12-15 06:37 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{588c70b9-be28-11e6-9c36-dc4a3eaae2e0}.TM.blf
2016-12-09 07:59 - 2016-12-09 08:04 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{588c70b9-be28-11e6-9c36-dc4a3eaae2e0}.TMContainer00000000000000000002.regtrans-ms
2016-12-09 07:59 - 2016-12-09 07:59 - 00000000 ____D C:\WINDOWS\Panther
2016-12-09 07:57 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-12-09 07:57 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-12-09 07:57 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-12-09 07:57 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-12-09 07:57 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-12-09 07:57 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-12-09 07:57 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-12-09 07:25 - 2017-01-04 13:23 - 00000000 ____D C:\Users\J\Downloads\codex-earths.dawn
2016-12-08 22:20 - 2016-12-08 22:20 - 00000000 ____D C:\Users\J\AppData\Roaming\.mono
2016-12-08 22:20 - 2016-12-08 22:20 - 00000000 ____D C:\Users\J\AppData\LocalLow\Blizzard Entertainment
2016-12-08 22:20 - 2016-12-08 22:20 - 00000000 ____D C:\Users\J\AppData\Local\Blizzard
2016-12-08 22:20 - 2016-12-08 22:20 - 00000000 ____D C:\ProgramData\.mono
2016-12-08 20:02 - 2016-12-16 18:24 - 00001192 _____ C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
2016-12-08 20:02 - 2016-12-16 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-12-08 19:52 - 2016-12-08 20:02 - 00000000 _____ C:\BnetLog.txt
2016-12-08 19:51 - 2016-12-08 19:51 - 00000000 ____D C:\Users\J\Documents\Diablo II
2016-12-08 19:49 - 2016-12-28 23:59 - 00000000 ____D C:\Program Files (x86)\Diablo II
2016-12-08 18:20 - 2016-12-16 18:24 - 00000972 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-12-08 18:20 - 2016-12-16 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-12-08 17:53 - 2017-01-04 04:38 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-12-08 17:29 - 2016-12-08 17:29 - 00000000 ____D C:\Users\J\Documents\Heroes of the Storm
2016-12-08 10:58 - 2016-12-11 02:55 - 00000000 ____D C:\DSBStandard1
2016-12-08 10:39 - 2016-12-08 10:39 - 00000000 ____D C:\Users\J\Documents\Wondershare DVD Slideshow Builder Deluxe
2016-12-08 10:38 - 2016-12-08 10:38 - 00000000 ____D C:\Users\J\AppData\Local\Wondershare
2016-12-08 10:37 - 2016-12-08 10:39 - 00000000 ____D C:\ProgramData\Wondershare
2016-12-08 10:35 - 2016-12-16 14:56 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-12-08 06:24 - 2016-12-09 15:10 - 00000351 _____ C:\Users\J\Documents\New Text Document.txt
2016-12-08 06:21 - 2016-12-08 06:21 - 00000000 ____D C:\Users\J\AppData\Local\SKIDROW
2016-12-08 01:00 - 2016-12-16 18:22 - 00001444 _____ C:\Users\J\Desktop\Dead Rising 3 Apocalypse Edition.lnk
2016-12-08 01:00 - 2016-12-16 14:15 - 00000000 ____D C:\Users\J\AppData\Roaming\Dead Rising 3 Apocalypse Edition
2016-12-07 16:48 - 2016-12-16 13:58 - 00000000 ____D C:\Users\J\AppData\Local\Agony
2016-12-07 16:02 - 2016-12-07 16:02 - 00000000 ____D C:\Users\J\AppData\Roaming\Return2Games_WIP21_tmp
2016-12-07 16:02 - 2016-12-07 16:02 - 00000000 ____D C:\Users\J\AppData\Roaming\Return2Games_WIP21
2016-12-07 15:36 - 2016-12-16 14:53 - 00000000 ____D C:\Users\J\AppData\Local\DungeonSouls
2016-12-07 04:25 - 2016-12-07 04:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-07 04:25 - 2016-09-09 10:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-07 04:25 - 2016-09-09 10:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-07 04:25 - 2016-09-09 10:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-07 04:25 - 2016-09-09 10:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-07 04:21 - 2016-12-01 12:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00439864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-07 04:21 - 2016-12-01 12:02 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-07 04:03 - 2016-12-16 14:17 - 00000000 ____D C:\Users\J\Documents\DyingLight
2016-12-06 22:45 - 2016-12-27 19:36 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-05 15:35 - 2016-10-15 22:59 - 00000000 ____D C:\FRST
2017-01-05 15:32 - 2016-10-23 15:44 - 00000000 ____D C:\Users\J\AppData\Roaming\qBittorrent
2017-01-05 15:18 - 2016-09-02 14:50 - 00000000 ____D C:\games
2017-01-05 15:18 - 2016-08-30 12:40 - 00000000 ____D C:\Users\J\AppData\Roaming\vlc
2017-01-05 12:25 - 2016-09-24 03:08 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-05 12:07 - 2016-10-18 18:52 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9F95120-67A1-4C99-9FC4-C4EC08735CB2}
2017-01-05 11:31 - 2016-09-24 03:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-05 10:26 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-05 08:13 - 2016-08-28 14:19 - 03178970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-05 08:11 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-05 07:59 - 2016-10-18 00:56 - 00000000 ____D C:\WARCHST
