Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep seeing pop-ups and links are redirected


  • This topic is locked This topic is locked
34 replies to this topic

#1 Kerox

Kerox

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 11 August 2017 - 09:34 AM

I scanned with MWBytes but it didn't detect anything,then I scanned with ADWRemover and it deleted some files,then the same with some Adware removal tool by TSA and IObit malware fighter. Even after I deleted the infected files,when I boot up I still get random pop-ups and sometimes my searches are redirected with yahoo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
Ran by PC ALIN (administrator) on ALIN (11-08-2017 17:19:10)
Running from C:\Users\PC ALIN\Downloads
Loaded Profiles: PC ALIN (Available Profiles: PC ALIN)
Platform: Windows 10 Pro Version 1703 (X64) Language: Romanian (Romania)
Internet Explorer Version 11 (Default browser: "C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Flux Software LLC) C:\Users\PC ALIN\AppData\Local\FluxSoftware\Flux\flux.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5780256 2017-07-20] (IObit)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] ()
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [f.lux] => C:\Users\PC ALIN\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2017-08-04] (BitTorrent, Inc.)
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3261217118-1789687074-152833201-1001] => hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 95.77.94.88 78.96.7.88
Tcpip\..\Interfaces\{6d614e18-8e7b-4366-b4c1-cc15b6a7ed0a}: [DhcpNameServer] 95.77.94.88 78.96.7.88
Tcpip\..\Interfaces\{a7aa6abb-7e05-4afd-908a-144dde693cb3}: [DhcpNameServer] 95.77.94.88 78.96.7.88
ManualProxies: 0hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default [2017-08-10]
CHR Extension: (Google Slides) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-04]
CHR Extension: (Google Docs) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-04]
CHR Extension: (Google Drive) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-04]
CHR Extension: (YouTube) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-04]
CHR Extension: (Adblock Plus) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-04]
CHR Extension: (Google Sheets) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-04]
CHR Extension: (Gmail) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1768736 2017-07-18] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-06-16] (Razer Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-08-07] (Realtek Semiconductor)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-07-27] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2017-05-04] (Qualcomm Atheros Communications, Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2017-05-27] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [270912 2015-12-27] (DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-10-01] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-10-01] (Disc Soft Ltd)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [259880 2017-06-23] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-06-23] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-07] (REALiX™)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2017-05-04] (Intel Corporation)
S3 iaLPSS_I2C; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation)
S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-06] (IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-16] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34080 2017-06-18] (IObit.com)
R1 MpKsl262fdb68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841F54D1-5631-4968-BD15-41136C98EEBE}\MpKsl262fdb68.sys [44928 2017-08-11] (Microsoft Corporation)
R1 MpKslb2a35b99; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B89904E-36DE-445E-A9FB-263AB58B9A59}\MpKslb2a35b99.sys [44928 2017-08-10] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26744 2017-05-03] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [22880 2013-11-30] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [23608 2014-01-13] (Christian Gulden)
S3 qcusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [242688 2016-08-30] (QUALCOMM Incorporated)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-16] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-24] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-05-04] (Realsil Semiconductor Corporation)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [214832 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [66136 2017-02-16] (Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-11 17:19 - 2017-08-11 17:20 - 000016368 _____ C:\Users\PC ALIN\Downloads\FRST.txt
2017-08-11 17:15 - 2017-08-11 17:19 - 000000000 ____D C:\FRST
2017-08-11 17:15 - 2017-08-11 17:15 - 002381824 _____ (Farbar) C:\Users\PC ALIN\Downloads\FRST64.exe
2017-08-10 15:24 - 2017-06-23 03:51 - 000259880 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2017-08-10 15:23 - 2017-06-07 05:04 - 000950160 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2017-08-10 14:08 - 2017-08-10 14:08 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\QuickScan
2017-08-10 14:06 - 2017-08-10 14:06 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-08-10 14:04 - 2017-08-11 11:14 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-08-10 14:02 - 2017-08-10 14:02 - 009932672 _____ C:\Users\PC ALIN\Downloads\bitdefender_online.exe
2017-08-10 13:59 - 2017-08-10 13:59 - 046661328 _____ (Microsoft Corporation) C:\Users\PC ALIN\Downloads\Windows-KB890830-x64-V5.51.exe
2017-08-09 19:00 - 2017-08-09 19:00 - 000002117 _____ C:\Users\PC ALIN\Desktop\FL Studio 12 (64bit).lnk
2017-08-09 19:00 - 2017-08-09 19:00 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2017-08-09 18:41 - 2017-08-09 18:41 - 000012693 _____ C:\Users\PC ALIN\Downloads\Image-Line.Software.FL.Studio.Producer.Edition.v12.2.3.Incl.KeyMaker-DVT.torrent
2017-08-09 18:33 - 2017-08-09 18:33 - 000002101 _____ C:\Users\Public\Desktop\FL Studio 12.lnk
2017-08-09 18:18 - 2017-08-09 18:19 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6CBE61BC.sys
2017-08-09 15:16 - 2017-08-09 15:16 - 000000000 ____D C:\Users\PC ALIN\Downloads\Bazzooka - Trotineta Cu Trei Roti ( Album CD Original ) (www.RadioBlueEnerGy.Ro)
2017-08-09 15:13 - 2017-08-09 15:14 - 064442921 _____ C:\Users\PC ALIN\Downloads\Bazzooka - Trotineta Cu Trei Roti ( Album CD Original ) (www.RadioBlueEnerGy.Ro).zip
2017-08-09 13:25 - 2017-08-09 13:26 - 000000132 _____ C:\Users\PC ALIN\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-08-09 13:21 - 2017-08-09 13:21 - 000001796 _____ C:\Users\PC ALIN\Desktop\Photoshop.lnk
2017-08-09 13:21 - 2017-08-09 13:21 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\NVIDIA
2017-08-09 13:18 - 2017-08-09 13:20 - 000000000 ____D C:\Program Files\Adobe
2017-08-09 13:14 - 2017-08-09 13:18 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-09 13:11 - 2017-08-09 13:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-09 13:03 - 2017-08-09 13:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Macromedia
2017-08-09 12:30 - 2017-08-01 05:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 12:30 - 2017-08-01 05:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 12:30 - 2017-08-01 05:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 12:30 - 2017-08-01 05:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 12:30 - 2017-08-01 05:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 12:30 - 2017-08-01 05:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 12:30 - 2017-08-01 05:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 12:30 - 2017-08-01 05:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 12:30 - 2017-08-01 05:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 12:30 - 2017-08-01 05:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 12:30 - 2017-08-01 05:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 12:30 - 2017-08-01 05:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 12:30 - 2017-08-01 05:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 12:30 - 2017-08-01 05:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 12:30 - 2017-08-01 05:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 12:30 - 2017-08-01 05:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 12:30 - 2017-08-01 05:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 12:30 - 2017-08-01 05:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 12:30 - 2017-08-01 05:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 12:30 - 2017-08-01 05:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 12:30 - 2017-08-01 05:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 12:30 - 2017-08-01 05:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 12:30 - 2017-08-01 05:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 12:30 - 2017-08-01 05:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 12:30 - 2017-08-01 05:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 12:30 - 2017-08-01 05:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 12:30 - 2017-08-01 05:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 12:30 - 2017-08-01 05:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 12:30 - 2017-08-01 05:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 12:30 - 2017-08-01 05:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 12:30 - 2017-08-01 05:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 12:30 - 2017-08-01 05:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 12:30 - 2017-08-01 05:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 12:30 - 2017-08-01 05:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 12:30 - 2017-08-01 05:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 12:30 - 2017-08-01 05:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 12:30 - 2017-08-01 05:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 12:30 - 2017-08-01 05:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 12:30 - 2017-08-01 05:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 12:30 - 2017-08-01 05:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 12:30 - 2017-08-01 05:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 12:30 - 2017-08-01 05:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 12:30 - 2017-08-01 05:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 12:30 - 2017-08-01 05:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 12:30 - 2017-08-01 05:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 12:30 - 2017-08-01 05:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 12:30 - 2017-08-01 05:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 12:30 - 2017-08-01 05:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 12:30 - 2017-08-01 05:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 12:30 - 2017-08-01 05:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 12:30 - 2017-08-01 05:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 12:30 - 2017-08-01 04:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 12:30 - 2017-08-01 04:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 12:30 - 2017-08-01 04:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 12:30 - 2017-08-01 04:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 12:30 - 2017-08-01 04:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 12:30 - 2017-08-01 04:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 12:30 - 2017-08-01 04:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 12:30 - 2017-08-01 04:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 12:30 - 2017-08-01 04:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 12:30 - 2017-08-01 04:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-08-09 12:30 - 2017-08-01 04:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 12:30 - 2017-08-01 04:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 12:30 - 2017-08-01 04:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 12:30 - 2017-08-01 04:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 12:30 - 2017-08-01 04:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 12:30 - 2017-08-01 04:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 12:30 - 2017-08-01 04:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 12:30 - 2017-08-01 04:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 12:30 - 2017-08-01 04:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 12:30 - 2017-08-01 04:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 12:30 - 2017-08-01 04:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 12:30 - 2017-08-01 04:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 12:30 - 2017-08-01 04:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 12:30 - 2017-08-01 04:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 12:30 - 2017-08-01 04:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 12:30 - 2017-08-01 04:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 12:30 - 2017-08-01 04:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 12:30 - 2017-08-01 04:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 12:30 - 2017-08-01 04:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 12:30 - 2017-08-01 04:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 12:30 - 2017-08-01 04:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 12:30 - 2017-08-01 04:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 12:30 - 2017-08-01 04:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 12:30 - 2017-08-01 04:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 12:30 - 2017-08-01 04:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 12:30 - 2017-08-01 04:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 12:30 - 2017-08-01 04:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 12:30 - 2017-08-01 04:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 12:30 - 2017-08-01 04:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 12:30 - 2017-08-01 04:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 12:30 - 2017-08-01 04:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 12:30 - 2017-08-01 04:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 12:30 - 2017-08-01 04:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 12:30 - 2017-08-01 04:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 12:30 - 2017-08-01 04:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 12:30 - 2017-08-01 01:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 21:25 - 2017-08-10 22:46 - 000000000 ____D C:\Users\PC ALIN\Desktop\FL P
2017-08-08 19:40 - 2017-08-08 19:40 - 000001207 _____ C:\Users\PC ALIN\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2017-08-08 19:40 - 2017-08-08 19:40 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-08-08 19:26 - 2017-08-08 19:26 - 000000000 ____D C:\Program Files\Common Files\VST2
2017-08-08 19:26 - 2017-08-08 19:26 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2017-08-08 19:24 - 2017-08-08 19:24 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Image-Line
2017-08-08 19:24 - 2017-08-08 19:24 - 000000000 ____D C:\Program Files\Image-Line
2017-08-08 19:12 - 2017-08-08 19:41 - 000000000 ____D C:\Program Files (x86)\Image-Line
2017-08-08 19:07 - 2017-08-08 19:07 - 000027899 _____ C:\Users\PC ALIN\Downloads\Image-Line.FL.Studio.Producer.Edition.v12.5.0.59.Incl.Patch.and.Keygen-R2R.torrent
2017-08-08 19:05 - 2017-08-08 19:05 - 000006657 _____ C:\Users\PC ALIN\Downloads\Lynda.Up.And.Running.With.FL.Studio.TUTORiAL-ALTAiR.torrent
2017-08-08 15:07 - 2017-08-08 15:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\ElevatedDiagnostics
2017-08-07 23:58 - 2017-08-08 20:19 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\vlc
2017-08-07 23:53 - 2017-08-07 23:53 - 000000496 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-08-07 12:00 - 2017-08-07 12:00 - 000002486 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_PC_ALIN
2017-08-07 12:00 - 2017-08-07 12:00 - 000000292 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_PC_ALIN.job
2017-08-07 11:30 - 2017-08-07 11:30 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 003203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 002201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 001353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000164424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkXInterface64.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-07 11:30 - 2017-08-07 11:30 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-07 11:29 - 2017-08-07 11:29 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCORES64.dat
2017-08-07 11:29 - 2017-08-07 11:29 - 009124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-07 11:29 - 2017-08-07 11:29 - 003014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-07 11:28 - 2017-03-17 00:57 - 000044096 _____ (IObit.com) C:\WINDOWS\system32\Drivers\IMFCameraProtect.sys
2017-08-07 11:27 - 2017-08-07 11:27 - 000001246 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2017-08-07 11:25 - 2017-08-07 11:25 - 000000000 ____D C:\WINDOWS\IObit
2017-08-07 11:24 - 2017-08-10 13:28 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\IObit
2017-08-07 11:24 - 2017-08-10 12:36 - 000003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC ALIN)
2017-08-07 11:24 - 2017-08-07 12:02 - 000000000 ____D C:\Program Files (x86)\IObit
