Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a virus, camera says it is being accessed without permission


  • Please log in to reply
2 replies to this topic

#1 accidentally

accidentally

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 11 January 2017 - 07:14 AM

Hey so,

 

A lot was wrong with my computer yesterday, but now the camera thing is what has me worried mainly. I think I downloaded a virus a few days ago. I still have the .exe file, that i suspect, if that's any help.

 

First I got this message https://www.bleepingcomputer.com/forums/t/637042/error-message-disk-failing/#entry4158130

 

As indiciated in that thread, I ran a disk scanner and it seems the message might be legit as my hard disk seems to have a component close to failing.

 

However I'm also getting this message http://imgur.com/a/q3DR1 telling me someone might be spying on my through my webcam.

 I've followed this guide https://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

 

This is the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Ahmed (administrator) on AHMEDPC (11-01-2017 07:00:10)
Running from C:\Users\Ahmed\Downloads
Loaded Profiles: Ahmed (Available Profiles: Ahmed)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Copyright © 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\DFDWiz.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\KOR\KorIME.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Copyright © 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-01-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-22] (Copyright © 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe [9523496 2017-01-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2017-01-10] ()
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\MountPoints2: {3a89b541-c236-11e6-825c-0c54a5335cc1} - "V:\setup.exe" 
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\MountPoints2: {80ee7541-b9ce-11e6-824e-806e6f6e6963} - "E:\setup.exe" 
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\MountPoints2: {d76f3397-c54d-11e6-825c-0c54a5335cc1} - "U:\setup.exe" 
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7CB38017-EC7F-4DEB-BAF0-0535F5AE0F33}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={B3EDC7DA-1A96-4549-80FF-841D17CD8B2A}&mid=bcdf57d7c9ac47cfa1d8dd1de3d7b532-f3125acff7aee72998b0feb5567e8340e2fa1de0&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2017-01-11 00:38:10&v=4.3.6.255&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-498154635-3982409679-3460200968-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B3EDC7DA-1A96-4549-80FF-841D17CD8B2A}&mid=bcdf57d7c9ac47cfa1d8dd1de3d7b532-f3125acff7aee72998b0feb5567e8340e2fa1de0&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2017-01-11 00:38:10&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-498154635-3982409679-3460200968-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B3EDC7DA-1A96-4549-80FF-841D17CD8B2A}&mid=bcdf57d7c9ac47cfa1d8dd1de3d7b532-f3125acff7aee72998b0feb5567e8340e2fa1de0&lang=en&ds=AVG&coid=avgtbavg&cmpid=ZenTest_B_0&pr=fr&d=2017-01-11 00:38:10&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-10] (AVG)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-03] (Google Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-10] (AVG)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-03] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-03] (Google Inc.)
 
FireFox:
========
FF HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Ahmed\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Stream Web Extension) - C:\Users\Ahmed\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2015-12-18]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-498154635-3982409679-3460200968-1001: @acestream.net/acestreamplugin,version=3.1.1 -> C:\Users\Ahmed\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
 
Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (Google Slides) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-03]
CHR Extension: (Google Drive) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-03]
CHR Extension: (YouTube) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (AVG Secure Search) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-01-10]
CHR Extension: (Google Sheets) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-03]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-03]
CHR Extension: (Gmail) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\Ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-03]
CHR HKU\S-1-5-21-498154635-3982409679-3460200968-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-498154635-3982409679-3460200968-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [260080 2017-01-10] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [6183576 2017-01-10] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1255272 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-22] (Copyright © 2016 Plays.tv, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-23] (IDT, Inc.) [File not signed]
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2017-01-10] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2017-01-10] ()
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [165624 2017-01-10] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [311592 2017-01-10] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-01-10] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336920 2017-01-10] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-01-10] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-01-10] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [127072 2017-01-10] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [101624 2017-01-10] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [75664 2017-01-10] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [992488 2017-01-10] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [555152 2017-01-10] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [163512 2017-01-10] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [311472 2017-01-10] (AVG Technologies CZ, s.r.o.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-24] (Realtek Semiconductor Corporation                           )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-11 07:00 - 2017-01-11 07:01 - 00015837 _____ C:\Users\Ahmed\Downloads\FRST.txt
2017-01-11 06:59 - 2017-01-11 07:00 - 00000000 ____D C:\FRST
2017-01-11 06:59 - 2017-01-11 06:59 - 02419200 _____ (Farbar) C:\Users\Ahmed\Downloads\FRST64.exe
2017-01-10 21:21 - 2017-01-10 21:21 - 03822364 _____ C:\Users\Ahmed\Downloads\HDDScan-3.3.zip
2017-01-10 21:21 - 2017-01-10 21:21 - 00000000 ____D C:\Users\Ahmed\Downloads\HDDScan-3.3
2017-01-10 21:05 - 2017-01-10 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-10 20:56 - 2017-01-10 20:56 - 00000000 ____D C:\$WINDOWS.~BT
2017-01-10 20:52 - 2017-01-10 21:40 - 00209558 _____ C:\TDSSKiller.3.1.0.12_10.01.2017_20.52.29_log.txt
2017-01-10 20:51 - 2017-01-10 20:51 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ahmed\Downloads\tdsskiller.exe
2017-01-10 19:55 - 2017-01-11 06:52 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\Skype
2017-01-10 19:55 - 2017-01-10 19:55 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2017-01-10 19:55 - 2017-01-10 19:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-10 19:55 - 2017-01-10 19:55 - 00000000 ____D C:\Users\Ahmed\Tracing
2017-01-10 19:55 - 2017-01-10 19:55 - 00000000 ____D C:\ProgramData\Skype
2017-01-10 19:55 - 2017-01-10 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-01-10 19:54 - 2017-01-10 19:54 - 01629664 _____ (Skype Technologies S.A.) C:\Users\Ahmed\Downloads\SkypeSetup.exe
2017-01-10 19:38 - 2017-01-10 19:39 - 00000000 ____D C:\Users\Ahmed\AppData\Local\AVG Web TuneUp
2017-01-10 19:38 - 2017-01-10 19:39 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-01-10 19:38 - 2017-01-10 19:38 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\AVG
2017-01-10 19:38 - 2017-01-10 19:38 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2017-01-10 19:38 - 2017-01-10 19:38 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-01-10 19:38 - 2017-01-10 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-10 19:38 - 2017-01-10 19:38 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-01-10 19:37 - 2017-01-10 19:37 - 00555152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00397800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-01-10 19:37 - 2017-01-10 19:37 - 00311472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00127072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00075664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-01-10 19:37 - 2017-01-10 19:37 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00992488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00165624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys
2017-01-10 19:37 - 2017-01-10 19:36 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2017-01-10 19:35 - 2017-01-10 19:35 - 00001004 _____ C:\Users\Public\Desktop\AVG.lnk
2017-01-10 19:35 - 2017-01-10 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-01-10 19:33 - 2017-01-10 19:35 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-10 19:32 - 2017-01-10 20:29 - 00000000 ____D C:\ProgramData\Avg
2017-01-10 19:32 - 2017-01-10 19:34 - 00000000 ____D C:\Users\Ahmed\AppData\Local\AvgSetupLog
2017-01-10 19:32 - 2017-01-10 19:32 - 03449440 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Ahmed\Downloads\AVG_Protection_Free_1597.exe
2017-01-10 19:32 - 2017-01-10 19:32 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Avg
2017-01-07 07:05 - 2017-01-07 07:05 - 00000092 _____ C:\Users\Ahmed\.gitconfig
2017-01-07 07:01 - 2017-01-10 15:22 - 00000000 ____D C:\Users\Ahmed\AppData\Local\GitHub
2017-01-07 07:01 - 2017-01-07 07:01 - 00000000 ____D C:\Users\Ahmed\Documents\GitHub
2017-01-07 07:01 - 2017-01-07 07:01 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\GitHub
2017-01-07 07:00 - 2017-01-10 15:20 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2017-01-07 06:58 - 2017-01-10 15:52 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Apps\2.0
2017-01-07 06:58 - 2017-01-07 07:02 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Deployment
2017-01-07 06:57 - 2017-01-07 06:57 - 00000000 ____D C:\Users\Ahmed\Downloads\chrome-hls-master
2017-01-07 06:56 - 2017-01-07 06:56 - 00213043 _____ C:\Users\Ahmed\Downloads\chrome-hls-master.zip
2017-01-05 21:50 - 2017-01-05 21:50 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign869ea5cf1736d827
2017-01-05 21:49 - 2017-01-05 21:49 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign6198de07760c3549
2017-01-05 21:41 - 2017-01-05 21:41 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsignb0027458dd4a617b
2017-01-05 21:40 - 2017-01-05 21:40 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsignedf3fb39a63ee877
2017-01-05 21:40 - 2017-01-05 21:40 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsignd02a4e6f754dc8ec
2017-01-05 21:14 - 2017-01-05 21:14 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsigne4788b5c5f3d4ac4
2017-01-05 18:43 - 2017-01-05 18:43 - 00000000 ____D C:\Users\Ahmed\AppData\LocalLow\Adobe
2017-01-05 18:43 - 2017-01-05 18:43 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign92aae96c9231a2a5
2017-01-05 18:43 - 2017-01-05 18:43 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign014a6b918b92c429
2017-01-05 18:42 - 2017-01-05 18:42 - 00000034 _____ C:\Users\Ahmed\AppData\Roaming\AdobeWLCMCache.dat
2017-01-05 18:15 - 2017-01-05 18:15 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\AMD
2017-01-05 18:15 - 2017-01-05 18:15 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsigne6c1e4cc55d871fd
2017-01-05 18:15 - 2017-01-05 18:15 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign7c5030d6c9cfc901
2017-01-05 18:15 - 2017-01-05 18:15 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Tempzxpsign266e87e8f4faf37b
2017-01-05 18:15 - 2017-01-05 18:15 - 00000000 ____D C:\Users\Ahmed\AppData\Local\CEF
2017-01-05 18:10 - 2017-01-05 18:10 - 00000000 ____D C:\Users\Ahmed\Documents\Adobe
2017-01-05 14:18 - 2017-01-05 14:24 - 00000000 ____D C:\Users\Ahmed\Downloads\Adobe Creative Cloud‎ 2017 Master Collection Incl Crack [SadeemPC]
2017-01-05 14:02 - 2017-01-05 18:44 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-01-05 14:00 - 2017-01-10 13:52 - 00000000 ____D C:\Program Files\Adobe