2017-01-05 06:00 - 2016-09-08 10:41 - 00000000 ____D C:\Users\J\AppData\Local\CrashDumps
2017-01-05 00:28 - 2016-11-03 08:14 - 00000000 ____D C:\Users\J\AppData\Roaming\CDisplayEx
2017-01-04 23:41 - 2016-09-15 19:11 - 00000000 ____D C:\Users\J\AppData\Roaming\SmartSteamEmu
2017-01-04 23:38 - 2016-10-18 12:31 - 00000000 __SHD C:\Users\J\IntelGraphicsProfiles
2017-01-04 23:37 - 2016-10-17 16:47 - 00000248 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2017-01-04 23:37 - 2016-09-24 03:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-04 20:11 - 2016-11-15 09:12 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-04 20:03 - 2016-10-02 04:42 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-04 20:03 - 2016-09-24 03:05 - 00203344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-04 20:03 - 2016-08-24 13:45 - 00416551 ____N C:\WINDOWS\Minidump\010417-45062-01.dmp
2017-01-04 13:52 - 2016-11-09 09:29 - 00000000 ____D C:\Users\J\AppData\Local\Battle.net
2017-01-04 13:35 - 2016-10-16 19:37 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-01-04 13:23 - 2016-12-01 10:37 - 00000000 ____D C:\Users\J\Downloads\cpy-mgs5tpp
2017-01-04 10:16 - 2016-11-11 09:09 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-04 03:35 - 2016-08-30 06:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-04 03:26 - 2016-11-13 05:12 - 00000000 ____D C:\Users\J\Documents\Avatar
2017-01-04 02:31 - 2016-10-16 19:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-04 02:08 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-04 01:30 - 2016-10-18 12:51 - 00000000 ____D C:\Users\J\AppData\Roaming\DAEMON Tools Lite
2017-01-04 00:33 - 2016-09-02 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2017-01-03 23:30 - 2016-10-15 06:26 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2017-01-03 23:30 - 2016-10-12 11:37 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-01-03 23:21 - 2016-09-08 20:29 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-03 22:29 - 2016-11-15 05:53 - 00000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJ.job
2017-01-03 14:27 - 2016-11-06 10:21 - 00000000 ____D C:\Users\J\Downloads\Dragon Age Inquisition DE repack Mr DJ
2017-01-03 13:40 - 2016-11-15 05:53 - 00003224 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJ
2017-01-03 00:41 - 2016-09-24 03:12 - 00000000 ____D C:\Users\J
2017-01-01 10:29 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-31 16:13 - 2016-11-10 06:17 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-12-30 18:33 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-30 14:42 - 2016-11-15 02:21 - 04980736 ____H C:\Users\hatch\NTUSER.DAT
2016-12-30 14:42 - 2016-11-15 02:21 - 00000000 ____D C:\Users\hatch
2016-12-30 09:07 - 2016-09-24 03:12 - 00000000 ____D C:\Users\J\AppData\Local\Microsoft
2016-12-30 03:58 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-30 03:51 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-29 23:49 - 2016-11-11 22:30 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-12-29 11:28 - 2016-09-16 09:01 - 00000000 ____D C:\ProgramData\ProductData
2016-12-29 08:41 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-28 21:33 - 2016-09-24 03:12 - 00000000 ___HD C:\Users\J\AppData
2016-12-28 21:20 - 2016-10-23 15:43 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2016-12-28 19:32 - 2016-09-24 03:12 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 19:32 - 2016-09-24 03:12 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-28 19:32 - 2016-07-15 22:04 - 45613056 _____ C:\WINDOWS\system32\config\components
2016-12-28 13:26 - 2016-11-15 05:45 - 00000000 ____D C:\Users\Public\Documents\RegRunInfo
2016-12-28 13:25 - 2016-10-16 19:17 - 00000000 ____D C:\Users\J\Documents\RegRun2
2016-12-28 13:14 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-28 13:13 - 2016-09-24 03:12 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 12:58 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-28 12:40 - 2016-07-16 03:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-28 12:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-28 12:26 - 2016-09-15 10:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-28 03:19 - 2016-09-14 06:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-12-28 02:58 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-27 13:40 - 2016-11-10 20:33 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-27 13:40 - 2016-09-24 03:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-27 13:39 - 2016-11-10 20:33 - 00003984 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-11-10 20:31 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-11-10 20:31 - 00003966 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-11-10 20:31 - 00003958 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-11-10 20:31 - 00003796 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-11-10 20:31 - 00003754 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-27 13:38 - 2016-09-24 03:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-27 13:38 - 2016-08-30 06:50 - 00000000 ____D C:\Users\J\AppData\Local\NVIDIA Corporation