2017-08-07 11:24 - 2017-08-07 11:33 - 000002351 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-08-07 11:24 - 2017-08-07 11:24 - 000027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-08-07 11:04 - 2017-08-07 11:04 - 000031672 _____ C:\Users\PC ALIN\Downloads\Game.of.Thrones.S07E04.The.Spoils.of.War.1080p.AMZN.WEB-DL.DDP5.1.H.264-GoT.torrent
2017-08-07 11:04 - 2017-08-07 11:04 - 000000000 ____D C:\Users\PC ALIN\Downloads\IObit.Driver.Booster.4.PRO.v4.5.0.527.Incl.Keygen-AMPED
2017-08-07 11:03 - 2017-08-07 11:03 - 000000957 _____ C:\Users\PC ALIN\Downloads\IObit.Driver.Booster.4.PRO.v4.5.0.527.Incl.Keygen-AMPED.torrent
2017-08-06 19:55 - 2017-08-10 13:34 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-08-06 19:55 - 2017-08-06 19:55 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-08-06 19:54 - 2017-08-06 19:54 - 000752296 _____ C:\Users\PC ALIN\Downloads\Adware Removal Tool by TSA.exe
2017-08-06 19:47 - 2017-08-06 19:47 - 004049016 _____ (Google) C:\Users\PC ALIN\Downloads\chrome_cleanup_tool.exe
2017-08-06 13:29 - 2017-08-06 13:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-08-06 10:29 - 2017-08-06 10:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\PackageStaging
2017-08-05 18:17 - 2017-08-05 18:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-05 18:17 - 2017-08-05 18:17 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-08-05 18:14 - 2017-08-05 18:14 - 010653973 _____ C:\Users\PC ALIN\Downloads\0021-Install_Win10_10019_07252017.zip
2017-08-05 18:14 - 2017-08-05 18:14 - 000000000 ____D C:\Users\PC ALIN\Downloads\0021-Install_Win10_10019_07252017
2017-08-05 18:11 - 2017-08-05 18:11 - 000000000 ____D C:\Users\PC ALIN\Downloads\DriversCloudx64_10_0_4_0
2017-08-05 18:09 - 2017-08-05 18:10 - 010016794 _____ C:\Users\PC ALIN\Downloads\DriversCloudx64_10_0_4_0.zip
2017-08-05 14:31 - 2017-08-07 23:25 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\CrashDumps
2017-08-05 14:05 - 2017-08-05 14:05 - 030268992 _____ (Totem Entertainment ) C:\Users\PC ALIN\Downloads\setup-istripper_XDd5TVyZTRNLlMA.exe
2017-08-05 14:02 - 2017-08-10 12:16 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Adobe
2017-08-05 14:02 - 2017-08-05 14:02 - 000004572 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-08-05 13:50 - 2017-08-05 13:52 - 000462536 _____ C:\Users\PC ALIN\Downloads\MetArt.Network.January-July.2017.1080p.WEB-DL.AAC2.0.H.264-ForeverAloneDude.torrent
2017-08-05 13:48 - 2017-08-05 13:48 - 000462536 _____ C:\Users\PC ALIN\Downloads\2FEE.tmp
2017-08-05 13:44 - 2017-08-11 11:20 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-05 13:44 - 2017-08-11 11:13 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-05 13:44 - 2017-08-11 11:13 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-05 13:44 - 2017-08-11 11:13 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-05 13:44 - 2017-08-10 18:27 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-08-05 13:43 - 2017-08-05 13:43 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-08-05 13:43 - 2017-08-05 13:43 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-05 13:43 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-05 13:06 - 2017-08-05 13:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-05 13:06 - 2017-03-11 00:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-08-05 13:06 - 2017-03-11 00:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-08-05 13:06 - 2017-03-11 00:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-08-05 13:06 - 2017-03-11 00:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-08-05 12:58 - 2017-07-19 03:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-05 12:58 - 2017-07-19 03:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-08-05 12:58 - 2017-07-19 03:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-08-05 12:46 - 2017-08-05 19:44 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\NVIDIA Corporation
2017-08-05 12:46 - 2017-08-05 12:46 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-05 12:46 - 2017-08-05 12:46 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\NVIDIA
2017-08-05 12:46 - 2017-07-26 20:06 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-08-05 12:46 - 2017-07-26 20:06 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-08-05 12:46 - 2017-07-26 20:06 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-08-05 12:45 - 2017-08-05 12:45 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-08-05 12:45 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-05 12:45 - 2017-07-26 20:06 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-08-05 12:45 - 2017-07-26 20:06 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-08-05 12:45 - 2017-07-26 20:06 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-08-05 12:45 - 2017-07-26 20:05 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-08-05 12:45 - 2017-07-26 20:05 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-08-05 12:45 - 2017-07-26 16:40 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-08-05 12:45 - 2017-07-19 03:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-08-05 12:37 - 2017-08-05 12:38 - 089914048 _____ (NVIDIA Corporation) C:\Users\PC ALIN\Downloads\GeForce_Experience_v3.8.0.89.exe
2017-08-05 12:20 - 2017-08-05 12:20 - 000000199 _____ C:\Users\PC ALIN\Desktop\Dota 2.url
2017-08-05 12:18 - 2017-08-05 12:18 - 000000529 _____ C:\Users\PC ALIN\Desktop\Steam.lnk
2017-08-05 12:18 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-08-05 12:18 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-08-05 12:18 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-08-05 12:18 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-08-05 12:18 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-08-05 12:18 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-08-05 12:18 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-08-05 12:18 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-08-05 12:18 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-08-05 12:18 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-08-05 12:18 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-08-05 12:18 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-08-05 12:18 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-08-05 12:18 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-08-05 12:18 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-08-05 12:18 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-08-05 12:18 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-08-05 12:18 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-08-05 12:18 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-08-05 12:18 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-08-05 12:18 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-08-05 12:18 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-08-05 12:18 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-08-05 12:18 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-08-05 12:18 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-08-05 12:18 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-08-05 12:18 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-08-05 12:18 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-08-05 12:18 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-08-05 12:18 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-08-05 12:18 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-08-05 12:18 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-08-05 12:18 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-08-05 12:18 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-08-05 12:18 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-08-05 12:18 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-08-05 12:18 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-08-05 12:18 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-08-05 12:18 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-08-05 12:18 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-08-05 12:18 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-08-05 12:18 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-08-05 12:18 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-08-05 12:18 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-08-05 12:18 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-08-05 12:18 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-08-05 12:18 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-08-05 12:18 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-08-05 12:18 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-08-05 12:18 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-08-05 12:18 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-08-05 12:18 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-08-05 