2017-01-05 13:55 - 2017-01-05 17:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-05 13:51 - 2017-01-10 15:23 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-01-05 13:44 - 2017-01-06 02:00 - 00000000 ____D C:\ProgramData\Adobe
2017-01-05 13:43 - 2017-01-10 02:00 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Adobe
2017-01-05 12:52 - 2017-01-10 15:20 - 00000000 ____D C:\Users\Ahmed\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]
2017-01-05 12:47 - 2017-01-05 12:48 - 00000000 ____D C:\Users\Ahmed\Downloads\Encore Working
2016-12-29 11:40 - 2016-12-29 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2016-12-29 11:33 - 2016-12-29 11:33 - 595217120 _____ C:\Windows\MEMORY.DMP
2016-12-29 11:33 - 2016-12-29 11:33 - 00281184 _____ C:\Windows\Minidump\122916-26250-01.dmp
2016-12-29 11:33 - 2016-12-29 11:33 - 00000000 ____D C:\Windows\Minidump
2016-12-27 08:43 - 2017-01-05 13:08 - 00000000 ____D C:\Users\Ahmed\AppData\LocalLow\uTorrent
2016-12-25 20:29 - 2016-12-25 20:38 - 25142629 _____ C:\Users\Ahmed\Downloads\optionfilev0.5.zip
2016-12-25 20:20 - 2016-12-25 20:20 - 00000000 ____D C:\Users\Ahmed\Downloads\update 9.2.1
2016-12-25 20:13 - 2016-12-25 20:14 - 70599509 _____ C:\Users\Ahmed\Downloads\update 9.2.1.rar
2016-12-25 19:34 - 2016-12-25 19:34 - 00000000 ____D C:\Program Files (x86)\© SMoKE Patch Inc
2016-12-25 19:25 - 2016-12-25 19:54 - 00000000 ____D C:\Users\Ahmed\Downloads\PES 2017 SMoKE Patch 9.1 FULL + update 9.1.1b (highly compressed)
2016-12-25 14:35 - 2016-12-25 14:41 - 00001472 _____ C:\Users\Ahmed\Desktop\PTE Patch Selector.lnk
2016-12-25 14:28 - 2016-12-25 14:28 - 00000000 ____D C:\Program Files\Steam
2016-12-25 14:24 - 2016-12-25 14:26 - 00000000 ____D C:\Program Files (x86)\New folder
2016-12-25 13:49 - 2016-12-25 14:15 - 00000000 ____D C:\Users\Ahmed\Downloads\PTE Patch 2017 3.0 [for PES 2017]
2016-12-25 13:12 - 2016-09-21 03:46 - 00000108 _____ C:\Users\Ahmed\Downloads\DONATE via PAYPAL.url
2016-12-25 13:12 - 2016-09-17 06:11 - 00000059 _____ C:\Users\Ahmed\Downloads\DFL OptionFile on Twitter.url
2016-12-25 13:12 - 2016-09-17 06:11 - 00000054 _____ C:\Users\Ahmed\Downloads\DFL OptionFile TWITCH.url
2016-12-25 13:12 - 2016-09-17 06:10 - 00000069 _____ C:\Users\Ahmed\Downloads\How to get BUNDESLIGA in PES 2017 for PS4 - NEW TUTORIAL!.url
2016-12-25 13:12 - 2016-09-15 05:49 - 00000065 _____ C:\Users\Ahmed\Downloads\DFL OptionFile on Facebook.url
2016-12-25 13:01 - 2016-12-25 13:03 - 171306638 _____ C:\Users\Ahmed\Downloads\DFL OF V4-2.zip
2016-12-25 04:38 - 2016-12-25 04:38 - 00000000 ____D C:\Users\Ahmed\Documents\KONAMI
2016-12-25 04:38 - 2016-12-25 04:38 - 00000000 ____D C:\Users\Ahmed\Documents\CPY_SAVES
2016-12-25 04:38 - 2016-12-25 04:38 - 00000000 ____D C:\ProgramData\KONAMI
2016-12-25 04:35 - 2016-12-25 04:35 - 00001256 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2017 Settings.lnk
2016-12-25 04:35 - 2016-12-25 04:35 - 00001247 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2017.lnk
2016-12-25 04:35 - 2016-12-25 04:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2017
2016-12-25 04:26 - 2017-01-10 21:03 - 00000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2017
2016-12-25 03:03 - 2016-12-25 03:23 - 00000000 ____D C:\Users\Ahmed\Downloads\Pro.Evolution.Soccer.2017-CPY
2016-12-25 03:01 - 2016-12-25 03:01 - 00055961 _____ C:\Users\Ahmed\Downloads\Pro Evolution Soccer 2017-CPY-[rarbg.com].torrent
2016-12-24 11:58 - 2016-12-24 16:42 - 00000000 ____D C:\Users\Ahmed\Downloads\The Class of 92 (2013)
2016-12-22 21:05 - 2016-12-22 21:15 - 00000000 ____D C:\Users\Ahmed\Downloads\Futurama - Seasons 1-7
2016-12-17 20:28 - 2016-12-17 20:34 - 00000000 ____D C:\Users\Ahmed\Downloads\SimCity.4.Deluxe.Edition.MULTi8-GoodOldGames
2016-12-17 18:44 - 2016-12-17 18:46 - 00000000 ____D C:\Users\Ahmed\Downloads\Game of Thrones Season 4
2016-12-17 18:44 - 2016-12-17 18:44 - 00000000 ____D C:\Users\Ahmed\Downloads\Game.Of.Thrones.S05.Season.5.COMPLETE.1080p.HDTV.x264.anoXmous
2016-12-17 18:41 - 2016-12-17 18:44 - 00000000 ____D C:\Users\Ahmed\Downloads\Game.of.Thrones.Season.6.1080p.HDTV.x265.ShAaNiG
2016-12-17 18:41 - 2016-12-17 18:44 - 00000000 ____D C:\Users\Ahmed\Downloads\Django.Unchained.2012.720p.BluRay.x264-SPARKS [PublicHD]
2016-12-17 12:14 - 2016-12-17 12:51 - 00000000 ____D C:\Users\Ahmed\Downloads\Rich Dad, Poor Dad - Robert Kiyosaki - 19 MP3 Audiobooks
2016-12-16 09:35 - 2016-12-16 09:35 - 140742472 _____ C:\Users\Ahmed\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US (1).exe
2016-12-16 09:34 - 2017-01-10 14:10 - 00085504 _____ C:\Users\Ahmed\Downloads\Ahmed Aly colombia.doc
2016-12-15 12:15 - 2016-12-15 12:15 - 00000000 ____D C:\Users\Ahmed\Documents\Electronic Arts
2016-12-15 12:12 - 2016-12-15 12:12 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-12-15 12:12 - 2016-12-15 12:12 - 00001199 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2016-12-15 12:12 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-12-15 12:04 - 2016-12-15 12:12 - 00000000 ____D C:\Program Files (x86)\The Sims 4
2016-12-15 11:54 - 2016-12-15 11:54 - 01697808 _____ (Sysprogs OU) C:\Users\Ahmed\Downloads\WinCDEmu-4.1.exe
2016-12-15 11:54 - 2016-12-15 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2016-12-15 11:54 - 2016-12-15 11:54 - 00000000 ____D C:\Program Files (x86)\WinCDEmu
2016-12-15 09:48 - 2016-12-15 09:52 - 00000000 ____D C:\Users\Ahmed\Downloads\The.Sims.4-RELOADED
2016-12-15 09:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-12-15 09:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-12-15 09:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-15 09:20 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-15 09:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-12-15 09:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-12-15 09:20 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-12-15 09:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-12-15 09:20 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-15 09:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-12-15 09:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-15 09:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-15 09:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-15 09:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-15 09:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-15 09:19 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-15 09:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-15 09:19 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-15 09:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-15 09:19 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-15 09:19 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-15 09:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-15 09:19 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-15 09:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-15 09:19 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-15 09:19 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-15 09:19 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-15 09:19 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-15 09:19 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-15 09:19 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-15 09:19 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-15 09:19 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-15 09:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-15 09:19 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-15 09:19 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-15 09:19 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-15 09:19 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-15 09:19 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-15 09:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-15 09:19 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-15 09:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-15 09:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-15 09:19 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-15 09:19 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-15 09:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-15 09:19 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-15 09:19 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-15 09:19 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-15 09:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-15 