2016-12-27 13:38 - 2016-08-28 14:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-27 13:38 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-27 11:33 - 2016-09-02 12:19 - 00000000 ____D C:\GOG Games
2016-12-26 07:40 - 2016-09-10 09:26 - 00000179 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2016-12-26 07:40 - 2015-07-10 03:04 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-25 05:40 - 2016-07-15 22:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-25 05:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-25 05:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-25 05:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-25 05:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-25 05:37 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-25 05:36 - 2016-07-16 03:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-24 11:18 - 2016-07-16 03:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-22 07:55 - 2016-08-29 07:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-22 07:55 - 2016-08-29 07:40 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-20 07:07 - 2016-09-09 21:41 - 00000000 ____D C:\Users\J\AppData\Local\Diagnostics
2016-12-19 10:57 - 2016-10-17 08:47 - 00000000 ____D C:\Users\J\AppData\Roaming\uTorrent
2016-12-19 02:40 - 2016-11-27 11:29 - 00000000 ____D C:\Users\J\Downloads\cemu_1.6.4
2016-12-18 10:33 - 2016-08-30 07:27 - 00000000 ____D C:\Users\J\AppData\Local\ElevatedDiagnostics
2016-12-18 05:22 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-16 18:24 - 2016-12-04 13:14 - 00001735 _____ C:\Users\Public\Desktop\The Elder Scrolls - Skyrim - Special Edition.lnk
2016-12-16 18:24 - 2016-11-15 16:07 - 00000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Men of War Assault Squad 2.lnk
2016-12-16 18:24 - 2016-11-11 09:14 - 00001196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-12-16 18:24 - 2016-11-11 09:14 - 00001178 _____ C:\Users\Public\Desktop\Opera.lnk
2016-12-16 18:24 - 2016-11-10 05:52 - 00001529 _____ C:\Users\Public\Desktop\Dark Souls 3.lnk
2016-12-16 18:24 - 2016-11-04 17:33 - 00001627 _____ C:\Users\Public\Desktop\Owlboy.lnk
2016-12-16 18:24 - 2016-10-18 19:18 - 00001751 _____ C:\Users\Public\Desktop\Kingdom - New Lands.lnk
2016-12-16 18:24 - 2016-10-18 18:50 - 00001668 _____ C:\Users\Public\Desktop\Sheltered.lnk
2016-12-16 18:24 - 2016-10-17 14:29 - 00001413 _____ C:\Users\Public\Desktop\Fallout New Vegas Ultimate Edition.lnk
2016-12-16 18:24 - 2016-10-16 19:54 - 00001205 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-12-16 18:24 - 2016-10-16 19:05 - 00001211 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-12-16 18:24 - 2016-10-16 09:54 - 00001271 _____ C:\Users\Public\Desktop\RESIDENT EVIL REVELATIONS 2.lnk
2016-12-16 18:24 - 2016-10-16 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RESIDENT EVIL REVELATIONS 2
2016-12-16 18:24 - 2016-10-14 19:55 - 00001204 _____ C:\Users\Public\Desktop\Alien - Isolation.lnk
2016-12-16 18:24 - 2016-10-14 11:08 - 00002088 _____ C:\Users\Public\Desktop\Divinity - Original Sin Enhanced Edition.lnk
2016-12-16 18:24 - 2016-10-14 03:48 - 00000637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herolike.lnk
2016-12-16 18:24 - 2016-10-13 21:03 - 00001761 _____ C:\Users\Public\Desktop\Shadow Warrior 2.lnk
2016-12-16 18:24 - 2016-10-13 20:25 - 00001716 _____ C:\Users\Public\Desktop\Dying Light.lnk
2016-12-16 18:24 - 2016-10-12 22:39 - 00001815 _____ C:\Users\Public\Desktop\Shadow Warrior Classic Redux.lnk
2016-12-16 18:24 - 2016-09-24 03:16 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-16 18:24 - 2016-09-24 03:07 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bang & Olufsen.lnk
2016-12-16 18:24 - 2016-09-20 11:19 - 00000673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Quest Heroes.lnk
2016-12-16 18:24 - 2016-09-20 11:19 - 00000655 _____ C:\Users\Public\Desktop\Dragon Quest Heroes.lnk
2016-12-16 18:24 - 2016-09-19 04:26 - 00000691 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FINAL FANTASY V.lnk
2016-12-16 18:24 - 2016-09-18 01:23 - 00001827 _____ C:\Users\Public\Desktop\Batman - The Telltale Series.lnk
2016-12-16 18:24 - 2016-09-17 19:53 - 00001848 _____ C:\Users\Public\Desktop\Titan Quest - Anniversary Edition.lnk