12:18 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-08-05 12:18 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-08-05 12:18 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-08-05 12:18 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-08-05 12:18 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-08-05 12:18 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-08-05 12:17 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-08-05 12:17 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-08-05 12:17 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-08-05 12:17 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-08-05 12:17 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-08-05 12:17 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-08-05 12:17 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-08-05 12:17 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-08-05 12:17 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-08-05 12:17 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-08-05 12:17 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-08-05 12:17 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-08-05 12:17 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-08-05 12:17 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-08-05 12:17 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-08-05 12:17 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-08-05 12:17 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-08-05 12:17 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-08-05 12:17 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-08-05 12:17 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-08-05 12:17 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-08-05 12:17 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-08-05 12:17 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-08-05 12:17 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-08-05 12:17 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-08-05 12:17 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-08-05 12:17 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-08-05 12:17 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-08-05 12:17 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-08-05 12:17 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-08-05 12:17 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-08-05 12:17 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-08-05 12:17 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-08-05 12:17 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-08-05 12:17 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-08-05 12:17 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-08-05 12:17 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-08-05 12:17 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-08-05 12:17 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-08-05 12:17 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-08-05 12:17 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-08-05 12:17 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-08-05 12:17 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-08-05 12:17 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-08-05 12:17 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-08-05 12:17 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-08-05 12:17 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-08-05 12:17 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-08-05 12:17 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-08-05 12:17 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-08-05 12:17 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-08-05 12:17 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-08-05 12:03 - 2017-08-11 11:38 - 000000637 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-08-05 12:01 - 2017-08-05 12:02 - 032529256 _____ (Riot Games) C:\Users\PC ALIN\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe
2017-08-04 23:50 - 2017-08-04 23:50 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\PeerDistRepub
2017-08-04 23:47 - 2017-08-10 14:09 - 000000000 ____D C:\AdwCleaner
2017-08-04 23:46 - 2017-08-04 23:47 - 008185288 _____ (Malwarebytes) C:\Users\PC ALIN\Downloads\adwcleaner_7.0.1.0.exe
2017-08-04 23:35 - 2017-08-04 23:35 - 000010741 _____ C:\Users\PC ALIN\Downloads\SpyHunter_v4.22.8.4668_Portable_by_MaSTeR.torrent
2017-08-04 21:48 - 2017-08-04 21:48 - 000000000 _____ C:\autoexec.bat
2017-08-04 21:45 - 2017-08-04 21:45 - 002755584 _____ C:\Users\PC ALIN\Downloads\SH-Alt-Install.exe
2017-08-04 21:28 - 2017-08-04 21:28 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-04 21:28 - 2017-08-04 21:28 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-04 21:28 - 2017-08-04 21:28 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-04 21:27 - 2017-08-06 19:47 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Google
2017-08-04 21:27 - 2017-08-04 21:28 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-04 21:27 - 2017-08-04 21:27 - 001130328 _____ (Google Inc.) C:\Users\PC ALIN\Downloads\ChromeSetup (1).exe
2017-08-04 20:42 - 2017-08-04 20:42 - 065033984 _____ (Malwarebytes ) C:\Users\PC ALIN\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-08-04 17:57 - 2017-08-04 17:57 - 000003028 _____ C:\WINDOWS\System32\Tasks\bandicam_start
2017-08-04 17:56 - 2017-08-04 18:06 - 000000000 ____D C:\Program Files (x86)\Bandicam
2017-08-04 17:56 - 2017-08-04 17:56 - 000001057 _____ C:\Users\Public\Desktop\Bandicam.lnk
2017-08-04 17:54 - 2017-08-04 17:54 - 000000000 ____D C:\Users\PC ALIN\Downloads\Bandicam 3.3.0.1175 + Keygen
2017-08-04 17:49 - 2017-08-04 17:49 - 000868352 _____ C:\Users\PC ALIN\Downloads\Bandicam_3.3.3.1209_Crack_Full_Version.iso
2017-08-04 17:42 - 2017-08-04 17:42 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Razer
2017-08-04 17:15 - 2017-08-04 17:56 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-08-04 17:13 - 2017-08-04 17:13 - 000000000 ____D C:\Users\PC ALIN\Downloads\Bandicam.v3.2.5.1125.Keygen-80d-FiLELiST
2017-08-04 17:08 - 2017-07-18 18:21 - 000139704 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2017-08-04 17:06 - 2017-08-04 17:07 - 000000000 ____D C:\Program Files (x86)\Razer
2017-08-04 17:06 - 2017-08-04 17:06 - 000001354 _____ C:\Users\PC ALIN\Desktop\Razer Cortex.lnk
2017-08-04 16:55 - 2017-08-04 16:56 - 161537848 _____ (Razer Inc. ) C:\Users\PC ALIN\Downloads\RazerCortexSetup_8.2.14.487.exe
2017-08-04 16:33 - 2017-08-04 16:33 - 001398143 _____ (Igor Pavlov) C:\Users\PC ALIN\Downloads\7z1700-x64.exe
2017-08-04 16:33 - 2017-08-04 16:33 - 000000000 ____D C:\Program Files\7-Zip
2017-08-04 16:20 - 2017-08-08 20:17 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-08-04 16:20 - 2017-08-04 16:20 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-08-04 16:19 - 2017-08-11 13:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Skype
2017-08-04 16:19 - 2017-08-04 16:19 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-08-04 16:17 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-08-04 16:17 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-08-04 16:17 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-08-04 16:17 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-08-04 16:17 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-08-04 16:15 - 2017-08-05 12:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Riot Games
2017-08-04 16:03 - 2017-08-04 16:09 - 000001012 _____ C:\Users\Public\Desktop\µTorrent.lnk
2017-08-04 16:02 - 2017-08-11 17:20 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\uTorrent
2017-08-04 16:02 - 2017-08-04 16:09 - 000000000 ____D C:\Program Files (x86)\uTorrent
2017-08-04 15:59 - 2017-08-04 16:00 - 000399224 _____ (BitTorrent, Inc.) C:\Users\PC ALIN\Downloads\utorrent_2.2.1.exe
2017-08-04 15:52 - 2017-08-04 15:52 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Steam
2017-08-04 15:49 - 2017-08-04 15:49 - 001446792 _____ C:\Users\PC ALIN\Downloads\SteamSetup.exe
2017-08-04 15:43 - 2017-08-04 15:12 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-04 15:40 - 2017-08-06 16:06 - 000000000 ____D C:\Windows.old
2017-08-04 15:40 - 2017-08-04 15:41 - 000000000 ____D C:\WINDOWS\InfusedApps
2017-08-04 15:40 - 2017-08-04 14:42 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-08-04 15:39 - 2017-08-04 15:39 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\Program Files\Dell
2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\Program Files\Alienware
2017-08-04 15:37 - 2017-08-10 14:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-04 15:37 - 2017-08-09 12:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-04 15:37 - 2017-08-04 15:37 - 000000000 ____D C:\Program Files\Synaptics