09:19 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-15 09:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-15 09:19 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-15 09:19 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-15 09:19 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-15 09:19 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-15 09:19 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-15 09:19 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-15 09:19 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-15 09:19 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-15 09:19 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-15 09:19 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-15 09:19 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-15 09:19 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-15 09:19 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-15 09:19 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-15 09:19 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-15 09:19 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-15 09:19 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-15 09:19 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-15 09:19 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-12-15 09:19 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-12-15 09:19 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-15 09:19 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-15 09:19 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-15 09:19 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-15 09:19 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-15 09:19 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-15 09:19 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-15 09:19 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-15 09:19 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-15 09:19 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-15 09:19 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-15 09:19 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-15 09:19 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-12-15 09:19 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-12-15 09:19 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-15 09:19 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-15 09:19 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-15 09:19 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-15 09:19 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-15 09:19 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-15 09:19 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-15 09:19 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-15 09:19 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-15 09:19 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-15 09:19 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-15 09:19 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-15 09:19 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-15 09:19 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-15 09:19 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-15 09:19 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-15 09:18 - 2016-12-15 09:19 - 00010009 _____ C:\Windows\DirectX.log
2016-12-15 09:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-15 09:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-15 09:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-15 09:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-15 09:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-15 09:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-15 09:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-15 09:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-15 09:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-15 09:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-15 09:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-15 09:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-15 09:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-15 09:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-15 09:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-15 09:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-15 09:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-15 09:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-12-15 09:14 - 2016-12-15 09:18 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-15 09:13 - 2016-12-15 09:20 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-15 09:13 - 2016-12-15 09:13 - 00292184 _____ (Microsoft Corporation) C:\Users\Ahmed\Downloads\dxwebsetup.exe
2016-12-15 08:54 - 2016-12-15 08:54 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\WinRAR
2016-12-15 08:54 - 2016-12-15 08:54 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-15 08:54 - 2016-12-15 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-15 08:54 - 2016-12-15 08:54 - 00000000 ____D C:\Program Files\WinRAR
2016-12-15 08:53 - 2016-12-15 08:54 - 02179856 _____ C:\Users\Ahmed\Downloads\winrar-x64-540.exe
2016-12-15 04:21 - 2016-12-15 08:55 - 00000000 ____D C:\Users\Ahmed\Downloads\Football.Manager.2017-ALI213
2016-12-15 04:20 - 2016-12-15 04:20 - 00000000 ____D C:\Users\Ahmed\Downloads\Silicon.Valley.Season.3.720p.HDTV.x265.ShAaNiG
2016-12-15 04:19 - 2016-12-15 04:19 - 00018359 _____ C:\Users\Ahmed\Downloads\Football.Manager.2017-ALI213 (1).torrent
2016-12-15 04:19 - 2016-12-15 04:19 - 00018359 _____ C:\Users\Ahmed\Downloads\Football.Manager.2017-ALI213 (1) (1).torrent
2016-12-15 04:19 - 2016-12-15 04:19 - 00002684 _____ C:\Users\Ahmed\Desktop\µTorrent.lnk
2016-12-14 17:26 - 2017-01-10 15:34 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\uTorrent
2016-12-14 14:51 - 2016-12-11 18:00 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 14:51 - 2016-12-11 18:00 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 14:45 - 2016-12-14 14:45 - 00000000 ____D C:\Windows\system32\appraiser
2016-12-14 14:45 - 2016-12-14 14:45 - 00000000 ____D C:\Windows\Migration
2016-12-14 14:36 - 2016-12-01 09:13 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-14 14:36 - 2016-12-01 09:13 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-14 14:36 - 2016-12-01 09:11 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-14 14:36 - 2016-12-01 09:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-14 14:29 - 2016-09-29 08:13 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-14 14:29 - 2016-08-18 08:11 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-14 14:27 - 2016-12-14 14:27 - 00000000 ____D C:\Program Files\IDT
2016-12-14 14:27 - 2013-04-23 03:33 - 06101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2016-12-14 14:27 - 2013-04-23 03:33 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2016-12-14 14:26 - 2016-11-19 16:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 14:26 - 2016-11-19 16:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 14:26 - 2016-11-19 13:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 14:26 - 2016-11-19 12:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 14:26 - 2016-11-16 16:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 14:26 - 2016-11-12 16:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-14 14:26 - 2016-11-12 14:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-14 14:26 - 2016-11-12 14:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 14:26 - 2016-11-12 14:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 14:26 - 2016-11-12 14:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 14:26 - 2016-11-12 13:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 14:26 - 2016-11-12 13:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 14:26 - 2016-11-12 13:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-14 14:26 - 2016-11-12 13:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 14:26 - 2016-11-12 13:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 14:26 - 2016-11-12 13:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 14:26 - 2016-11-12 12:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-14 14:26 - 2016-11-12 12:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 14:26 - 2016-11-12 12:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 14:26 - 2016-11-12 12:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 14:26 - 2016-11-12 12:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 14:26 - 2016-11-12 12:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 14:26 - 2016-11-12 12:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 14:26 - 2016-11-12 12:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 14:26 - 2016-11-12 12:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 14:26 - 2016-11-12 12:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 14:26 - 2016-11-12 12:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 14:26 - 2016-11-10 21:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 14:26 - 2016-11-05 13:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 14:26 - 2016-11-05 12:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 14:26 - 2016-11-05 12:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 14:26 - 2016-11-05 10:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 14:26 - 2016-11-05 10:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 14:26 - 2016-10-27 21:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 14:26 - 2016-10-27 09:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 14:25 - 2016-11-19 14:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 14:25 - 2016-11-19 12:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 14:25 - 2016-11-09 12:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 14:24 - 2015-01-05 22:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-12-14 14:24 - 2015-01-05 21:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-12-14 14:24 - 2015-01-05 20:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2016-12-14 14:24 - 2015-01-05 20:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2016-12-14 14:20 - 2016-10-05 09:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-12-14 14:20 - 2016-10-05 09:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-12-14 14:20 - 2016-10-05 08:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 14:20 - 2016-10-05 08:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-12-14 14:19 - 2016-11-05 15:46 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-12-14 14:19 - 2016-11-02 15:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-14 14:19 - 2016-11-02 15:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-14 14:19 - 2016-11-02 09:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-14 14:19 - 2016-11-02 09:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-14 14:19 - 2016-10-27 13:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 14:19 - 2016-10-27 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 14:19 - 2016-10-27 13:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-12-14 14:19 - 2016-10-27 13:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 14:19 - 2016-10-27 12:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 14:19 - 2016-10-27 12:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 14:19 - 2016-10-27 12:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 14:19 - 2016-10-27 12:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 14:19 - 2016-10-22 12:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 14:19 - 2016-10-22 12:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 14:19 - 2016-10-22 11:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 14:19 - 2016-10-22 11:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-12-14 14:19 - 2016-10-22 11:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 14:19 - 2016-10-22 11:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 14:19 - 2016-10-22 11:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 14:19 - 2016-10-22 11:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 14:19 - 2016-10-13 14:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-14 14:19 - 2016-10-13 14:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-14 14:19 - 2016-10-12 16:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-12-14 14:19 - 2016-10-12 16:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-12-14 14:19 - 2016-10-11 15:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-12-14 14:19 - 2016-10-11 15:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-12-14 14:19 - 2016-10-11 13:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-12-14 14:19 - 2016-10-11 12:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-14 14:19 - 2016-10-11 11:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-14 14:19 - 2016-10-11 11:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-12-14 14:19 - 2016-10-10 18:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-12-14 14:19 - 2016-10-10 16:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 14:19 - 2016-10-10 16:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 14:19 - 2016-10-10 13:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 14:19 - 2016-10-10 13:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-12-14 14:19 - 2016-10-09 17:59 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-12-14 14:19 - 2016-10-09 09:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-12-14 14:19 - 2016-10-09 09:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-12-14 14:19 - 2016-10-09 09:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-12-14 14:19 - 2016-10-08 17:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-14 14:19 - 2016-10-08 17:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-12-14 14:19 - 2016-10-08 17:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 14:19 - 2016-10-08 17:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-12-14 14:19 - 2016-10-08 17:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-14 14:19 - 2016-10-08 16:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-14 14:19 - 2016-10-08 16:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-12-14 14:19 - 2016-10-08 16:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-12-14 14:19 - 2016-10-08 16:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-12-14 14:19 - 2016-10-07 20:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-14 14:19 - 2016-10-07 20:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-14 14:19 - 2016-10-05 09:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-12-14 14:19 - 2016-10-04 23:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 14:19 - 2016-10-04 23:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 14:19 - 2016-10-04 23:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 14:19 - 2016-10-04 23:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 14:19 - 2016-10-04 15:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-14 14:19 - 2016-10-04 15:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-14 14:19 - 2016-10-04 15:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-12-14 14:19 - 2016-10-04 15:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-14 14:19 - 2016-09-27 15:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 14:19 - 2016-09-20 17:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-14 14:19 - 2016-09-09 17:14 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-12-14 14:19 - 2016-09-09 09:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-12-14 14:19 - 2016-09-09 09:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-12-14 14:19 - 2016-09-09 09:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-14 14:19 - 2016-09-09 09:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-12-14 14:19 - 2016-09-09 09:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-12-14 14:19 - 2016-09-03 13:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-12-14 14:19 - 2016-09-03 13:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-12-14 14:19 - 2016-09-03 12:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-12-14 14:19 - 2016-09-03 11:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-12-14 14:19 - 2016-09-03 11:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-14 14:19 - 2016-09-03 10:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-12-14 14:19 - 2016-09-02 09:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-12-14 14:19 - 2016-09-02 09:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-12-14 14:19 - 2016-09-01 09:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-12-14 14:19 - 2016-09-01 09:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-12-14 14:19 - 2016-09-01 09:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-12-14 14:19 - 2016-08-30 09:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-12-14 14:19 - 2016-08-29 21:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-12-14 14:19 - 2016-08-29 21:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-12-14 14:19 - 2016-08-29 21:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-12-14 