Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow computer and lots of hangups


  • This topic is locked This topic is locked
16 replies to this topic

#1 cloud4571

cloud4571

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 12 May 2017 - 11:56 PM

im on windows 7 64 bit

windows hangs when doing various different thing and the whole computer becomes unresponsive sometimes up to ten minutes if i have the process manager i can see that the cpu never goes above 25 pct and its the same for the memory.

ive run adwcleaner avast malawarebytes eset and have gone throught the programs with revo and havent seen anything.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
Ran by justin (administrator) on JUSTIN-PC (12-05-2017 22:47:14)
Running from C:\Users\justin\Desktop
Loaded Profiles: justin (Available Profiles: justin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [627648 2017-05-01] (NVIDIA Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-25] (Valve Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1640FB05-5D50-4BB6-884B-8C93559B3653}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{1C353911-8690-437E-9D8F-5677F27449DC}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{73AF5DBC-57FC-4C65-AEBA-FAFF25F8A7C8}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{76ACD09D-A8B9-4E29-804E-165F7F9515FC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B510ABF3-B648-4637-B777-0F0EFD3B1802}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB5B1334-7C5D-43FD-A92A-0F2B977BAABB}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{D5815C7F-609C-45BE-B078-5A0EE12ADC82}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3067796610-4195750952-715676276-1000 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30] (AVAST Software)