2016-12-16 18:24 - 2016-09-16 16:44 - 00002110 _____ C:\Users\Public\Desktop\Darkstone.lnk
2016-12-16 18:24 - 2016-09-15 18:47 - 00001808 _____ C:\Users\Public\Desktop\Wasteland 2 - Director's Cut.lnk
2016-12-16 18:24 - 2016-09-15 15:26 - 00001897 _____ C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2016-12-16 18:24 - 2016-09-15 11:31 - 00001084 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2016-12-16 18:24 - 2016-09-09 04:55 - 00001109 _____ C:\Users\Public\Desktop\Doom.lnk
2016-12-16 18:24 - 2016-07-16 03:43 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-12-16 18:24 - 2016-07-16 03:43 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-12-16 18:24 - 2016-07-16 03:42 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-12-16 18:23 - 2016-11-15 11:13 - 00001248 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Defrag.lnk
2016-12-16 18:23 - 2016-10-17 08:54 - 00002628 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-16 18:23 - 2016-10-14 23:00 - 00001101 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2016-12-16 18:23 - 2016-08-28 14:27 - 00002355 _____ C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-16 18:22 - 2016-11-15 06:04 - 00001052 _____ C:\Users\J\Desktop\Kholat.lnk
2016-12-16 18:22 - 2016-11-10 16:13 - 00001151 _____ C:\Users\J\Desktop\Planet Explorers.lnk
2016-12-16 18:22 - 2016-11-09 17:56 - 00000968 _____ C:\Users\J\Desktop\Roaming - Shortcut.lnk
2016-12-16 18:22 - 2016-11-04 14:57 - 00001073 _____ C:\Users\J\Desktop\Dead Age.lnk
2016-12-16 18:22 - 2016-11-03 21:44 - 00001024 _____ C:\Users\J\Desktop\Fallout Mod Manager.lnk
2016-12-16 18:22 - 2016-10-17 08:54 - 00002868 _____ C:\Users\J\Desktop\µTorrent.lnk
2016-12-16 18:22 - 2016-10-15 16:51 - 00001220 _____ C:\Users\J\Desktop\Snipping Tool.lnk
2016-12-16 18:22 - 2016-10-15 10:56 - 00000812 _____ C:\Users\J\Desktop\The Evil Within.lnk
2016-12-16 18:22 - 2016-10-14 21:06 - 00001292 _____ C:\Users\J\Desktop\Hewlett-Packard - Shortcut.lnk
2016-12-16 18:22 - 2016-10-13 20:34 - 00001259 _____ C:\Users\J\Desktop\DyingLightGame - Shortcut.lnk
2016-12-16 18:22 - 2016-10-11 23:20 - 00001334 _____ C:\Users\J\Desktop\Duke Nukem 3D Twentieth Anniversary World Tour.lnk
2016-12-16 18:22 - 2016-09-20 14:11 - 00002150 _____ C:\Users\J\Desktop\Process Hacker 2.lnk
2016-12-16 18:22 - 2016-09-18 21:12 - 00001362 _____ C:\Users\J\Desktop\XCOM 2.lnk
2016-12-16 18:22 - 2016-09-17 22:03 - 00001206 _____ C:\Users\J\Desktop\Marvel Ultimate Alliance 2.lnk
2016-12-16 18:22 - 2016-09-16 21:58 - 00002216 _____ C:\Users\J\Desktop\Call of Cthulhu - The Wasted Land.lnk
2016-12-16 18:22 - 2016-09-16 08:36 - 00001224 _____ C:\Users\J\Desktop\Mother Russia Bleeds.lnk
2016-12-16 18:22 - 2016-09-15 18:49 - 00001807 _____ C:\Users\J\Desktop\A Post Nuclear RPG A.T.O.M..lnk
2016-12-16 18:17 - 2016-08-28 14:14 - 00000000 ____D C:\WINDOWS\SoftwareDistribution
2016-12-16 18:05 - 2016-07-16 03:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2016-12-16 15:25 - 2016-11-15 07:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-16 15:17 - 2016-07-15 22:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-16 15:00 - 2016-11-16 12:17 - 00000825 ___SH C:\WINDOWS\SysWOW64\mmf.sys
2016-12-16 14:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-16 14:58 - 2016-11-15 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-16 14:58 - 2016-10-17 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-12-16 14:57 - 2016-09-19 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-12-16 14:57 - 2016-09-15 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avadon 3 - The Warborn [GOG.com]
2016-12-16 14:57 - 2016-09-09 04:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom
2016-12-16 14:57 - 2016-09-08 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-12-16 14:57 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Links
2016-12-16 14:57 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Favorites
2016-12-16 14:57 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-16 14:57 - 2016-07-16 06:14 - 00000000 ____D C:\WINDOWS\system32\Drivers\en-US
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\wbem
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\migration
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\migration
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\DDFs
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Windows Mail
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Windows Mail
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-16 14:57 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-16 14:57 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-16 14:57 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-16 14:57 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-16 14:57 - 2016-07-15 22:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-16 14:57 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Public\Videos