2017-08-04 15:35 - 2017-07-28 08:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-04 15:35 - 2017-07-28 08:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-04 15:35 - 2017-07-28 08:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-04 15:35 - 2017-07-28 08:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-04 15:35 - 2017-07-28 08:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-04 15:35 - 2017-07-28 08:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-04 15:35 - 2017-07-28 08:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-04 15:35 - 2017-07-28 08:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-04 15:35 - 2017-07-28 08:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-04 15:35 - 2017-07-28 08:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-04 15:35 - 2017-07-28 08:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-04 15:35 - 2017-07-28 08:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-04 15:35 - 2017-07-28 08:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-04 15:35 - 2017-07-28 08:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-04 15:35 - 2017-07-28 08:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-04 15:35 - 2017-07-28 08:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-04 15:35 - 2017-07-28 08:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-04 15:35 - 2017-07-28 08:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-04 15:35 - 2017-07-28 08:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-04 15:35 - 2017-07-28 08:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-04 15:35 - 2017-07-28 08:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-04 15:35 - 2017-07-28 08:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-04 15:35 - 2017-07-28 07:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-04 15:35 - 2017-07-28 07:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-04 15:35 - 2017-07-28 07:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-04 15:35 - 2017-07-28 07:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-04 15:35 - 2017-07-28 07:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-04 15:35 - 2017-07-28 07:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-04 15:35 - 2017-07-28 07:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-04 15:35 - 2017-07-28 07:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-04 15:35 - 2017-07-28 07:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-04 15:35 - 2017-07-28 07:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-04 15:35 - 2017-07-28 07:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-04 15:35 - 2017-07-28 07:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-04 15:35 - 2017-07-28 07:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-04 15:35 - 2017-07-28 07:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-04 15:35 - 2017-07-28 07:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-04 15:35 - 2017-07-28 07:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-04 15:35 - 2017-07-28 07:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-04 15:35 - 2017-07-28 07:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-04 15:35 - 2017-07-28 07:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-04 15:35 - 2017-07-28 07:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-04 15:35 - 2017-07-28 07:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-04 15:35 - 2017-07-28 07:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-04 15:35 - 2017-07-28 07:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-04 15:35 - 2017-07-28 07:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-04 15:35 - 2017-07-28 07:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-04 15:35 - 2017-07-28 07:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-04 15:35 - 2017-07-28 07:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-04 15:35 - 2017-07-28 07:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-04 15:35 - 2017-07-28 07:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-04 15:35 - 2017-07-28 07:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-04 15:35 - 2017-07-28 07:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-04 15:35 - 2017-07-28 07:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-04 15:35 - 2017-07-28 07:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-04 15:35 - 2017-07-28 07:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-04 15:35 - 2017-07-28 07:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-04 15:35 - 2017-07-28 07:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-04 15:35 - 2017-07-28 07:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-04 15:35 - 2017-07-28 07:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-04 15:35 - 2017-07-28 07:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-04 15:35 - 2017-07-28 07:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-04 15:35 - 2017-07-28 07:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-04 15:35 - 2017-07-28 07:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-04 15:35 - 2017-07-28 07:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-04 15:35 - 2017-07-28 07:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-04 15:35 - 2017-07-28 07:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-04 15:35 - 2017-07-28 07:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-04 15:35 - 2017-07-28 07:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-04 15:35 - 2017-07-28 07:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-04 15:35 - 2017-07-28 07:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-04 15:35 - 2017-07-28 07:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-04 15:35 - 2017-07-28 07:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-04 15:35 - 2017-07-28 07:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-04 15:35 - 2017-07-28 07:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-04 15:35 - 2017-07-28 07:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-04 15:35 - 2017-07-28 07:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-04 15:35 - 2017-07-28 07:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-04 15:35 - 2017-07-28 07:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-04 15:35 - 2017-07-28 07:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-04 15:35 - 2017-07-28 07:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-04 15:35 - 2017-07-28 07:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-04 15:35 - 2017-07-28 07:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-04 15:35 - 2017-07-28 07:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-04 15:35 - 2017-07-28 07:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-04 15:35 - 2017-07-28 07:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-04 15:35 - 2017-07-28 07:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-04 15:35 - 2017-07-28 07:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-04 15:35 - 2017-07-28 07:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-04 15:35 - 2017-07-28 07:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-04 15:35 - 2017-07-28 07:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-04 15:35 - 2017-07-28 07:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-04 15:34 - 2017-08-04 15:34 - 000000000 ____D C:\WINDOWS\Setup
2017-08-04 15:34 - 2017-07-28 08:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-04 15:34 - 2017-07-28 08:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-04 15:34 - 2017-07-28 08:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-04 15:34 - 2017-07-28 08:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-04 15:34 - 2017-07-28 08:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-04 15:34 - 2017-07-28 08:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-04 15:34 - 2017-07-28 08:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-04 15:34 - 2017-07-28 08:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-04 15:34 - 2017-07-28 08:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-04 15:34 - 2017-07-28 08:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-04 15:34 - 2017-07-28 08:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-04 15:34 - 2017-07-28 08:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-04 15:34 - 2017-07-28 08:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-04 15:34 - 2017-07-28 08:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-04 15:34 - 2017-07-28 07:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-04 15:34 - 2017-07-28 07:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-04 15:34 - 2017-07-28 07:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-04 15:34 - 2017-07-28 07:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-04 15:34 - 2017-07-28 07:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-04 15:34 - 2017-07-28 07:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-04 15:34 - 2017-07-28 07:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-04 15:34 - 2017-07-28 07:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-04 15:34 - 2017-07-28 07:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-04 15:34 - 2017-07-28 07:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-04 15:34 - 2017-07-28 07:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-08-04 15:34 - 2017-07-28 07:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-04 15:34 - 2017-07-28 07:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-04 15:34 - 2017-07-28 07:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-04 15:34 - 2017-07-28 07:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-04 15:34 - 2017-07-28 07:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-04 15:34 - 2017-07-28 07:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-04 15:34 - 2017-07-28 07:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-04 15:34 - 2017-07-28 07:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-04 15:34 - 2017-07-28 07:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-04 15:34 - 2017-07-28 07:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-04 15:34 - 2017-07-28 07:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-04 15:34 - 2017-07-28 07:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-04 15:34 - 2017-07-28 07:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-04 15:34 - 2017-07-28 07:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-04 15:34 - 2017-07-28 07:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-04 15:34 - 2017-07-28 07:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-04 15:34 - 2017-07-28 07:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-04 15:34 - 2017-07-28 07:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-04 15:34 - 2017-07-28 07:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-04 15:34 - 2017-07-28 07:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-04 15:34 - 2017-07-28 07:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-04 15:34 - 2017-07-28 07:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-04 15:34 - 2017-07-28 07:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-04 15:34 - 2017-07-28 07:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-04 15:34 - 2017-07-28 07:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-04 15:34 - 2017-07-28 07:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-04 15:34 - 2017-07-28 07:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-04 15:34 - 2017-07-28 07:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-04 15:34 - 2017-07-28 07:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-04 15:34 - 2017-07-28 07:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-04 15:34 - 2017-07-28 07:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-04 15:34 - 2017-07-28 07:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-04 15:34 - 2017-07-28 07:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-04 15:34 - 2017-07-28 07:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-04 15:34 - 2017-07-28 07:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-04 15:34 - 2017-07-28 07:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-04 15:34 - 2017-07-28 07:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-04 15:34 - 2017-07-28 07:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-04 15:34 - 2017-07-28 07:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-04 15:34 - 2017-07-28 07:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-04 15:34 - 2017-07-28 07:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-04 15:34 - 2017-07-28 07:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-04 15:34 - 2017-07-28 07:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-04 15:34 - 2017-07-28 07:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-04 15:34 - 2017-07-28 07:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-04 15:34 - 2017-07-28 07:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-04 15:34 - 2017-07-28 07:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-04 15:34 - 2017-07-28 07:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-04 15:34 - 2017-07-28 07:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-04 15:34 - 2017-07-28 07:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-04 15:34 - 2017-07-28 07:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-04 15:34 - 2017-07-28 07:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-04 15:34 - 2017-07-28 07:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-04 15:34 - 2017-07-28 07:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-04 15:34 - 2017-07-28 07:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-04 15:34 - 2017-07-28 07:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-04 15:34 - 2017-07-28 07:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-04 15:34 - 2017-07-28 07:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-04 15:34 - 2017-07-28 07:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-04 15:34 - 2017-07-28 07:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\WINDOWS\OCR
2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files\MSBuild
2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-04 15:32 - 2017-08-04 15:32 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\DBG
2017-08-04 15:31 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\ro
2017-08-04 15:31 - 2017-08-04 15:31 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Blizzard Entertainment
2017-08-04 15:30 - 2017-08-04 15:30 - 000001875 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2017-08-04 15:30 - 2017-08-04 15:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Battle.net
2017-08-04 15:30 - 2017-08-04 15:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\CEF
2017-08-04 15:29 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-08-04 15:29 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-08-04 15:29 - 2017-08-04 15:29 - 000000962 _____ C:\Users\Public\Desktop\Blizzard App.lnk
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\0409
2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\DigitalLocker
2017-08-04 15:28 - 2017-08-10 23:03 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-08-04 15:26 - 2017-08-10 23:04 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Battle.net
2017-08-04 15:26 - 2017-08-04 15:26 - 000002545 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Neon.lnk
2017-08-04 15:26 - 2017-08-04 15:26 - 000002537 _____ C:\Users\PC ALIN\Desktop\Opera Neon.lnk
2017-08-04 15:26 - 2017-08-04 15:26 - 000002166 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-08-04 15:26 - 2017-08-04 15:26 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\FluxSoftware
2017-08-04 15:26 - 2017-07-31 18:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-08-04 15:26 - 2017-07-31 18:15 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-04 15:25 - 2017-08-04 15:25 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Opera Software
2017-08-04 15:24 - 2017-08-04 15:24 - 000002094 _____ C:\Users\Public\Desktop\Bloody6.lnk
2017-08-04 15:24 - 2017-08-04 15:19 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2017-08-04 15:24 - 2017-08-04 15:19 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-08-04 15:24 - 2017-08-04 15:19 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2017-08-04 15:24 - 2017-07-19 03:40 - 000418936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-08-04 15:23 - 2017-08-11 11:27 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-04 15:23 - 2017-08-11 11:27 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-04 15:23 - 2017-08-10 23:59 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-04 15:23 - 2017-08-09 19:00 - 000000000 ___RD C:\Program Files (x86)
2017-08-04 15:23 - 2017-08-07 23:44 - 000000000 ____D C:\WINDOWS\rescache
2017-08-04 15:23 - 2017-08-05 14:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-04 15:23 - 2017-08-05 14:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-04 15:23 - 2017-08-05 12:17 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-04 15:23 - 2017-08-05 11:33 - 000000000 ____D C:\WINDOWS\appcompat
2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-04 15:23 - 2017-08-04 15:40 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-08-04 15:23 - 2017-08-04 15:33 - 000000000 ____D C:\WINDOWS\SystemApps
2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\IME