FireFox:
========
FF DefaultProfile: atik000r.default
FF ProfilePath: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default [2017-05-12]
FF NewTab: Mozilla\Firefox\Profiles\atik000r.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\atik000r.default -> about:home
FF Extension: (MEGA) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Avast Online Security) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF SearchPlugin: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\searchplugins\google-avast.xml [2016-12-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default [2017-05-12]
CHR Extension: (Google Docs) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-14]
CHR Extension: (Google Drive) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-14]
CHR Extension: (YouTube) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-14]
CHR Extension: (Avast SafePrice) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Gmail) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-14]
CHR Extension: (Chrome Media Router) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5449136 2016-05-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-01] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1600064 2016-11-18] (Ralink Technology Corp.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-05-01] (NVIDIA Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 cpuz140; \??\C:\Users\justin\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dump_wmimmc; \??\C:\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-12 22:47 - 2017-05-12 22:47 - 00013629 _____ C:\Users\justin\Desktop\FRST.txt
2017-05-12 22:46 - 2017-05-12 22:47 - 00000000 ____D C:\FRST
2017-05-12 22:46 - 2017-05-12 22:46 - 02429440 _____ (Farbar) C:\Users\justin\Desktop\FRST64.exe
2017-05-12 22:45 - 2017-05-12 22:45 - 00000000 ____D C:\Users\justin\Desktop\needs to be sorted
2017-05-12 22:35 - 2017-05-12 22:35 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-12 22:23 - 2017-05-12 22:26 - 00000000 ____D C:\AdwCleaner
2017-05-12 20:46 - 2017-05-12 20:46 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-12 20:46 - 2017-05-01 14:14 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-05-12 20:46 - 2017-03-10 15:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-05-12 20:46 - 2017-03-10 15:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-05-12 20:46 - 2017-03-10 15:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-05-12 20:46 - 2017-03-10 15:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-05-12 20:45 - 2017-05-12 20:46 - 00000000 ____D C:\temp
2017-05-12 20:40 - 2017-05-01 16:32 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 35348600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 28592760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 16434624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 14270072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-05-12 20:40 - 2017-05-01 16:32 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 10547624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 09245560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 08805416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 03432896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 03012032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 01053816 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00507504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-05-12 20:40 - 2017-05-01 16:32 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00059448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-05-12 20:40 - 2017-05-01 16:32 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-05-12 20:40 - 2017-05-01 16:32 - 00042897 _____ C:\Windows\system32\nvinfo.pb
2017-05-12 20:40 - 2017-05-01 16:32 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-05-12 20:40 - 2017-05-01 16:32 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-05-11 01:10 - 2017-05-11 01:10 - 00003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2017-05-03 14:16 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-05-11 01:04 - 2017-04-27 19:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-11 01:04 - 2017-04-27 19:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-11 01:04 - 2017-04-27 19:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-11 01:04 - 2017-04-27 19:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-11 01:04 - 2017-04-27 19:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-11 01:04 - 2017-04-27 19:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-11 01:04 - 2017-04-27 19:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-11 01:04 - 2017-04-27 18:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-11 01:04 - 2017-04-27 18:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-11 01:04 - 2017-04-27 18:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-11 01:04 - 2017-04-27 18:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-11 01:04 - 2017-04-27 18:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-11 01:04 - 2017-04-27 18:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-11 01:04 - 2017-04-27 18:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-11 01:04 - 2017-04-27 18:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-11 01:04 - 2017-04-27 18:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-11 01:04 - 2017-04-27 18:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-11 01:04 - 2017-04-27 18:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-11 01:04 - 2017-04-27 18:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-11 01:04 - 2017-04-27 18:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-11 01:04 - 2017-04-27 18:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-11 01:04 - 2017-04-27 18:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-11 01:04 - 2017-04-27 18:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-11 01:04 - 2017-04-27 18:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-11 01:04 - 2017-04-27 18:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-11 01:04 - 2017-04-27 18:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-11 01:04 - 2017-04-27 18:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-11 01:04 - 2017-04-26 08:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-11 01:04 - 2017-04-21 09:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-11 01:04 - 2017-04-21 09:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-11 01:04 - 2017-04-19 18:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-11 01:04 - 2017-04-19 17:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-11 01:04 - 2017-04-17 09:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-11 01:04 - 2017-04-17 09:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-11 01:04 - 2017-04-17 09:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-11 01:04 - 2017-04-17 09:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-11 01:04 - 2017-04-17 09:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-11 01:04 - 2017-04-17 09:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-11 01:04 - 2017-04-17 09:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-11 01:04 - 2017-04-17 09:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-11 01:04 - 2017-04-17 08:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-11 01:04 - 2017-04-16 03:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-11 01:04 - 2017-04-16 03:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-11 01:04 - 2017-04-16 02:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-11 01:04 - 2017-04-16 02:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-11 01:04 - 2017-04-16 02:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-11 01:04 - 2017-04-16 02:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-11 01:04 - 2017-04-16 02:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-11 01:04 - 2017-04-16 02:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-11 01:04 - 2017-04-16 02:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-11 01:04 - 2017-04-16 02:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-11 01:04 - 2017-04-16 02:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-11 01:04 - 2017-04-16 02:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-11 01:04 - 2017-04-16 02:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-11 01:04 - 2017-04-16 02:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-11 01:04 - 2017-04-16 02:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-11 01:04 - 2017-04-16 02:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-11 01:04 - 2017-04-16 02:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-11 01:04 - 2017-04-16 02:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-11 01:04 - 2017-04-16 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-11 01:04 - 2017-04-16 02:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-11 01:04 - 2017-04-16 02:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-11 01:04 - 2017-04-16 02:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-11 01:04 - 2017-04-16 02:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-11 01:04 - 2017-04-16 02:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-11 01:04 - 2017-04-16 02:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-11 01:04 - 2017-04-16 02:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-11 01:04 - 2017-04-16 02:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-11 01:04 - 2017-04-16 02:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-11 01:04 - 2017-04-16 02:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-11 01:04 - 2017-04-16 02:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-11 01:04 - 2017-04-16 02:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-11 01:04 - 2017-04-16 01:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-11 01:04 - 2017-04-16 01:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-11 01:04 - 2017-04-16 01:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-11 01:04 - 2017-04-16 01:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-11 01:04 - 2017-04-16 01:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-11 01:04 - 2017-04-16 01:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-11 01:04 - 2017-04-16 01:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-11 01:04 - 2017-04-16 01:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-11 01:04 - 2017-04-16 01:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-11 01:04 - 2017-04-16 01:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-11 01:04 - 2017-04-16 01:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-11 01:04 - 2017-04-16 01:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-11 01:04 - 2017-04-16 01:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-11 01:04 - 2017-04-16 01:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-11 01:04 - 2017-04-16 01:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-11 01:04 - 2017-04-16 01:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-11 01:04 - 2017-04-16 01:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-11 01:04 - 2017-04-16 01:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-11 01:04 - 2017-04-16 01:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-11 01:04 - 2017-04-16 01:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-11 01:04 - 2017-04-16 01:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-11 01:04 - 2017-04-16 01:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-11 01:04 - 2017-04-16 01:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-11 01:04 - 2017-04-16 01:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-11 01:04 - 2017-04-16 01:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-11 01:04 - 2017-04-16 01:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-11 01:04 - 2017-04-16 01:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-11 01:04 - 2017-04-16 01:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-11 01:04 - 2017-04-16 01:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-11 01:04 - 2017-04-16 00:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-11 01:04 - 2017-04-16 00:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-11 01:04 - 2017-04-16 00:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-11 01:04 - 2017-04-16 00:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-11 01:04 - 2017-04-16 00:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-11 01:04 - 2017-04-16 00:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-11 01:04 - 2017-04-12 09:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-11 01:04 - 2017-04-12 09:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-11 01:04 - 2017-04-12 09:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-11 01:04 - 2017-04-12 09:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-11 01:04 - 2017-04-12 09:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-11 01:04 - 2017-04-12 09:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-11 01:04 - 2017-04-12 09:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-11 01:04 - 2017-04-12 09:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-11 01:04 - 2017-04-07 09:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-11 01:04 - 2017-04-07 09:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-11 01:04 - 2017-04-07 09:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-11 01:04 - 2017-04-07 09:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-11 01:04 - 2017-04-07 09:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-11 01:04 - 2017-04-05 08:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-11 01:04 - 2017-04-05 08:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-11 01:04 - 2017-04-05 08:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-11 01:04 - 2017-04-04 09:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-11 01:04 - 2017-04-04 09:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-11 01:04 - 2017-04-04 09:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-11 01:04 - 2017-04-04 08:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-11 01:04 - 2017-04-04 08:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-09 23:33 - 2017-05-09 23:33 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-06 22:03 - 2017-05-06 22:03 - 00000471 _____ C:\Users\justin\Desktop\BootNTR.cia - Shortcut.lnk
2017-05-03 22:46 - 2017-05-03 22:46 - 00000000 ____D C:\Users\justin\AppData\Local\ESET
2017-05-03 22:35 - 2017-05-03 22:35 - 00000000 ____D C:\Program Files\Defraggler
2017-05-01 20:09 - 2017-03-22 09:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-01 20:09 - 2017-03-22 09:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-05-01 20:09 - 2017-03-10 10:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-05-01 20:09 - 2017-03-10 10:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-05-01 20:09 - 2017-03-10 09:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-01 20:09 - 2017-03-10 09:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-01 20:09 - 2017-03-10 09:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-01 20:09 - 2017-03-10 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-05-01 20:09 - 2017-03-09 10:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-01 20:09 - 2017-03-09 10:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-05-01 20:09 - 2017-03-07 10:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 10:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 08:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-05-01 20:09 - 2017-02-14 10:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-05-01 20:09 - 2017-02-14 10:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-05-01 20:09 - 2017-02-09 10:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-12 22:37 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-12 22:37 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-12 22:36 - 2017-02-23 22:30 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-12 22:36 - 2017-02-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-12 22:36 - 2016-11-18 03:43 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-12 22:35 - 2009-07-13 23:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-12 22:35 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-05-12 22:33 - 2016-11-18 02:06 - 00000000 ____D C:\Users\justin\AppData\LocalLow\Mozilla
2017-05-12 22:32 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-12 22:28 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-12 20:47 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-12 20:44 - 2016-11-19 02:28 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-12 20:43 - 2016-11-18 02:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-12 20:41 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-12 20:39 - 2017-01-24 16:48 - 00000000 ____D C:\Users\justin\AppData\Local\CrashDumps
2017-05-11 01:28 - 2009-07-13 22:45 - 00268392 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 01:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 01:22 - 2016-11-20 03:32 - 00773536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-11 01:19 - 2016-11-24 21:28 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 01:14 - 2016-11-24 21:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-11 01:11 - 2016-11-18 02:34 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-11 01:10 - 2016-12-14 23:58 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-11 00:55 - 2016-11-18 02:16 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 00:55 - 2016-11-18 02:16 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 00:55 - 2016-11-18 02:16 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-11 00:53 - 2017-02-19 01:08 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-09 23:33 - 2016-11-19 02:28 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-09 23:32 - 2016-11-19 02:28 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 14:11 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2017-05-03 22:51 - 2016-11-18 02:11 - 00000000 ____D C:\ProgramData\Oracle
2017-05-03 22:47 - 2017-01-16 17:47 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2017-05-03 22:37 - 2016-12-02 03:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files\Java
2017-05-03 22:31 - 2016-11-18 02:15 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-05-02 12:35 - 2016-11-19 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-02 12:35 - 2016-11-19 16:15 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-01 16:32 - 2016-12-22 20:31 - 13401256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-05-01 16:32 - 2016-12-14 23:58 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-01 16:32 - 2016-11-18 02:42 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-05-01 16:32 - 2016-11-18 02:42 - 00418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 20063696 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 17423240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 04075936 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 03592312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 01600560 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-05-01 16:32 - 2016-11-18 02:41 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-01 14:51 - 2016-11-18 02:42 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-04-30 01:29 - 2016-11-19 16:14 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 01:29 - 2016-11-19 16:14 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-30 01:26 - 2016-12-02 03:25 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-30 01:26 - 2016-11-19 02:28 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149353735842807
2017-04-30 01:26 - 2016-11-19 02:28 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.149353735842807
2017-04-30 01:17 - 2016-11-18 03:00 - 00000000 ____D C:\Users\justin\AppData\Local\ElevatedDiagnostics
2017-04-30 01:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-25 15:11 - 2016-11-18 02:42 - 07944687 _____ C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2016-12-27 02:44 - 2016-12-27 02:44 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-12-14 23:58 - 2017-01-19 16:38 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-14 23:58 - 2017-01-19 03:56 - 0007170 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2016-12-22 20:34 - 2016-12-11 12:23 - 0747648 _____ (NVIDIA Corporation) C:\Users\justin\AppData\Local\Temp\nvSCPAPI.dll
2017-05-12 20:41 - 2016-12-11 12:23 - 0353336 _____ (NVIDIA Corporation) C:\Users\justin\AppData\Local\Temp\nvStInst.exe
2017-05-12 22:35 - 2017-05-12 22:35 - 7178424 _____ (VS Revo Group                                               ) C:\Users\justin\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-05 14:03

==================== End of FRST.txt ============================

Attached Files


Edited by cloud4571, 13 May 2017 - 09:56 PM.