2016-12-16 14:57 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Public\Pictures
2016-12-16 14:57 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Public\Music
2016-12-16 14:57 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Public\Downloads
2016-12-16 14:57 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Public\Documents
2016-12-16 14:56 - 2016-11-27 11:29 - 00000000 ____D C:\Users\J\Downloads\cemu_1.6.3
2016-12-16 14:56 - 2016-11-22 16:10 - 00000000 ____D C:\Users\J\AppData\Local\Schick_HD_Mod_Control
2016-12-16 14:56 - 2016-11-15 09:12 - 00000000 ____D C:\Users\J\AppData\LocalLow\IObit
2016-12-16 14:56 - 2016-11-15 07:52 - 00000000 ____D C:\Users\J\Documents\Manual
2016-12-16 14:56 - 2016-11-15 07:48 - 00000000 ____D C:\Users\J\Downloads\codex-masquerada.songs.and.shadows.update.1.11
2016-12-16 14:56 - 2016-10-17 17:33 - 00000000 ____D C:\Users\J\AppData\Local\WBFSManager
2016-12-16 14:56 - 2016-10-17 17:31 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
2016-12-16 14:56 - 2016-10-16 18:58 - 00000000 ____D C:\Users\J\AppData\Roaming\Battle.net
2016-12-16 14:56 - 2016-10-15 10:56 - 00000000 ____D C:\Users\J\AppData\Roaming\The Evil Within
2016-12-16 14:56 - 2016-10-14 10:53 - 00000000 ____D C:\Users\J\AppData\Local\StellarOverloadEA1
2016-12-16 14:56 - 2016-10-11 16:24 - 00000000 ____D C:\Users\J\AppData\Local\STW_Installer
2016-12-16 14:56 - 2016-09-24 07:41 - 00000000 ___RD C:\Users\J\Videos
2016-12-16 14:56 - 2016-09-24 03:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ___SD C:\Users\J\AppData\Roaming\Microsoft
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ___RD C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-16 14:56 - 2016-09-24 03:12 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-16 14:56 - 2016-09-24 03:06 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-12-16 14:56 - 2016-09-24 03:06 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-12-16 14:56 - 2016-09-20 08:49 - 00000000 ____D C:\Users\J\AppData\Local\Unity
2016-12-16 14:56 - 2016-09-19 22:34 - 00000000 ____D C:\Users\J\AppData\Local\yahoomessenger
2016-12-16 14:56 - 2016-09-19 10:12 - 00000000 ____D C:\Users\J\AppData\LocalLow\Team Niche
2016-12-16 14:56 - 2016-09-19 08:59 - 00000000 ____D C:\Users\J\Documents\FreeReign
2016-12-16 14:56 - 2016-09-16 21:59 - 00000000 ____D C:\Users\J\Documents\Red Wasp Design Ltd
2016-12-16 14:56 - 2016-09-16 21:58 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-16 14:56 - 2016-09-16 16:44 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-12-16 14:56 - 2016-09-16 16:06 - 00000000 ____D C:\Users\J\AppData\Local\Zombie Army Trilogy
2016-12-16 14:56 - 2016-09-16 09:01 - 00000000 ____D C:\Users\J\AppData\Roaming\ProductData
2016-12-16 14:56 - 2016-09-14 16:42 - 00000000 ____D C:\Users\J\AppData\Local\UnrealEngine
2016-12-16 14:56 - 2016-09-14 06:45 - 00000000 ____D C:\Users\J\AppData\Roaming\Lost Castle_Uninstall
2016-12-16 14:56 - 2016-09-14 00:20 - 00000000 ____D C:\Users\J\Documents\My Games
2016-12-16 14:56 - 2016-09-09 17:49 - 00000000 ____D C:\Users\J\Documents\Command And Conquer Generals Zero Hour Data
2016-12-16 14:56 - 2016-09-09 17:49 - 00000000 ____D C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals
2016-12-16 14:56 - 2016-08-30 07:36 - 00000000 ____D C:\Users\J\AppData\Local\Zombasite
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Searches
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Saved Games
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Music
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ___RD C:\Users\J\Contacts
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ____D C:\Users\J\AppData\Local\VirtualStore
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ____D C:\Users\J\AppData\Local\TileDataLayer
2016-12-16 14:56 - 2016-08-28 14:24 - 00000000 ____D C:\Users\J\AppData\Local\Packages
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SystemResources
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Microsoft
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\CodeIntegrity
2016-12-16 14:56 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\Boot
2016-12-16 14:53 - 2016-11-16 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Al-Qadim - The Genie's Curse [GOG.com]
2016-12-16 14:53 - 2016-11-15 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-16 14:53 - 2016-11-15 07:59 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-16 14:53 - 2016-11-15 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat
2016-12-16 14:53 - 2016-11-13 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake 4
2016-12-16 14:53 - 2016-11-10 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planet Explorers
2016-12-16 14:53 - 2016-11-09 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2016-12-16 14:53 - 2016-11-04 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Age
2016-12-16 14:53 - 2016-11-04 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-12-16 14:53 - 2016-11-03 21:44 - 00000000 ____D C:\Users\J\AppData\Local\FOMM
2016-12-16 14:53 - 2016-11-03 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Mod Manager
2016-12-16 14:53 - 2016-10-18 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2016-12-16 14:53 - 2016-10-18 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom - New Lands [GOG.com]
2016-12-16 14:53 - 2016-10-17 21:27 - 00000000 ____D C:\Users\J\AppData\Local\Downloaded Installations
2016-12-16 14:53 - 2016-10-17 09:57 - 00000000 ____D C:\Users\J\AppData\Local\IIIQF
2016-12-16 14:53 - 2016-10-16 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-12-16 14:53 - 2016-10-16 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-12-16 14:53 - 2016-10-16 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-12-16 14:53 - 2016-10-16 09:59 - 00000000 ____D C:\Users\J\AppData\Local\CAPCOM
2016-12-16 14:53 - 2016-10-15 06:38 - 00000000 ____D C:\Users\J\AppData\Local\Migrate
2016-12-16 14:53 - 2016-10-14 22:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-12-16 14:53 - 2016-10-14 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin Enhanced Edition [GOG.com]
2016-12-16 14:53 - 2016-10-13 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light [GOG.com]
2016-12-16 14:53 - 2016-10-13 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syndrome
2016-12-16 14:53 - 2016-10-11 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem 3D Twentieth Anniversary World Tour
2016-12-16 14:53 - 2016-10-09 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III
2016-12-16 14:53 - 2016-09-24 03:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-12-16 14:53 - 2016-09-24 03:57 - 00000000 ____D C:\Program Files\MSBuild
2016-12-16 14:53 - 2016-09-24 03:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-16 14:53 - 2016-09-24 03:57 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-16 14:53 - 2016-09-19 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duke Nukem Forever
2016-12-16 14:53 - 2016-09-19 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\War for the Overworld Heart of Gold
2016-12-16 14:53 - 2016-09-19 05:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia II
2016-12-16 14:53 - 2016-09-18 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Day of the Tentacle Remastered [GOG.com]
2016-12-16 14:53 - 2016-09-18 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman - The Telltale Series [GOG.com]
2016-12-16 14:53 - 2016-09-17 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Ultimate Alliance 2
2016-12-16 14:53 - 2016-09-16 16:44 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-12-16 14:53 - 2016-09-16 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-16 14:53 - 2016-09-16 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mother Russia Bleeds
2016-12-16 14:53 - 2016-09-15 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
2016-12-16 14:53 - 2016-09-14 18:22 - 00000000 ____D C:\Users\J\AppData\Local\Disc_Soft_Ltd
2016-12-16 14:53 - 2016-09-14 16:42 - 00000000 ____D C:\Users\J\AppData\Local\CrashReportClient
2016-12-16 14:53 - 2016-09-10 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-16 14:53 - 2016-09-09 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-16 14:53 - 2016-09-08 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2016-12-16 14:53 - 2016-09-08 13:53 - 00000000 ____D C:\Program Files (x86)\Deluge
2016-12-16 14:53 - 2016-08-30 07:35 - 00000000 ____D C:\Program Files\HitmanPro
2016-12-16 14:53 - 2016-08-30 07:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-16 14:53 - 2016-08-30 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-12-16 14:53 - 2016-08-30 06:43 - 00000000 ____D C:\Users\J\AppData\Local\Hewlett-Packard
2016-12-16 14:53 - 2016-08-30 06:24 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-16 14:53 - 2015-07-10 03:04 - 00000000 __SHD C:\$Recycle.Bin
2016-12-16 14:35 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\registration
2016-12-16 14:20 - 2016-11-04 15:00 - 00000000 ____D C:\Users\Public\Documents\Steam
2016-12-16 14:19 - 2016-11-14 14:18 - 00000000 ____D C:\Users\J\Downloads\Warlords IV - Heroes of Etheria
2016-12-16 14:19 - 2016-11-13 19:10 - 00000000 ____D C:\Users\J\Downloads\NES
2016-12-16 14:19 - 2016-07-15 22:04 - 00000000 ___RD C:\Users
2016-12-16 14:17 - 2016-11-11 01:06 - 00000000 ____D C:\Users\J\Documents\Larian Studios