2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\setup
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\Com
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ___SD C:\WINDOWS\system32\Nui
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __RSD C:\WINDOWS\Media
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Web
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Vss
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\tracing
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\TAPI
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SystemResources
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\winevt
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ras
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\IME
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\icsxml
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ias
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\downlevel
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\DDFs
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\System
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SKB
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\security
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\schemas
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SchCache
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Resources
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\RemotePackages
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Registration
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\PLA
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Performance
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\InputMethod
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Globalization
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Cursors
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Branding
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\addins
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Security
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Portable Devices
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows NT
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Common Files\Services
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows NT
2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-08-04 15:23 - 2017-08-04 15:19 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-08-04 15:23 - 2017-08-04 15:19 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2017-08-04 15:23 - 2017-08-04 15:19 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2017-08-04 15:23 - 2017-08-04 15:19 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-08-04 15:23 - 2017-08-04 15:19 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
2017-08-04 15:23 - 2017-08-04 15:19 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2017-08-04 15:23 - 2017-08-04 15:19 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2017-08-04 15:23 - 2017-08-04 15:19 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2017-08-04 15:23 - 2017-08-04 15:19 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2017-08-04 15:23 - 2017-08-04 15:19 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2017-08-04 15:23 - 2017-08-04 15:19 - 000000219 _____ C:\WINDOWS\system.ini
2017-08-04 15:23 - 2017-08-04 15:19 - 000000092 _____ C:\WINDOWS\win.ini
2017-08-04 15:23 - 2017-08-04 14:59 - 000000000 __RHD C:\Users\Public\Libraries
2017-08-04 15:23 - 2017-08-04 14:59 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\system32\spool
2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\CSC
2017-08-04 15:23 - 2017-08-04 14:53 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ___RD C:\WINDOWS\MiracastView
2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ____D C:\WINDOWS\HoloShell
2017-08-04 15:23 - 2017-08-04 14:47 - 000000000 ____D C:\WINDOWS\Help
2017-08-04 15:23 - 2017-08-04 14:42 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2017-08-04 15:21 - 2017-08-10 12:20 - 000000000 ____D C:\WINDOWS\INF
2017-08-04 15:21 - 2017-08-04 15:21 - 000000000 ____D C:\Program Files (x86)\Bloody6
2017-08-04 15:20 - 2017-08-04 15:20 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\BANDISOFT
2017-08-04 15:17 - 2017-08-04 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP
2017-08-04 15:13 - 2017-08-04 15:14 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\MicrosoftEdge
2017-08-04 15:12 - 2017-08-07 11:32 - 001019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2017-08-04 15:12 - 2017-08-07 11:32 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2017-08-04 15:12 - 2017-08-07 11:32 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2017-08-04 15:12 - 2017-08-04 15:12 - 000455938 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2017-08-04 15:12 - 2017-08-04 15:12 - 000019678 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
2017-08-04 15:12 - 2017-08-04 15:12 - 000003218 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-08-04 15:11 - 2017-08-09 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-04 15:11 - 2017-08-07 11:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-04 15:11 - 2017-08-04 15:11 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-08-04 15:11 - 2017-08-04 15:11 - 000000000 ____D C:\Program Files\Realtek
2017-08-04 15:07 - 2017-08-04 15:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Comms
2017-08-04 15:06 - 2017-08-10 14:49 - 077594624 _____ C:\WINDOWS\system32\config\SOFTWARE
2017-08-04 15:06 - 2017-08-10 14:49 - 034603008 _____ C:\WINDOWS\system32\config\SYSTEM
2017-08-04 15:06 - 2017-08-10 14:49 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-04 15:06 - 2017-08-10 14:49 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2017-08-04 15:06 - 2017-08-10 14:49 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY
2017-08-04 15:06 - 2017-08-04 15:40 - 000032768 _____ C:\WINDOWS\system32\config\SAM
2017-08-04 15:06 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\servicing
2017-08-04 15:06 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\SMI
2017-08-04 15:06 - 2017-08-04 15:03 - 000000000 ____D C:\WINDOWS\Panther
2017-08-04 15:06 - 2017-08-04 15:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-04 15:05 - 2017-08-04 15:05 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Publishers
2017-08-04 15:04 - 2017-08-10 14:16 - 001004914 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-04 15:04 - 2017-08-09 13:22 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Adobe
2017-08-04 15:04 - 2017-08-06 10:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Packages
2017-08-04 15:04 - 2017-08-04 15:04 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\VirtualStore
2017-08-04 15:04 - 2017-08-04 15:04 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Apps\2.0
2017-08-04 15:03 - 2017-08-08 10:28 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\ConnectedDevicesPlatform
2017-08-04 15:03 - 2017-08-04 15:03 - 000000020 ___SH C:\Users\PC ALIN\ntuser.ini
2017-08-04 15:03 - 2017-08-04 15:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\TileDataLayer
2017-08-04 15:01 - 2017-08-11 11:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-04 15:00 - 2017-08-04 15:00 - 000039290 _____ C:\Users\PC ALIN\Desktop\Aplicații eliminate.html
2017-08-04 14:55 - 2017-08-11 11:13 - 000000000 ____D C:\Users\PC ALIN
2017-08-04 14:48 - 2017-08-04 14:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-08-04 14:47 - 2017-08-11 11:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-04 14:47 - 2017-08-05 13:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-04 14:47 - 2017-08-05 13:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-04 14:47 - 2017-08-04 14:47 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-08-04 14:47 - 2017-08-04 14:47 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-08-04 14:47 - 2017-07-19 03:40 - 000513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-08-04 14:47 - 2017-07-19 02:24 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-08-04 14:47 - 2017-07-19 02:24 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-08-04 14:47 - 2017-07-19 01:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-04 14:47 - 2017-07-13 04:37 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-08-04 14:46 - 2017-08-04 14:46 - 000000000 ____D C:\Program Files\Intel
2017-08-04 14:45 - 2017-03-18 23:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-08-04 14:42 - 2017-08-11 11:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-04 14:42 - 2017-08-10 12:15 - 004844960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-04 13:51 - 2017-08-04 15:41 - 000000000 ___HD C:\$SysReset
2017-08-04 13:44 - 2017-08-04 13:44 - 000015400 _____ C:\Users\PC ALIN\Downloads\amifldrv64.sys