BC AdBot (Login to Remove)

 


#2 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 13 May 2017 - 08:43 PM

OK so I ran awdcleaner before the op and now my computer is in startup repair.
This is my first time turning it on after it cleaned

startup repair failed and so did system restore so i did a memory scan and when it rebooted it said restore completed so i reran the scan

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
Ran by justin (administrator) on JUSTIN-PC (13-05-2017 20:47:07)
Running from C:\Users\justin\Downloads
Loaded Profiles: justin (Available Profiles: justin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-25] (Valve Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1640FB05-5D50-4BB6-884B-8C93559B3653}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{1C353911-8690-437E-9D8F-5677F27449DC}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{73AF5DBC-57FC-4C65-AEBA-FAFF25F8A7C8}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{76ACD09D-A8B9-4E29-804E-165F7F9515FC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B510ABF3-B648-4637-B777-0F0EFD3B1802}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB5B1334-7C5D-43FD-A92A-0F2B977BAABB}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{D5815C7F-609C-45BE-B078-5A0EE12ADC82}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3067796610-4195750952-715676276-1000 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30] (AVAST Software)

FireFox:
========
FF DefaultProfile: atik000r.default
FF ProfilePath: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default [2017-05-13]
FF NewTab: Mozilla\Firefox\Profiles\atik000r.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\atik000r.default -> about:home
FF Extension: (MEGA) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Avast Online Security) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF SearchPlugin: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\searchplugins\google-avast.xml [2016-12-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default [2017-05-05]
CHR Extension: (Google Docs) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-14]
CHR Extension: (Google Drive) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-14]
CHR Extension: (YouTube) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-14]
CHR Extension: (Avast SafePrice) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Gmail) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-14]
CHR Extension: (Chrome Media Router) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5449136 2016-05-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-03] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1600064 2016-11-18] (Ralink Technology Corp.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 cpuz140; \??\C:\Users\justin\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dump_wmimmc; \??\C:\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-13 20:47 - 2017-05-13 20:48 - 00014250 _____ C:\Users\justin\Downloads\FRST.txt
2017-05-13 20:46 - 2017-05-13 20:46 - 02429440 _____ (Farbar) C:\Users\justin\Downloads\FRST64.exe
2017-05-13 20:46 - 2017-05-13 20:46 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-13 20:42 - 2017-05-13 20:42 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-05-13 20:42 - 2017-05-09 23:33 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-12 22:47 - 2017-05-12 22:48 - 00070642 _____ C:\Users\justin\Desktop\FRST.txt
2017-05-12 22:47 - 2017-05-12 22:48 - 00042320 _____ C:\Users\justin\Desktop\Addition.txt
2017-05-12 22:46 - 2017-05-13 20:47 - 00000000 ____D C:\FRST
2017-05-12 22:45 - 2017-05-12 22:45 - 00000000 ____D C:\Users\justin\Desktop\needs to be sorted
2017-05-12 22:23 - 2017-05-13 21:45 - 00000000 ____D C:\AdwCleaner
2017-05-12 20:45 - 2017-05-12 20:46 - 00000000 ____D C:\temp
2017-05-11 01:10 - 2017-05-11 01:10 - 00003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2017-05-03 14:16 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-05-11 01:10 - 2017-05-03 14:16 - 00048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-05-11 01:08 - 2017-05-11 01:08 - 86191168 _____ (NVIDIA Corporation) C:\Users\justin\Downloads\GeForce_Experience_v3.6.0.74.exe
2017-05-06 22:03 - 2017-05-06 22:03 - 00000471 _____ C:\Users\justin\Desktop\BootNTR.cia - Shortcut.lnk
2017-05-03 22:46 - 2017-05-03 22:46 - 06752896 _____ (ESET spol. s r.o.) C:\Users\justin\Downloads\esetonlinescanner_enu.exe
2017-05-03 22:46 - 2017-05-03 22:46 - 00000000 ____D C:\Users\justin\AppData\Local\ESET
2017-05-03 22:35 - 2017-05-03 22:35 - 00000000 ____D C:\Program Files\Defraggler
2017-05-01 20:09 - 2017-03-27 12:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-01 20:09 - 2017-03-27 11:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-01 20:09 - 2017-03-25 13:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-01 20:09 - 2017-03-25 13:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-01 20:09 - 2017-03-25 13:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-01 20:09 - 2017-03-25 12:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-01 20:09 - 2017-03-25 12:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-01 20:09 - 2017-03-25 12:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-01 20:09 - 2017-03-25 12:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-01 20:09 - 2017-03-25 12:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-01 20:09 - 2017-03-25 12:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-01 20:09 - 2017-03-25 12:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-01 20:09 - 2017-03-25 12:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-01 20:09 - 2017-03-25 12:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-01 20:09 - 2017-03-25 12:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-01 20:09 - 2017-03-25 12:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-01 20:09 - 2017-03-25 12:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-01 20:09 - 2017-03-25 12:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-01 20:09 - 2017-03-25 12:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-01 20:09 - 2017-03-25 12:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-01 20:09 - 2017-03-25 12:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-01 20:09 - 2017-03-25 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-01 20:09 - 2017-03-25 12:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-01 20:09 - 2017-03-25 12:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-01 20:09 - 2017-03-25 12:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-01 20:09 - 2017-03-25 12:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-01 20:09 - 2017-03-25 12:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-01 20:09 - 2017-03-25 11:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-01 20:09 - 2017-03-25 11:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-01 20:09 - 2017-03-25 11:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-01 20:09 - 2017-03-25 11:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-01 20:09 - 2017-03-25 11:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-01 20:09 - 2017-03-25 11:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-01 20:09 - 2017-03-25 11:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-01 20:09 - 2017-03-25 11:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-01 20:09 - 2017-03-25 11:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-01 20:09 - 2017-03-25 11:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-01 20:09 - 2017-03-25 11:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-01 20:09 - 2017-03-25 11:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-01 20:09 - 2017-03-25 11:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-01 20:09 - 2017-03-25 11:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-01 20:09 - 2017-03-25 11:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-01 20:09 - 2017-03-25 11:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-01 20:09 - 2017-03-25 11:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-01 20:09 - 2017-03-25 11:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-01 20:09 - 2017-03-25 11:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-01 20:09 - 2017-03-25 10:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-01 20:09 - 2017-03-25 10:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-01 20:09 - 2017-03-25 10:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-01 20:09 - 2017-03-25 10:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-01 20:09 - 2017-03-25 10:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-01 20:09 - 2017-03-25 10:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-01 20:09 - 2017-03-25 10:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-01 20:09 - 2017-03-25 10:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-01 20:09 - 2017-03-24 16:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-01 20:09 - 2017-03-24 16:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-01 20:09 - 2017-03-22 09:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-05-01 20:09 - 2017-03-14 09:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-01 20:09 - 2017-03-14 09:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-01 20:09 - 2017-03-14 09:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-01 20:09 - 2017-03-10 10:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-05-01 20:09 - 2017-03-10 10:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-05-01 20:09 - 2017-03-10 10:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-01 20:09 - 2017-03-10 09:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-01 20:09 - 2017-03-10 09:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-01 20:09 - 2017-03-10 09:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-01 20:09 - 2017-03-10 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-05-01 20:09 - 2017-03-09 10:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-01 20:09 - 2017-03-09 10:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-05-01 20:09 - 2017-03-08 14:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-01 20:09 - 2017-03-08 14:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-01 20:09 - 2017-03-07 22:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-01 20:09 - 2017-03-07 22:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-01 20:09 - 2017-03-07 22:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-01 20:09 - 2017-03-07 22:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-01 20:09 - 2017-03-07 22:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-01 20:09 - 2017-03-07 22:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-01 20:09 - 2017-03-07 22:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-01 20:09 - 2017-03-07 22:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-01 20:09 - 2017-03-07 22:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 22:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-01 20:09 - 2017-03-07 22:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-01 20:09 - 2017-03-07 22:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-01 20:09 - 2017-03-07 22:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-01 20:09 - 2017-03-07 22:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-01 20:09 - 2017-03-07 21:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-01 20:09 - 2017-03-07 21:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-01 20:09 - 2017-03-07 21:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-01 20:09 - 2017-03-07 21:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-01 20:09 - 2017-03-07 21:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-01 20:09 - 2017-03-07 21:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-01 20:09 - 2017-03-07 21:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-01 20:09 - 2017-03-07 21:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-01 20:09 - 2017-03-07 21:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-01 20:09 - 2017-03-07 21:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-01 20:09 - 2017-03-07 21:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-01 20:09 - 2017-03-07 21:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-01 20:09 - 2017-03-07 21:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 21:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-01 20:09 - 2017-03-07 10:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 10:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 08:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-05-01 20:09 - 2017-02-14 10:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-05-01 20:09 - 2017-02-14 10:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-05-01 20:09 - 2017-02-09 10:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-13 22:20 - 2016-11-19 02:28 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-05-13 22:20 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\security
2017-05-13 22:20 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-13 22:19 - 2017-02-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-13 22:19 - 2017-01-26 18:14 - 00000000 ____D C:\Users\justin\Downloads\Metroid_Prime_Trilogy_USA_Wii-OneUp
2017-05-13 22:19 - 2016-12-22 22:33 - 00000000 ____D C:\Users\justin\Downloads\pcsx2-v1.5.0-dev-1739-g7aa554b-windows-x86
2017-05-13 22:19 - 2016-12-22 20:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-13 22:19 - 2016-12-09 02:13 - 00000000 ____D C:\Users\justin\Downloads\umg
2017-05-13 22:19 - 2016-11-18 03:22 - 00000000 ____D C:\Users\justin\Downloads\lan_W7
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-13 22:19 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Help
2017-05-13 22:19 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-05-13 22:18 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2017-05-13 20:48 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-13 20:48 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-13 20:44 - 2016-11-18 03:43 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-13 20:43 - 2009-07-13 23:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-13 20:43 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-05-13 20:42 - 2017-02-19 01:08 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-13 20:42 - 2016-11-19 02:28 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-13 20:40 - 2016-11-18 02:06 - 00000000 ____D C:\Users\justin\AppData\LocalLow\Mozilla
2017-05-13 20:39 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-13 20:36 - 2016-11-18 02:54 - 00000000 ____D C:\Users\justin
2017-05-13 20:36 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-12 20:39 - 2017-01-24 16:48 - 00000000 ____D C:\Users\justin\AppData\Local\CrashDumps
2017-05-11 01:19 - 2016-11-24 21:28 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 01:11 - 2016-11-18 02:34 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-11 01:10 - 2016-12-14 23:58 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 00:55 - 2016-11-18 02:16 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 00:55 - 2016-11-18 02:16 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 00:55 - 2016-11-18 02:16 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 23:33 - 2016-11-19 02:28 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7BD1.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7BF1.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.149472975890102
2017-05-09 23:33 - 2016-11-19 02:28 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7C21.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B81.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B40.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7BA1.tmp
2017-05-09 23:33 - 2016-11-19 02:28 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B61.tmp
2017-05-09 23:32 - 2017-02-19 01:08 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw7A82.tmp
2017-05-09 23:32 - 2017-02-19 01:08 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw7A23.tmp
2017-05-09 23:32 - 2017-02-19 01:08 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw7A62.tmp
2017-05-09 23:32 - 2017-02-19 01:08 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw7AC2.tmp
2017-05-09 23:32 - 2016-11-19 02:28 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-09 23:32 - 2016-11-19 02:28 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7B11.tmp
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 14:11 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2017-05-03 22:51 - 2016-11-18 02:11 - 00000000 ____D C:\ProgramData\Oracle
2017-05-03 22:47 - 2017-01-16 17:47 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2017-05-03 22:37 - 2016-12-02 03:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files\Java
2017-05-03 22:31 - 2016-11-18 02:15 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-05-03 13:28 - 2016-12-14 23:58 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-03 09:41 - 2016-11-18 02:33 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-02 12:35 - 2016-11-19 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-02 12:35 - 2016-11-19 16:15 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-02 12:18 - 2009-07-13 22:45 - 00268392 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-01 20:14 - 2016-11-24 21:28 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-01 20:12 - 2016-11-20 03:32 - 00773536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-30 01:29 - 2016-11-19 16:14 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 01:29 - 2016-11-19 16:14 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-30 01:26 - 2016-12-02 03:25 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-30 01:26 - 2016-11-19 02:28 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149353735842807
2017-04-30 01:26 - 2016-11-19 02:28 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.149353735842807
2017-04-30 01:17 - 2016-11-18 03:00 - 00000000 ____D C:\Users\justin\AppData\Local\ElevatedDiagnostics
2017-04-30 01:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2016-12-27 02:44 - 2016-12-27 02:44 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-12-14 23:58 - 2017-01-19 16:38 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-14 23:58 - 2017-01-19 03:56 - 0007170 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-05 14:03

==================== End of FRST.txt ============================

Attached Files


Edited by cloud4571, 13 May 2017 - 09:54 PM.