2016-12-16 14:15 - 2016-11-15 19:07 - 00000000 ____D C:\Users\J\AppData\Roaming\SuperBoost
2016-12-16 14:15 - 2016-11-15 07:59 - 00000000 ____D C:\Users\J\AppData\LocalLow\Sun
2016-12-16 14:15 - 2016-11-15 07:51 - 00000000 ____D C:\Users\J\AppData\Roaming\ubi.com
2016-12-16 14:15 - 2016-11-11 09:14 - 00000000 ____D C:\Users\J\AppData\Roaming\Opera Software
2016-12-16 14:15 - 2016-10-18 19:19 - 00000000 ____D C:\Users\J\AppData\Roaming\Macromedia
2016-12-16 14:15 - 2016-10-18 12:53 - 00000000 ___SD C:\Users\J\AppData\LocalLow\Microsoft
2016-12-16 14:15 - 2016-10-14 22:59 - 00000000 ____D C:\Users\J\AppData\Roaming\GameRanger
2016-12-16 14:15 - 2016-09-20 08:49 - 00000000 ____D C:\Users\J\AppData\LocalLow\Unity
2016-12-16 14:15 - 2016-09-14 00:20 - 00000000 ____D C:\Users\J\AppData\Roaming\Steam
2016-12-16 14:14 - 2016-09-08 20:17 - 00000000 ____D C:\Users\J\AppData\Local\Steam
2016-12-16 13:59 - 2016-11-15 07:44 - 00000000 ____D C:\Users\J\AppData\Local\Microsoft_Corporation
2016-12-16 13:59 - 2016-11-15 06:15 - 00000000 ____D C:\Users\J\AppData\Local\Kholat
2016-12-16 13:59 - 2016-11-04 10:42 - 00000000 ____D C:\Users\J\AppData\Local\Google
2016-12-16 13:59 - 2016-10-17 10:46 - 00000000 ____D C:\Users\J\AppData\Local\ESET
2016-12-16 13:59 - 2016-10-16 22:53 - 00000000 ____D C:\Users\J\AppData\Local\CyberLink
2016-12-16 13:59 - 2016-09-08 13:21 - 00000000 ____D C:\Users\J\AppData\Local\Mozilla
2016-12-16 13:59 - 2016-08-28 14:45 - 00000000 ____D C:\Users\J\AppData\Local\NVIDIA
2016-12-16 13:58 - 2016-11-15 07:59 - 00000000 ____D C:\ProgramData\Oracle
2016-12-16 13:58 - 2016-11-10 12:45 - 00000000 ____D C:\Users\J\AppData\Local\2K Games
2016-12-16 13:58 - 2016-09-08 20:17 - 00000000 ____D C:\Users\J\AppData\Local\CEF
2016-12-16 13:54 - 2016-07-16 03:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-16 13:50 - 2016-10-17 03:14 - 00000000 ____D C:\BackSys
2016-12-15 16:24 - 2016-12-05 11:09 - 00000000 ____D C:\Users\J\OneDrive
2016-12-15 16:02 - 2016-11-15 07:45 - 00000000 ____D C:\Users\J\Documents\WindowsPowerShell
2016-12-15 15:39 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SchCache
2016-12-15 15:07 - 2016-09-20 07:20 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-15 12:41 - 2016-10-17 00:34 - 00000000 ____D C:\ProgramData\RegRun
2016-12-15 09:45 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-12-15 08:25 - 2016-09-24 03:12 - 05767168 _____ C:\Users\J\NTUSER.bak
2016-12-15 08:25 - 2016-07-15 22:04 - 81788928 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2016-12-15 08:25 - 2016-07-15 22:04 - 20185088 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2016-12-15 08:25 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2016-12-15 08:25 - 2016-07-15 22:04 - 00049152 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-12-15 06:52 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\debug
2016-12-15 01:53 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-14 01:07 - 2016-10-18 12:27 - 00000000 ____D C:\Users\J\AppData\Local\MicrosoftEdge
2016-12-12 15:37 - 2016-09-09 17:14 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-12 15:37 - 2016-09-09 17:14 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-12 15:37 - 2016-09-09 17:14 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-12 15:37 - 2016-09-09 17:14 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-12 15:37 - 2016-09-09 17:14 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-12 15:36 - 2016-09-09 17:13 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 06:37 - 2016-09-09 17:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-11 15:56 - 2016-10-29 13:12 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 15:56 - 2016-10-29 13:12 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 03:14 - 2016-11-15 04:08 - 00524288 ___SH C:\Users\J\ntuser.dat{0824e94e-ab2c-11e6-9c1d-dc4a3eaae2e0}.TMContainer00000000000000000002.regtrans-ms
2016-12-11 03:14 - 2016-11-15 04:08 - 00065536 ___SH C:\Users\J\ntuser.dat{0824e94e-ab2c-11e6-9c1d-dc4a3eaae2e0}.TM.blf
2016-12-10 16:37 - 2016-09-24 07:41 - 00000174 ___SH C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 16:37 - 2016-08-28 14:24 - 00000458 ___SH C:\Users\J\Desktop\desktop.ini
2016-12-10 16:37 - 2016-08-28 14:24 - 00000402 ___SH C:\Users\J\Documents\desktop.ini
2016-12-10 16:37 - 2016-08-28 14:24 - 00000282 ___SH C:\Users\J\Downloads\desktop.ini
2016-12-10 16:37 - 2016-08-28 14:24 - 00000174 ___SH C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\zh-TW
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\zh-CN
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\th-TH
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\sv-SE