14:19 - 2016-08-29 21:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-12-14 14:19 - 2016-08-22 08:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-14 14:19 - 2015-10-22 10:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-12-14 14:18 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-12-14 14:18 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-12-14 14:18 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-12-14 14:18 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-12-14 14:18 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-12-14 14:18 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-12-14 14:18 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-12-14 14:18 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-12-14 14:15 - 2016-09-12 18:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-12-14 14:15 - 2016-09-09 08:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-12-14 14:15 - 2016-09-09 08:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-14 14:15 - 2016-06-03 12:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-12-14 14:14 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2016-12-14 14:14 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-14 14:14 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-14 14:14 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-12-14 14:14 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-12-14 14:14 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-12-14 14:14 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2016-12-14 14:14 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2016-12-14 14:14 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2016-12-14 14:14 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2016-12-14 14:14 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2016-12-14 14:14 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2016-12-14 14:14 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2016-12-14 14:14 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2016-12-14 14:14 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2016-12-14 14:14 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2016-12-14 14:14 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2016-12-14 14:14 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2016-12-14 14:14 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2016-12-14 14:14 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2016-12-14 14:14 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-12-14 14:14 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2016-12-14 14:14 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2016-12-14 14:14 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-12-14 14:14 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-12-14 14:14 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2016-12-14 14:14 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-12-14 14:14 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-12-14 14:14 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-12-14 14:14 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-12-14 14:14 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2016-12-14 14:14 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2016-12-14 14:14 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2016-12-14 14:14 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2016-12-14 14:14 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2016-12-14 14:14 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2016-12-14 14:14 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2016-12-14 14:14 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2016-12-14 14:14 - 2014-10-16 23:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2016-12-14 14:14 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-12-14 14:01 - 2016-12-14 14:01 - 02237120 _____ (BitTorrent Inc.) C:\Users\Ahmed\Downloads\uTorrent.exe
2016-12-14 14:00 - 2016-12-14 14:00 - 00018359 _____ C:\Users\Ahmed\Downloads\Football.Manager.2017-ALI213.torrent
2016-12-14 13:56 - 2016-12-14 13:56 - 00000227 _____ C:\Users\Ahmed\Downloads\Football Manager 2017-ALI213 Torrent.txt
2016-12-14 13:47 - 2016-06-18 15:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-12-14 13:47 - 2016-06-18 15:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-12-14 13:47 - 2016-06-11 14:52 - 00057184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-12-14 13:47 - 2016-06-11 13:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-12-14 13:47 - 2016-06-11 12:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-12-14 13:47 - 2016-06-11 11:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 13:47 - 2016-06-11 11:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-12-14 13:47 - 2016-06-11 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-12-14 13:47 - 2016-06-11 11:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-12-14 13:47 - 2016-06-11 11:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 13:47 - 2016-06-11 11:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-12-14 13:47 - 2016-06-11 11:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-12-14 13:47 - 2016-06-10 15:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-12-14 13:47 - 2016-06-10 13:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-12-14 13:47 - 2016-06-10 13:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-12-14 13:47 - 2016-06-10 13:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-12-14 13:47 - 2016-06-10 13:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-12-14 13:47 - 2016-06-10 13:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-12-14 13:47 - 2016-06-10 13:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-12-14 13:47 - 2016-06-09 14:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-14 13:47 - 2016-06-09 13:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-12-14 13:47 - 2016-06-07 13:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-12-14 13:47 - 2016-06-07 12:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-12-14 13:47 - 2016-05-18 16:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-12-14 13:47 - 2016-05-18 16:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-12-14 13:47 - 2016-05-18 15:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-12-14 13:47 - 2016-05-18 15:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-12-14 13:47 - 2016-05-18 15:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-12-14 13:47 - 2016-05-18 15:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-12-14 13:47 - 2016-05-14 15:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-14 13:47 - 2016-05-14 00:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 13:47 - 2016-05-13 18:08 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-12-14 13:47 - 2016-05-13 18:08 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-12-14 13:47 - 2016-05-13 18:08 - 00032512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-12-14 13:47 - 2016-05-13 17:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 13:47 - 2016-05-13 16:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-14 13:47 - 2016-05-13 16:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-14 13:47 - 2016-05-13 16:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-14 13:47 - 2016-05-13 16:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-12-14 13:47 - 2016-05-13 16:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-14 13:47 - 2016-05-13 16:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-14 13:47 - 2016-05-13 16:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-14 13:47 - 2016-05-13 16:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-12-14 13:47 - 2016-05-13 16:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-12-14 13:47 - 2016-05-13 16:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-12-14 13:47 - 2016-05-13 16:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-12-14 13:47 - 2016-05-12 13:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-12-14 13:47 - 2016-05-12 12:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-12-14 13:47 - 2016-05-06 16:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-12-14 13:47 - 2016-05-05 12:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 13:47 - 2016-05-05 11:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 13:47 - 2016-04-09 17:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-12-14 13:47 - 2016-04-09 17:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-12-14 