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,729 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:02 PM

Posted 18 May 2017 - 12:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/646511 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 18 May 2017 - 02:39 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by justin (administrator) on JUSTIN-PC (18-05-2017 13:33:42)
Running from C:\Users\justin\Desktop
Loaded Profiles: justin (Available Profiles: justin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-25] (Valve Corporation)
HKU\S-1-5-21-3067796610-4195750952-715676276-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1640FB05-5D50-4BB6-884B-8C93559B3653}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{1C353911-8690-437E-9D8F-5677F27449DC}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{73AF5DBC-57FC-4C65-AEBA-FAFF25F8A7C8}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{76ACD09D-A8B9-4E29-804E-165F7F9515FC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B510ABF3-B648-4637-B777-0F0EFD3B1802}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB5B1334-7C5D-43FD-A92A-0F2B977BAABB}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{D5815C7F-609C-45BE-B078-5A0EE12ADC82}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3067796610-4195750952-715676276-1000 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30] (AVAST Software)

FireFox:
========
FF DefaultProfile: atik000r.default
FF ProfilePath: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default [2017-05-18]
FF NewTab: Mozilla\Firefox\Profiles\atik000r.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\atik000r.default -> about:home
FF Extension: (MEGA) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Avast Online Security) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF SearchPlugin: C:\Users\justin\AppData\Roaming\Mozilla\Firefox\Profiles\atik000r.default\searchplugins\google-avast.xml [2016-12-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default [2017-05-16]
CHR Extension: (Google Docs) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-14]
CHR Extension: (Google Drive) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-14]
CHR Extension: (YouTube) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-14]
CHR Extension: (Avast SafePrice) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Gmail) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-14]
CHR Extension: (Chrome Media Router) - C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5449136 2016-05-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-03] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [1600064 2016-11-18] (Ralink Technology Corp.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 cpuz140; \??\C:\Users\justin\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dump_wmimmc; \??\C:\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-18 13:33 - 2017-05-18 13:33 - 00000000 ____D C:\Users\justin\Desktop\FRST-OlderVersion
2017-05-18 13:26 - 2017-05-18 13:26 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-13 22:09 - 2017-05-13 22:19 - 00000000 ____D C:\Users\justin\Downloads\The Nice Guys 2016 (1080p x265 10bit Joy)
2017-05-13 22:07 - 2017-05-13 22:07 - 00000000 ____D C:\Users\justin\AppData\LocalLow\BitTorrent
2017-05-13 20:58 - 2017-04-27 19:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-13 20:58 - 2017-04-27 18:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-13 20:58 - 2017-04-27 18:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-13 20:58 - 2017-04-26 08:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-13 20:58 - 2017-04-17 09:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-13 20:58 - 2017-04-17 09:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-13 20:58 - 2017-04-17 09:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-13 20:58 - 2017-04-16 02:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-13 20:58 - 2017-04-16 02:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-13 20:58 - 2017-04-16 02:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-13 20:58 - 2017-04-16 02:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-13 20:58 - 2017-04-16 02:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-13 20:58 - 2017-04-16 01:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-13 20:58 - 2017-04-16 01:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-13 20:58 - 2017-04-16 01:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-13 20:58 - 2017-04-16 01:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-13 20:58 - 2017-04-16 01:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-13 20:58 - 2017-04-16 01:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-13 20:58 - 2017-04-16 01:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-13 20:58 - 2017-04-16 01:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-13 20:58 - 2017-04-16 00:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-13 20:58 - 2017-04-16 00:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-13 20:58 - 2017-04-16 00:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-13 20:58 - 2017-04-16 00:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-13 20:58 - 2017-04-12 09:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-13 20:58 - 2017-04-12 09:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-13 20:58 - 2017-04-07 09:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-13 20:58 - 2017-04-05 08:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-13 20:58 - 2017-04-04 09:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-13 20:58 - 2017-04-04 08:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-13 20:57 - 2017-04-27 19:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-13 20:57 - 2017-04-27 19:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-13 20:57 - 2017-04-27 19:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-13 20:57 - 2017-04-27 19:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-13 20:57 - 2017-04-27 19:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-13 20:57 - 2017-04-27 19:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 19:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-13 20:57 - 2017-04-27 18:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-13 20:57 - 2017-04-27 18:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-13 20:57 - 2017-04-27 18:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-13 20:57 - 2017-04-27 18:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-13 20:57 - 2017-04-27 18:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-13 20:57 - 2017-04-27 18:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-13 20:57 - 2017-04-27 18:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-13 20:57 - 2017-04-27 18:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-13 20:57 - 2017-04-27 18:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-13 20:57 - 2017-04-27 18:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-13 20:57 - 2017-04-27 18:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-13 20:57 - 2017-04-27 18:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-13 20:57 - 2017-04-27 18:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-13 20:57 - 2017-04-27 18:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-13 20:57 - 2017-04-27 18:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-13 20:57 - 2017-04-27 18:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-13 20:57 - 2017-04-27 18:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-13 20:57 - 2017-04-27 18:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-13 20:57 - 2017-04-21 09:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-13 20:57 - 2017-04-21 09:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-13 20:57 - 2017-04-19 18:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-13 20:57 - 2017-04-19 17:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-13 20:57 - 2017-04-17 09:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-13 20:57 - 2017-04-17 09:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-13 20:57 - 2017-04-17 09:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-13 20:57 - 2017-04-17 09:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-13 20:57 - 2017-04-17 09:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-13 20:57 - 2017-04-17 08:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-13 20:57 - 2017-04-16 03:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-13 20:57 - 2017-04-16 03:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-13 20:57 - 2017-04-16 02:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-13 20:57 - 2017-04-16 02:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-13 20:57 - 2017-04-16 02:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-13 20:57 - 2017-04-16 02:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-13 20:57 - 2017-04-16 02:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-13 20:57 - 2017-04-16 02:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-13 20:57 - 2017-04-16 02:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-13 20:57 - 2017-04-16 02:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-13 20:57 - 2017-04-16 02:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-13 20:57 - 2017-04-16 02:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-13 20:57 - 2017-04-16 02:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-13 20:57 - 2017-04-16 02:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-13 20:57 - 2017-04-16 02:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-13 20:57 - 2017-04-16 02:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-13 20:57 - 2017-04-16 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-13 20:57 - 2017-04-16 02:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-13 20:57 - 2017-04-16 02:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-13 20:57 - 2017-04-16 02:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-13 20:57 - 2017-04-16 02:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-13 20:57 - 2017-04-16 02:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-13 20:57 - 2017-04-16 02:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-13 20:57 - 2017-04-16 02:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-13 20:57 - 2017-04-16 02:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-13 20:57 - 2017-04-16 02:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-13 20:57 - 2017-04-16 01:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-13 20:57 - 2017-04-16 01:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-13 20:57 - 2017-04-16 01:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-13 20:57 - 2017-04-16 01:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-13 20:57 - 2017-04-16 01:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-13 20:57 - 2017-04-16 01:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-13 20:57 - 2017-04-16 01:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-13 20:57 - 2017-04-16 01:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-13 20:57 - 2017-04-16 01:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-13 20:57 - 2017-04-16 01:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-13 20:57 - 2017-04-16 01:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-13 20:57 - 2017-04-16 01:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-13 20:57 - 2017-04-16 01:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-13 20:57 - 2017-04-16 01:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-13 20:57 - 2017-04-16 01:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-13 20:57 - 2017-04-16 01:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-13 20:57 - 2017-04-16 01:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-13 20:57 - 2017-04-16 01:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-13 20:57 - 2017-04-16 01:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-13 20:57 - 2017-04-16 01:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-13 20:57 - 2017-04-16 01:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-13 20:57 - 2017-04-16 00:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-13 20:57 - 2017-04-16 00:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-13 20:57 - 2017-04-12 09:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-13 20:57 - 2017-04-12 09:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-13 20:57 - 2017-04-12 09:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-13 20:57 - 2017-04-12 09:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-13 20:57 - 2017-04-12 09:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-13 20:57 - 2017-04-12 09:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-13 20:57 - 2017-04-07 09:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-13 20:57 - 2017-04-07 09:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-13 20:57 - 2017-04-07 09:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-13 20:57 - 2017-04-07 09:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-13 20:57 - 2017-04-05 08:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-13 20:57 - 2017-04-05 08:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-13 20:57 - 2017-04-04 09:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-13 20:57 - 2017-04-04 09:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-13 20:57 - 2017-04-04 08:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-13 20:50 - 2017-05-13 20:51 - 00042706 _____ C:\Users\justin\Downloads\Addition.txt
2017-05-13 20:47 - 2017-05-13 20:51 - 00064770 _____ C:\Users\justin\Downloads\FRST.txt
2017-05-13 20:46 - 2017-05-18 13:33 - 02429952 _____ (Farbar) C:\Users\justin\Desktop\FRST64.exe
2017-05-13 20:42 - 2017-05-13 20:42 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-05-13 20:42 - 2017-05-09 23:33 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-12 22:47 - 2017-05-18 13:34 - 00014129 _____ C:\Users\justin\Desktop\FRST.txt
2017-05-12 22:47 - 2017-05-12 22:48 - 00042320 _____ C:\Users\justin\Desktop\Addition.txt
2017-05-12 22:46 - 2017-05-18 13:33 - 00000000 ____D C:\FRST
2017-05-12 22:45 - 2017-05-12 22:45 - 00000000 ____D C:\Users\justin\Desktop\needs to be sorted
2017-05-12 22:23 - 2017-05-13 21:45 - 00000000 ____D C:\AdwCleaner
2017-05-12 20:45 - 2017-05-12 20:46 - 00000000 ____D C:\temp
2017-05-11 01:10 - 2017-05-11 01:10 - 00003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2017-05-03 14:16 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-05-11 01:10 - 2017-05-03 14:16 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-05-11 01:10 - 2017-05-03 14:16 - 00048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-05-11 01:08 - 2017-05-11 01:08 - 86191168 _____ (NVIDIA Corporation) C:\Users\justin\Downloads\GeForce_Experience_v3.6.0.74.exe
2017-05-06 22:03 - 2017-05-06 22:03 - 00000471 _____ C:\Users\justin\Desktop\BootNTR.cia - Shortcut.lnk
2017-05-03 22:46 - 2017-05-03 22:46 - 06752896 _____ (ESET spol. s r.o.) C:\Users\justin\Downloads\esetonlinescanner_enu.exe
2017-05-03 22:46 - 2017-05-03 22:46 - 00000000 ____D C:\Users\justin\AppData\Local\ESET
2017-05-03 22:35 - 2017-05-03 22:35 - 00000000 ____D C:\Program Files\Defraggler
2017-05-01 20:09 - 2017-03-22 09:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-01 20:09 - 2017-03-22 09:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-05-01 20:09 - 2017-03-22 09:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-05-01 20:09 - 2017-03-22 09:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-05-01 20:09 - 2017-03-22 09:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-05-01 20:09 - 2017-03-22 09:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-05-01 20:09 - 2017-03-10 10:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-01 20:09 - 2017-03-10 10:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-05-01 20:09 - 2017-03-10 10:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-01 20:09 - 2017-03-10 10:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-05-01 20:09 - 2017-03-10 10:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-05-01 20:09 - 2017-03-10 09:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-01 20:09 - 2017-03-10 09:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-01 20:09 - 2017-03-10 09:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-01 20:09 - 2017-03-10 09:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-05-01 20:09 - 2017-03-09 10:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-01 20:09 - 2017-03-09 10:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-05-01 20:09 - 2017-03-07 10:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 10:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-05-01 20:09 - 2017-03-07 08:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-05-01 20:09 - 2017-03-03 19:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-05-01 20:09 - 2017-02-14 10:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-05-01 20:09 - 2017-02-14 10:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-05-01 20:09 - 2017-02-09 10:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-05-01 20:09 - 2017-02-09 10:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-05-01 20:09 - 2017-01-18 09:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-01 20:09 - 2016-03-23 16:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-18 13:34 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-18 13:32 - 2016-11-18 03:43 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-18 13:30 - 2009-07-13 23:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-18 13:30 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-05-18 13:28 - 2016-11-18 02:06 - 00000000 ____D C:\Users\justin\AppData\LocalLow\Mozilla
2017-05-18 13:22 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-17 00:49 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-17 00:49 - 2009-07-13 22:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-16 01:01 - 2009-07-13 22:45 - 00268392 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-16 00:58 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-16 00:46 - 2016-11-20 03:32 - 00773536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-16 00:41 - 2016-11-24 21:28 - 00000000 ____D C:\Windows\system32\MRT
2017-05-16 00:34 - 2016-11-24 21:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-16 00:24 - 2016-11-18 23:58 - 00000000 ____D C:\Users\justin\AppData\Roaming\BitTorrent
2017-05-16 00:22 - 2017-02-19 01:08 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-16 00:20 - 2017-01-24 16:48 - 00000000 ____D C:\Users\justin\AppData\Local\CrashDumps
2017-05-14 00:54 - 2016-11-22 04:31 - 00000000 ____D C:\Program Files\PeerBlock
2017-05-14 00:53 - 2016-12-02 22:53 - 00000000 ____D C:\Users\justin\AppData\Roaming\vlc
2017-05-13 22:20 - 2016-11-19 02:28 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-05-13 22:20 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\security
2017-05-13 22:19 - 2017-02-23 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-13 22:19 - 2017-01-26 18:14 - 00000000 ____D C:\Users\justin\Downloads\Metroid_Prime_Trilogy_USA_Wii-OneUp
2017-05-13 22:19 - 2016-12-22 22:33 - 00000000 ____D C:\Users\justin\Downloads\pcsx2-v1.5.0-dev-1739-g7aa554b-windows-x86
2017-05-13 22:19 - 2016-12-22 20:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-13 22:19 - 2016-12-09 02:13 - 00000000 ____D C:\Users\justin\Downloads\umg
2017-05-13 22:19 - 2016-11-18 03:22 - 00000000 ____D C:\Users\justin\Downloads\lan_W7
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-13 22:19 - 2016-11-18 02:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-13 22:19 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Help
2017-05-13 22:19 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-05-13 22:18 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2017-05-13 21:00 - 2016-11-19 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 21:00 - 2016-11-19 16:15 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-13 20:42 - 2016-11-19 02:28 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-13 20:36 - 2016-11-18 02:54 - 00000000 ____D C:\Users\justin
2017-05-11 01:11 - 2016-11-18 02:34 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-11 01:10 - 2016-12-14 23:58 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 01:10 - 2016-11-18 02:33 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-11 00:55 - 2016-11-18 02:16 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 00:55 - 2016-11-18 02:16 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 00:55 - 2016-11-18 02:16 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 00:55 - 2016-11-18 02:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 23:33 - 2016-11-19 02:28 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.149472975890102
2017-05-09 23:33 - 2016-11-19 02:28 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 23:33 - 2016-11-19 02:28 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-09 23:32 - 2017-02-19 01:08 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-09 23:32 - 2016-11-19 02:28 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 21:55 - 2016-11-18 02:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 14:11 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2017-05-03 22:51 - 2016-11-18 02:11 - 00000000 ____D C:\ProgramData\Oracle
2017-05-03 22:47 - 2017-01-16 17:47 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2017-05-03 22:37 - 2016-12-02 03:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-03 22:33 - 2016-11-18 02:15 - 00000000 ____D C:\Program Files\Java
2017-05-03 22:31 - 2016-11-18 02:15 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-05-03 14:16 - 2016-11-18 02:33 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-05-03 13:28 - 2016-12-14 23:58 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-03 09:41 - 2016-11-18 02:33 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-04-30 01:29 - 2016-11-19 16:14 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 01:29 - 2016-11-19 16:14 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-30 01:26 - 2016-12-02 03:25 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-30 01:26 - 2016-11-19 02:28 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149353735842807
2017-04-30 01:26 - 2016-11-19 02:28 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.149353735842807
2017-04-30 01:17 - 2016-11-18 03:00 - 00000000 ____D C:\Users\justin\AppData\Local\ElevatedDiagnostics
2017-04-30 01:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2016-12-27 02:44 - 2016-12-27 02:44 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-12-14 23:58 - 2017-01-19 16:38 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-14 23:58 - 2017-01-19 03:56 - 0007170 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-05 14:03