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\ru-RU
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\pt-PT
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\pt-BR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\pl-PL
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\nl-NL
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\nb-NO
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\ko-KR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\ja-jp
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\it-IT
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\hu-HU
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\he-IL
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\fi-FI
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\es-ES
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\el-GR
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\de-DE
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\da-DK
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\cs-CZ
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2016-12-10 16:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2016-12-10 16:19 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-12-10 16:19 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 16:17 - 2016-07-16 03:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-12-10 02:46 - 2016-10-16 15:57 - 00001460 _____ C:\Users\J\Documents\hosts.txt
2016-12-10 01:15 - 2016-11-15 11:55 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2016-12-09 15:39 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-12-09 12:13 - 2016-10-11 23:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SysWOW64
2016-12-09 08:49 - 2016-11-15 09:33 - 00003022 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (J)
2016-12-09 07:52 - 2016-10-16 22:50 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-12-09 07:51 - 2016-10-16 23:01 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2016-12-09 07:51 - 2016-10-16 22:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-12-09 03:34 - 2016-11-09 13:25 - 00000000 ____D C:\Users\J\Documents\Diablo III
2016-12-08 20:02 - 2016-10-16 19:06 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-12-08 12:00 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2016-12-08 10:37 - 2016-10-18 01:25 - 00000000 ____D C:\WII
2016-12-07 11:53 - 2016-11-15 04:08 - 00524288 ___SH C:\Users\J\ntuser.dat{0824e94e-ab2c-11e6-9c1d-dc4a3eaae2e0}.TMContainer00000000000000000001.regtrans-ms
2016-12-07 11:48 - 2016-11-15 04:07 - 00524288 ___SH C:\WINDOWS\system32\config\drivers{0824e8e4-ab2c-11e6-9c1d-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2016-12-07 11:48 - 2016-11-15 04:07 - 00065536 ___SH C:\WINDOWS\system32\config\drivers{0824e8e4-ab2c-11e6-9c1d-806e6f6e6963}.TM.blf
2016-12-07 09:40 - 2016-07-16 03:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-07 09:30 - 2016-11-15 09:33 - 00000000 ____D C:\Users\J\AppData\Roaming\Dashlane
2016-12-07 09:30 - 2016-11-15 09:33 - 00000000 ____D C:\Program Files (x86)\Dashlane
 
==================== Files in the root of some directories =======
 
2016-10-13 07:29 - 2016-10-13 07:29 - 0004608 _____ () C:\Users\J\AppData\Local\dnow.exe
2016-10-13 07:30 - 2016-10-13 07:30 - 0005120 _____ () C:\Users\J\AppData\Local\dnow4.exe
2016-12-16 15:48 - 2016-12-16 15:48 - 0000218 _____ () C:\Users\J\AppData\Local\recently-used.xbel
2016-11-14 18:39 - 2016-11-14 18:39 - 0000017 _____ () C:\Users\J\AppData\Local\resmon.resmoncfg
2016-12-28 23:25 - 2017-01-04 23:37 - 0003320 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-28 23:25 - 2017-01-04 20:03 - 0003320 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
Files to move or delete:
====================
C:\Users\Public\ASR.dat
 
 
Some files in TEMP:
====================
C:\Users\J\AppData\Local\Temp\dllnt_dump.dll
C:\Users\J\AppData\Local\Temp\libeay32.dll
C:\Users\J\AppData\Local\Temp\msvcr120.dll
C:\Users\J\AppData\Local\Temp\NvTelemetry.dll
C:\Users\J\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\J\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\J\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-28 12:36
 
==================== End of FRST.txt ============================

 

 

 

 

 [attachment=188841:FRST.txt][attachment=188843:Addition.txt]


Edited by juggalotus420000, 05 January 2017 - 07:46 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:43 PM

Posted 07 January 2017 - 11:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

p.s.
Your Addition.txt file failed to attach correctly.

Please post the content in your next reply. I need to review it.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:43 PM

Posted 13 January 2017 - 11:47 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users