13:47 - 2016-04-09 17:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-12-14 13:47 - 2016-04-09 17:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-12-14 13:47 - 2016-04-09 17:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-12-14 13:47 - 2016-04-09 16:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-12-14 13:47 - 2016-04-09 16:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-12-14 13:47 - 2016-04-09 16:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-12-14 13:47 - 2016-04-09 16:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-12-14 13:47 - 2016-04-09 16:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-12-14 13:47 - 2016-04-07 11:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-12-14 13:47 - 2016-04-06 16:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-12-14 13:47 - 2016-04-06 13:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-12-14 13:47 - 2016-04-06 13:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-12-14 13:47 - 2016-04-06 11:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-12-14 13:47 - 2016-04-05 17:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-12-14 13:47 - 2016-04-02 08:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-12-14 13:47 - 2016-04-01 12:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-12-14 13:47 - 2016-04-01 11:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-12-14 13:47 - 2016-04-01 11:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-12-14 13:47 - 2016-02-04 11:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-12-14 13:47 - 2016-02-04 11:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-12-14 13:47 - 2016-02-04 11:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-12-12 17:39 - 2016-12-25 14:39 - 00002293 _____ C:\Users\Ahmed\Desktop\Stay with Locals and Make Travel Friends  Couchsurfing.lnk
2016-12-12 17:37 - 2016-12-12 17:37 - 00000000 ____D C:\Users\Ahmed\.QtWebEngineProcess
2016-12-12 17:37 - 2016-12-12 17:37 - 00000000 ____D C:\Users\Ahmed\.Plays.tv
2016-12-12 13:06 - 2016-12-14 14:42 - 00000000 ____D C:\Windows\system32\MRT
2016-12-12 13:06 - 2016-12-14 14:40 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-12 09:47 - 2016-12-12 09:49 - 00000000 ____D C:\Users\Ahmed\Downloads\Silicon.Valley.Season.2.S02E01-10.Complete.720p.HDTV.x264
2016-12-12 09:47 - 2016-07-21 17:59 - 131718518 _____ C:\Users\Ahmed\Downloads\Silicon.Valley.S01E05.720p.BluRay.x265.ShAaNiG.mkv
2016-12-12 09:46 - 2016-07-21 18:01 - 131746103 _____ C:\Users\Ahmed\Downloads\Silicon.Valley.S01E08.720p.BluRay.x265.ShAaNiG.mkv
2016-12-12 09:46 - 2016-07-21 18:01 - 131699201 _____ C:\Users\Ahmed\Downloads\Silicon.Valley.S01E06.720p.BluRay.x265.ShAaNiG.mkv
2016-12-12 09:46 - 2016-07-21 18:01 - 131662563 _____ C:\Users\Ahmed\Downloads\Silicon.Valley.S01E07.720p.BluRay.x265.ShAaNiG.mkv
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-11 06:52 - 2016-12-05 07:17 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\Raptr
2017-01-11 06:51 - 2016-12-05 07:18 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\PlaysTV
2017-01-11 06:51 - 2016-12-03 22:49 - 00000000 ___DO C:\Users\Ahmed\OneDrive
2017-01-11 06:47 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-10 19:55 - 2016-12-03 22:41 - 00000000 ____D C:\Users\Ahmed
2017-01-10 18:45 - 2016-12-03 22:53 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-498154635-3982409679-3460200968-1001
2017-01-10 18:27 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf
2017-01-10 18:26 - 2016-12-03 22:52 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{18423C96-311F-458A-ABE2-85D3313EA696}
2017-01-10 17:53 - 2016-12-10 23:48 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-01-10 17:53 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-10 17:51 - 2016-12-04 08:08 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\.ACEStream
2017-01-10 17:51 - 2016-10-22 08:12 - 00000000 ___HD C:\_acestream_cache_
2017-01-10 15:34 - 2016-12-11 20:12 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\vlc
2017-01-10 15:34 - 2016-12-03 22:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-10 14:53 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-10 14:42 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\registration
2017-01-10 11:19 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-08 21:17 - 2016-12-05 13:45 - 00000000 ____D C:\Users\Ahmed\AppData\Local\ElevatedDiagnostics
2017-01-05 18:43 - 2016-12-03 22:41 - 00000000 ____D C:\Users\Ahmed\AppData\Roaming\Adobe
2016-12-25 20:07 - 2014-11-21 03:44 - 00818732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-25 20:07 - 2013-08-22 10:39 - 00687180 _____ C:\Windows\system32\perfh009.dat
2016-12-25 20:07 - 2013-08-22 10:39 - 00127812 _____ C:\Windows\system32\perfc009.dat
2016-12-25 13:53 - 2016-12-03 22:52 - 00000000 __SHD C:\Users\Ahmed\AppData\Local\EmieUserList
2016-12-25 13:53 - 2016-12-03 22:52 - 00000000 __SHD C:\Users\Ahmed\AppData\Local\EmieSiteList
2016-12-25 13:52 - 2016-12-03 22:52 - 00000000 __SHD C:\Users\Ahmed\AppData\LocalLow\EmieUserList
2016-12-25 13:52 - 2016-12-03 22:51 - 00000000 __SHD C:\Users\Ahmed\AppData\LocalLow\EmieSiteList
2016-12-25 09:52 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\wdi
2016-12-18 02:26 - 2013-08-22 10:31 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-16 17:05 - 2016-12-03 22:54 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 17:05 - 2016-12-03 22:54 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 12:00 - 2016-12-03 22:41 - 00000000 ___RD C:\Users\Ahmed\Videos
2016-12-15 14:17 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache
2016-12-15 13:19 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2016-12-15 09:10 - 2013-08-22 10:36 - 00000000 __SHD C:\$Recycle.Bin
2016-12-15 08:54 - 2016-12-03 22:41 - 00000000 ___RD C:\Users\Ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-15 02:02 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppCompat
2016-12-14 19:06 - 2016-12-03 22:57 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 19:06 - 2016-12-03 22:57 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 16:55 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-12-14 15:02 - 2016-12-05 13:17 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-12-14 14:49 - 2013-08-22 09:44 - 00362712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 14:47 - 2016-12-03 22:05 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 14:47 - 2016-12-03 22:05 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-14 14:45 - 2014-11-21 10:56 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-12-14 14:45 - 2013-08-22 10:36 - 00000000 ___RD C:\Windows\ToastData
2016-12-14 14:45 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-14 14:45 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\en-US
2016-12-14 14:45 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\apppatch
2016-12-14 14:45 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 14:45 - 2013-08-22 08:36 - 00000000 __RSD C:\Windows\Fonts
2016-12-14 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\SysWOW64\migration
2016-12-14 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\oobe
2016-12-14 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\migration
2016-12-14 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\Boot
2016-12-14 14:03 - 2014-11-21 03:00 - 00000000 ____D C:\Windows\system32\Drivers\en-US
2016-12-14 14:03 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\SysWOW64\wbem
2016-12-14 01:27 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\catroot
2016-12-13 00:59 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\WinStore
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sr-Latn-RS
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-12-12 17:30 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-12 17:30 - 2013-08-22 08:36 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-12 14:34 - 2013-08-22 10:36 - 00001086 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-12 13:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-12-12 13:10 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\setup
2016-12-12 13:09 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 13:09 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 13:09 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-12 12:59 - 2013-08-22 08:25 - 00262144 ___SH C:\Users\Default\NTUSER.DAT
2016-12-12 09:37 - 2016-12-03 22:41 - 00000000 ____D C:\Users\Ahmed\AppData\Local\Packages
 