==================== End of FRST.txt ============================

Attached Files



#5 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 22 May 2017 - 10:16 AM

cloud4571:

 
:welcome: to the Bleeping Computer Virus, Trojans, Spyware, and Malware Removal Logs Forum.  My name is Phil.  May I address you by your first name?
 
First of all, I apologize for the lengthy wait you have had.  This Forum has been very busy the last week or so and there are only a limited number of qualified malware removal specialists volunteering their time here.
 
Second, I would appreciate it if you, from now on, copy and paste the contents of all log files that I request.  I know that the instructions say to attach the "Addition.txt" file, but I am able to analyze log files much more quickly when they are posted directly into the message reply box.  Please do not use "code" or "quote" boxes.  Thank you for your anticipated cooperation.
 
I will be assisting you with your computer issues.  I will endeavor to respond within a reasonable time, normally 48 hours after your last post.
 
I will need some time to review your FRST logs.  That could take a day or two.
 
PLEASE DO NOT RUN ANY ADDITIONAL SCANS OR ANTI-MALWARE REMOVAL TOOLS UNTIL YOU HAVE RECEIVED A RESPONSE FROM ME.
Doing so would complicate the situation and it would cause further delays in resolving your issues.  It could also potentially result in harm to your computer because my "fix" will be based on the FRST scan logs you have already submitted.
 
Thank you and have a great day.
 
Regards,
-Phil

Graduate of the Bleeping Computer Malware Removal Study Hall


#6 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 22 May 2017 - 11:45 AM

cloud4571:

Thank you for your patience while I analyzed your FRST logs.

Before we start dealing with the problems you are experiencing, I would ask that you to take note of the following points:

  • I am a Bleeping Computer volunteer, so I ask you to be patient. I know it is frustrating when your computer is not working properly, but malware removal takes time.
  • Please also remember that I can only dedicate a limited number of hours a day to helping people. We may live in different time zones, which may cause delays in responding.
  • If I have not responded to you within 48 hours, please send me a personal message. Likewise, I expect you to respond within 48 hours, and sooner is better because we can fix your computer faster.
  • If I have not heard from you in three days, I will "bump" your post. After five days of no response, I will consider that you no longer need my assistance and this thread will be closed.
  • Logs can take a while to research, so please be patient.
  • Some issues just cannot be solved so you must be prepared for this.
  • Please read and follow the instructions in the exact sequence that they are posted to avoid making a bad situation worse.
  • Please print or copy and save the instructions.
  • Back up all your data and important files on another (external) drive before starting to run malware removal tools.
  • You should try to limit your browsing with this computer until you are given the "All Clear." Some malware applications steal passwords.
  • Please do not install or uninstall any applications, unless directed. Don't run any scripts or tools on your own because unsupervised usage may cause more harm than good.
  • Please use only the tools you have been instructed to use.
  • If you are using CD/DVD emulation software, this should be uninstalled or disabled as it can interfere with the removal of some malware. It can be turned off with Defogger and then turned back on when you get the "All Clear."
  • Please copy and paste the requested log files inside your post(s), unless otherwise instructed. Please do not use code or quote boxes.
  • There are no silly questions. Ask for clarification, if you have any questions or concerns.
  • Bleeping Computer does not support any piracy. Evidence of illegal OS, software, cracks/keygens, etc., will be revealed by scan logs, and if found, further assistance may be suspended. Uninstall such software before proceeding!
  • Any P2P software such as uTorrent, BitTorrent, Kazaa, etc. must be uninstalled or completely disabled. P2P software is a major security risk to your computer and may have been the route the malware used to infect your computer.
  • Failure to follow these guidelines may result in assistance being withdrawn and your thread being closed.
  • I am volunteering my time to help you, and I will need you to help me. Together, we can, hopefully, disinfect your computer and get if functioning properly again. That is my only aim.

.

OK, let's get started ...

.


:step1: I would recommend that you remove the Avast SafePrice Google Chrome browser extension from your computer. For more information about why I am making this recommendation, please see this link.

.


:step2: In going over your logs I noticed that you have BitTorrent installed. Please consider the following advice to reduce the possibility of being infected when surfing the web.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

.


:step3: Please run a FRST fix for me.

NOTICE: This FRST "fixlist" script was written specifically for this user, for use on this individual computer. Running this on another computer may cause damage to your operating system.
 

Start::
CreateRestorePoint:
CloseProcesses:
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz140; \??\C:\Users\justin\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dump_wmimmc; \??\C:\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
End::
  • Please highlight the entire contents of the code box above, from the "Start::" line to the "End::" line, including both of those lines, right click, and select "Copy", which will copy the "fix" script into the Windows clipboard.
  • Right click FRST/FRST64.exe, and select "Run as Administrator".
  • Press Fix button once and wait.
  • Please reboot the computer, if requested.
  • A log file called "fixlog.txt" will be saved in the same folder as the FRST program is located.
  • Please copy and paste the contents of the "fixlog.txt" file into your next reply.

.


Thank you and have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#7 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 22 May 2017 - 01:19 PM

ok done if you dont mind me asking what was wrong with the cupz and the phantasystar

all tho its kinda weird that the cupz was in temp

 

no worries on the wait man take your time and yea np you can call me justin

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2017
Ran by justin (22-05-2017 13:10:21) Run:1
Running from C:\Users\justin\Desktop
Loaded Profiles: justin (Available Profiles: justin)
Boot Mode: Normal
==============================================

fixlist content:
*****************

CreateRestorePoint:
CloseProcesses:
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz140; \??\C:\Users\justin\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S3 dump_wmimmc; \??\C:\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully
HKLM\System\CurrentControlSet\Services\cpuz140 => key removed successfully
cpuz140 => service removed successfully
HKLM\System\CurrentControlSet\Services\dump_wmimmc => key removed successfully
dump_wmimmc => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully
VGPU => service removed successfully


The system needed a reboot.

==== End of Fixlog 13:10:50 ====


Edited by cloud4571, 22 May 2017 - 01:21 PM.


#8 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 23 May 2017 - 07:23 AM

cloud4571:
 
Thank you for your FRST fixlog script.  The CPUZ and Phantasystar entries in the FRST log indicated that the files themselves were not located, so I just took out what appeared orphaned registry entries.  If that is not so, and FRST is not perfect, let me know and I will restore those registry keys.
 