==================== Files in the root of some directories =======
 
2017-01-05 18:42 - 2017-01-05 18:42 - 0000034 _____ () C:\Users\Ahmed\AppData\Roaming\AdobeWLCMCache.dat
 
Some files in TEMP:
====================
C:\Users\Ahmed\AppData\Local\Temp\playstv_patch.exe
C:\Users\Ahmed\AppData\Local\Temp\raptrpatch.exe
C:\Users\Ahmed\AppData\Local\Temp\raptr_stub.exe
C:\Users\Ahmed\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ahmed\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Ahmed\AppData\Local\Temp\sfareca00001.dll
C:\Users\Ahmed\AppData\Local\Temp\sfextra.dll
C:\Users\Ahmed\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-01-05 09:30
 
==================== End of FRST.txt ============================

 

and Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Ahmed (11-01-2017 07:01:44)
Running from C:\Users\Ahmed\Downloads
Windows 8.1 (Update) (X64) (2016-12-04 03:41:12)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-498154635-3982409679-3460200968-500 - Administrator - Disabled)
Ahmed (S-1-5-21-498154635-3982409679-3460200968-1001 - Administrator - Enabled) => C:\Users\Ahmed
Guest (S-1-5-21-498154635-3982409679-3460200968-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-498154635-3982409679-3460200968-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Ace Stream Media 3.1.1 (HKU\S-1-5-21-498154635-3982409679-3460200968-1001\...\AceStream) (Version: 3.1.1 - Ace Stream Media) <==== ATTENTION
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AVG (HKLM\...\AvgZen) (Version: 1.125.2.55495 - AVG Technologies)
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.1.3006 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.125.28 - AVG Technologies) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
FMW 1 (Version: 1.152.5 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.17.6-r119262-release - Plays.tv, LLC)
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version:  - KONAMI)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1824599C-7F5C-4950-9C40-E3DA2E6A8EA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-03] (Google Inc.)
Task: {1DC7BCF1-0F28-4323-9AF9-84767A62C87E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-03] (Google Inc.)
Task: {D3F21248-FA26-4721-A019-45EA3092F9DD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Ahmed\Desktop\Stay with Locals and Make Travel Friends  Couchsurfing.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --win-jumplist-action=most-visited hxxp://couchsurfing.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-01-10 19:38 - 2017-01-10 19:37 - 00980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-01-10 19:38 - 2017-01-10 19:37 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-08-04 00:25 - 2015-08-04 00:25 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00020240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2016-12-22 19:00 - 2016-12-22 19:00 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-01-10 19:33 - 2017-01-10 19:32 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-01-10 19:36 - 2017-01-10 19:36 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-01-10 19:36 - 2017-01-10 19:36 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2016-12-22 19:00 - 2016-12-22 19:00 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2016-12-22 19:00 - 2016-12-22 19:00 - 02620112 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2010-11-22 17:56 - 2010-11-22 17:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-13 18:26 - 2014-05-13 18:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 15:29 - 2015-10-21 15:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 15:29 - 2015-10-21 15:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-26 18:09 - 2015-06-26 18:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 12:08 - 2016-04-19 12:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-22 18:06 - 2010-11-22 18:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2016-12-14 19:06 - 2016-12-08 02:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 19:06 - 2016-12-08 02:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-498154635-3982409679-3460200968-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{4D8C4070-0E85-423F-B59C-27B48C5432D4}C:\users\ahmed\appdata\roaming\acestream\engine\ace_engine.exe] => C:\users\ahmed\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{388FC6C3-FA44-4633-867F-5B82F4AB12A0}C:\users\ahmed\appdata\roaming\acestream\engine\ace_engine.exe] => C:\users\ahmed\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{BC370946-0F9B-4C00-A287-80DB83C038BF}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{9665E47D-0134-4E6F-86FE-2EC50BC98D73}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{1CC1C75B-2E16-499A-9741-2C22B3D56498}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8AB638EE-354C-4193-8263-FEF2BE6197EE}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E6364C86-42ED-4419-A002-681C25CB50F4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3B86F737-84E5-4014-9F13-F719176A0A9B}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3979B736-6CCE-4498-ABFF-AE2DC811EEC0}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{58522E39-8F4F-47E5-85F8-3490C0C88AF9}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9558794-275B-446F-B5FF-4FBEE6DA8B77}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0252FEC9-2E50-40F7-990D-666E03E1845E}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{491C8E49-4CAA-4865-B41C-878C920F7496}] => C:\Users\Ahmed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8C4FA2C-2C48-4E45-9482-D96A0A185BA8}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B9F36B4D-C15F-4CAD-A8A2-4FFDBA7DD875}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/11/2017 07:02:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T12:02:26Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 07:01:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T12:01:56Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 07:01:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T12:01:26Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 07:00:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T12:00:56Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 07:00:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T12:00:26Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 06:59:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T11:59:56Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 06:59:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T11:59:26Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 06:58:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T11:58:56Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 06:58:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T11:58:26Z. Error Code: 0x80071A91.
 
Error: (01/11/2017 06:57:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2116-12-18T11:57:56Z. Error Code: 0x80071A91.
 
 
System errors:
=============
Error: (01/11/2017 06:54:57 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:53 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:49 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:45 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:41 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:37 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:33 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:29 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:54:24 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/11/2017 06:47:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
==================== Memory info =========================== 
 
Processor: AMD A10-5745M APU with Radeon™ HD Graphics 
Percentage of memory in use: 28%
Total physical RAM: 7374.36 MB
Available physical RAM: 5243.38 MB
Total Virtual: 14798.36 MB
Available Virtual: 11831.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.02 GB) (Free:746.78 GB) NTFS
Drive e: (ESD-ISO) (CDROM) (Total:3.29 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E9A69DE)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 

 

 

I hope somebody has the time to go through these.

 

 

 



BC AdBot (Login to Remove)

 


#2 accidentally

accidentally
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 11 January 2017 - 11:07 AM

Ok, there's definitely a virus messing with my drive. According to task manager my drive usage is 100%, mostly being used from a registry file.



#3 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:07:41 PM

Posted 15 January 2017 - 09:30 AM

Why dont you download and run Malwarebytes. Thats a lap top your using?

 

Please download Malwarebytes Anti-Malware 2.0.3.1025 Final to your desktop.

http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.3.1025.exe
 

    Double-click mbam-setup-2.0.3.1025.exe and follow the prompts to install the program.
    At the end, be sure a checkmark is placed next to the following:
        Launch Malwarebytes Anti-Malware
        A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the  scanning and removal capabilities of the program.
    Click Finish.
    On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
    Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
    A Threat Scan will begin.
    With some infections, you may see this message box.
        'Could not load DDA driver'
    Click 'Yes' to this message, to allow the driver to load after a restart.
    Allow the computer to restart. Continue with the rest of these instructions.
    When the scan is complete, click Apply Actions.
    Wait for the prompt to restart the computer to appear, then click on Yes.
    After the restart once you are back at your desktop, open MBAM once more.
    Click on the History tab > Application Logs.
    Double click on the scan log which shows the Date and time of the scan just performed.
    Click 'Copy to Clipboard'

 

The .exe you still have that you think may be malware you can upload to these two websites;

 

https://virusscan.jotti.org/

https://www.virustotal.com/


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users