I want to run some more standard anti-malware scans.  The FRST logs are not showing any signs of malware, but, as I said, FRST does not detect everything.
 
 
.
 
 
:step1: ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

  • Download esetsmartinstaller_enu.exe and save it to your Desktop.
  • Double click the icon.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Then select: "Enable detection of potentially unwanted applications" - Yes.
  • Click Advanced settings.
  • Check the following items.

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Change next to Current scan targets:
  • Place a check mark in any additional drive you wish to scan then click OK.
  • Click Start.
  • ESET will then download updates and begin scanning your computer.
  • If no threats are found simply click Uninstall application on close and hit Finish.
  • If threats are found click List of found threats.
  • Click Export to text file.
  • Save the file on your Desktop as ESET.txt.
  • Click Back.
  • Check Uninstall application on close and Delete quarantined files.
  • Click Finish.
  • Close the ESET Online Scanner window.
  • Copy and paste the contents of ESET.txt into your reply, if any threats were detected.

Don't forget to re-enable your antivirus when finished!

.


:step2: Please uninstall your old version of Malwarebytes. It is recommended that you use the MB_Clean utility. Please save your licence key if this is a paid version, and deactivate the paid version before uninstalling it, so that the new version can be reactivated.

Then please run a Malwarebytes Anti-Malware scan for me, using the latest Version 3 of the product.

  • Please download Malwarebytes to your Desktop.
  • Double-click mb3-setup-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Next, please go to "Settings", "Protection", and turn on "Scan for rootkits", if it is not "On."
  • Ensure that under "Potential Threat Protetion", both switches are set to "Always Detect PUPs/PUMs (recommended).
  • Then scroll to the bottom of that page and ensure that "Automatic Quarantine" is turned "On."
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If an update of the definitions is available, it will be downloaded and installed before the scan commences.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

The Scan log is available through History ->Application logs. Please copy and paste the contents of the log into your next reply.

.


Thank you and have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#9 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 26 May 2017 - 03:34 AM

sorry for the wait here is the log

eset came up blank also im kinda wondering if its a driver or something of the sort.

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/26/17
Scan Time: 3:20 AM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.2025
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: justin-PC\justin

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311291
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 6 min, 11 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)



#10 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 26 May 2017 - 09:41 AM

Justin:

Thank you for running the scans and for the Malwarebytes log. Thank you also for permission to address you by your first name.

OK, before we start looking at the integrity of Windows, let's just run a couple of more standard anti-malware scans to eliminate malware as the possible cause of your issues.


.


:step1: Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait for it to complete the update.
  • Click on I Agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

.


:step2: Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please copy and paste the contents of JRT.txt into your next message.

.


Thank you and have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#11 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 26 May 2017 - 01:01 PM

not sure if you need this but this is the log file before i came here after i cleaned this but computer had trouble startiing and had to system restore

# AdwCleaner v6.046 - Logfile created 12/05/2017 at 22:26:28
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-12.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : justin - JUSTIN-PC
# Running from : C:\Users\justin\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Users\justin\AppData\Local\Mail.Ru
Folder Found:  C:\ProgramData\Mail.Ru
Folder Found:  C:\ProgramData\Application Data\Mail.Ru


***** [ Files ] *****

File Found:  C:\Users\justin\Favorites\Mail.Ru.url
File Found:  C:\Users\justin\Favorites\Mail.Ru Агент - используй для общения!.url


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKU\S-1-5-21-3067796610-4195750952-715676276-1000\Software\SoftSuma
Key Found:  HKCU\Software\SoftSuma
Key Found:  [x64] HKCU\Software\SoftSuma


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found:  [C:\Users\justin\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1533 Bytes] - [12/05/2017 22:26:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1606 Bytes] ##########
 

 

 

 

 

here is the new one

# AdwCleaner v6.047 - Logfile created 26/05/2017 at 12:58:01
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-26.6 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : justin - JUSTIN-PC
# Running from : C:\Users\justin\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKU\S-1-5-21-3067796610-4195750952-715676276-1000\Software\SoftSuma
Key Found:  HKCU\Software\SoftSuma
Key Found:  [x64] HKCU\Software\SoftSuma


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1754 Bytes] - [12/05/2017 23:26:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [1689 Bytes] - [12/05/2017 23:26:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [1269 Bytes] - [26/05/2017 12:58:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1342 Bytes] ##########
 



#12 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 26 May 2017 - 01:12 PM

i closed the jrt notepad and cant find the file



#13 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 26 May 2017 - 02:31 PM

Justin:
 
The JRT.txt log file should be in the folder from which it was run.  If you can't find it, it is no real issue.  Unlike an AdwCleaner scan, JRT removes what it finds immediately, so don't waste time trying to find the log file.  Sometimes, programs and computers have "hiccups"! :)

.

 
:step1: With the AdwCleaner, please have it scan again, and once the scan is complete, select the "Clean" option to remove the small number of insignificant detections.

.

:step2: Please run an System File Checker (SFC) scan to assess the integrity of the Windows file system.

  • Click on the "Start" button.
  • In the "search" box at the bottom, type cmd.
  • Look for Cmd.exe to appear at the top of the menu.
  • Right-click on cmd.exe and choose Run As Administrator.
  • Type sfc /scannow. Ensure that there is a space between "sfc" and "/scannow"
  • The scan will start and may take from 20 minutes to an hour to run.
  • Please report the results from the System File Checker in your next post. Does it report "No Resource Integrity Violations Found", "Errors Repaired", or "Unable to Repair", or words to that effect?

If SFC reports uncorrectable errors, please immediately navigate to the folder: C:\Windows\Logs\CBS, locate the file "CBS.log", and copy, not move it, to your Desktop. That file is "volatile", so we need to ensure that it is not overwritten with new results.

.

:step3: I want to have a look at the configuration of your computer. No personal information is revealed.

Please download the free version of the Piriform Speccy program by clicking on this link.

  • Navigate to your Downloads folder and install Speccy.
  • Next, launch Speccy and wait for it to populate with your computer system information.
  • Once it has completed its scan, please go to the "File" menu, at the top left, and select "Publish Snapshot...".
  • When the publishing has completed, you will be provided with a unique URL; please select the option "Copy to Clipboard".
  • Exit Speccy.
  • Open Notepad and use Ctrl-V to paste the Speccy URL into a .txt file, with a name of your choosing, in case it is needed again.

Please paste the Speccy URL into your next reply so that I can view the details of your computer system.

.


Thank you and have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall


#14 cloud4571

cloud4571
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 28 May 2017 - 04:14 AM

http://speccy.piriform.com/results/xxH77FNp0MzqnVkKXWGJolB

 

ok cleaned with adw and the sfc check came up clean


Edited by cloud4571, 28 May 2017 - 04:15 AM.


#15 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:08:02 PM

Posted 28 May 2017 - 05:33 AM

Justin:

 

Thank you for running the scans that I requested.  I checked your Speccy report and it looks good.

 

Is your computer running better now; or, should we run some additional scans?

 

Please let me know.  If there are still issues, I would like you to provide as much detail as possible about programs are running (or trying to run) when you encounter the lagging issues, any possible error messages, etc.  This will help me to further troubleshoot what might be causing your issues.

 

Thank you and have a great day.

 

Regards,

-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users