2017-08-04 13:39 - 2017-08-04 13:40 - 000519600 _____ () C:\Users\PC ALIN\Downloads\DellSystemDetectLauncher.exe
2017-08-02 15:57 - 2017-08-02 15:57 - 000000000 ____D C:\Users\PC ALIN\Downloads\Piriform.CCleaner.Professional.v5.27.5976.Multilingual.Incl.Keymaker-CORE
2017-08-02 15:20 - 2017-08-02 15:20 - 000000016 _____ C:\Users\PC ALIN\.emulator_console_auth_token
2017-08-02 15:06 - 2017-08-03 18:28 - 000000000 ____D C:\Users\PC ALIN\AndroidStudioProjects
2017-08-02 15:06 - 2017-08-02 15:09 - 000000000 ____D C:\Users\PC ALIN\.gradle
2017-08-02 14:29 - 2017-08-02 14:30 - 000000000 ____D C:\Users\PC ALIN\.AndroidStudio2.3
2017-08-02 14:06 - 2017-08-02 14:06 - 000000000 ____D C:\Android
2017-08-02 13:40 - 2017-08-02 13:44 - 2020009280 _____ (Google Inc.) C:\Users\PC ALIN\Downloads\android-studio-bundle-162.4069837-windows.exe
2017-08-01 20:53 - 2017-08-01 20:54 - 000000000 ____D C:\Users\PC ALIN\Downloads\iDubbbz - I have Crippling Depression _ Create, discover and share awesome GIFs on Gfycat_files
2017-08-01 20:53 - 2017-08-01 20:53 - 000054631 _____ C:\Users\PC ALIN\Downloads\iDubbbz - I have Crippling Depression _ Create, discover and share awesome GIFs on Gfycat.html
2017-07-31 09:12 - 2017-07-31 09:12 - 000000000 ____D C:\Users\PC ALIN\Downloads\PopcornTime
2017-07-31 09:10 - 2017-07-31 09:10 - 051919949 _____ (Popcorn Time ) C:\Users\PC ALIN\Downloads\PopcornTime-latest.exe
2017-07-26 22:44 - 2017-07-26 22:44 - 077967920 _____ (TeamSpeak Systems GmbH) C:\Users\PC ALIN\Downloads\TeamSpeak3-Client-win64-3.1.5.exe
2017-07-23 21:53 - 2017-07-23 21:53 - 001166678 _____ C:\Users\PC ALIN\Documents\MarireableepuluiCarte.pdf
2017-07-19 20:10 - 2017-08-04 16:19 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk
2017-07-15 20:24 - 2017-07-15 21:09 - 000000000 ____D C:\ESD
2017-07-15 20:01 - 2017-07-15 20:01 - 000000000 ___HD C:\$Windows.~WS
2017-07-12 18:27 - 2017-07-07 09:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 18:27 - 2017-07-07 09:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 18:27 - 2017-07-07 09:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 18:27 - 2017-07-07 09:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 18:27 - 2017-07-07 08:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 18:27 - 2017-06-20 08:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 18:27 - 2017-06-20 08:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 18:27 - 2017-06-20 08:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 18:27 - 2017-06-20 07:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 18:27 - 2017-06-20 07:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 18:27 - 2017-06-20 07:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 18:27 - 2017-06-20 07:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 18:26 - 2017-07-07 17:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 18:26 - 2017-07-07 10:26 - 001065104 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 18:26 - 2017-07-07 10:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 18:26 - 2017-07-07 10:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 18:26 - 2017-07-07 10:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 18:26 - 2017-07-07 10:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 18:26 - 2017-07-07 10:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 18:26 - 2017-07-07 10:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 18:26 - 2017-07-07 10:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 18:26 - 2017-07-07 10:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 18:26 - 2017-07-07 10:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 18:26 - 2017-07-07 10:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 18:26 - 2017-07-07 10:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 18:26 - 2017-07-07 09:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 18:26 - 2017-07-07 09:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 18:26 - 2017-07-07 09:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 18:26 - 2017-07-07 09:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 18:26 - 2017-07-07 09:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 18:26 - 2017-07-07 09:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 18:26 - 2017-07-07 09:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 18:26 - 2017-07-07 09:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 18:26 - 2017-07-07 09:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 18:26 - 2017-07-07 09:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 18:26 - 2017-07-07 09:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 18:26 - 2017-07-07 09:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 18:26 - 2017-07-07 09:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 18:26 - 2017-07-07 09:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 18:26 - 2017-07-07 09:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 18:26 - 2017-07-07 09:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 18:26 - 2017-07-07 09:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 18:26 - 2017-07-07 09:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 18:26 - 2017-07-07 09:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 18:26 - 2017-07-07 09:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 18:26 - 2017-07-07 09:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 18:26 - 2017-07-07 09:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 18:26 - 2017-07-07 09:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 18:26 - 2017-07-07 09:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 18:26 - 2017-07-07 09:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 18:26 - 2017-07-07 09:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 18:26 - 2017-07-07 09:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 18:26 - 2017-07-07 09:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 18:26 - 2017-07-07 09:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 18:26 - 2017-07-07 09:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 18:26 - 2017-07-07 09:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 18:26 - 2017-07-07 09:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 18:26 - 2017-07-07 09:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 18:26 - 2017-07-07 09:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 18:26 - 2017-07-07 09:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 18:26 - 2017-07-07 09:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 18:26 - 2017-07-07 09:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 18:26 - 2017-07-07 09:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 18:26 - 2017-07-07 09:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 18:26 - 2017-07-07 09:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 18:26 - 2017-07-07 09:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 18:26 - 2017-07-07 09:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 18:26 - 2017-07-07 09:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 18:26 - 2017-07-07 09:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 18:26 - 2017-07-07 09:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 18:26 - 2017-07-07 09:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 18:26 - 2017-07-07 08:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 18:26 - 2017-07-07 08:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 18:26 - 2017-07-07 08:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 18:26 - 2017-07-07 08:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 18:26 - 2017-07-07 08:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 18:26 - 2017-07-07 08:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 18:26 - 2017-07-07 08:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 18:26 - 2017-07-07 08:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 18:26 - 2017-07-02 01:52 - 000031932 ____N C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 18:26 - 2017-06-20 09:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 18:26 - 2017-06-20 09:11 - 001395152 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 18:26 - 2017-06-20 09:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 18:26 - 2017-06-20 09:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 18:26 - 2017-06-20 09:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 18:26 - 2017-06-20 09:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 18:26 - 2017-06-20 09:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 18:26 - 2017-06-20 09:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 18:26 - 2017-06-20 08:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 18:26 - 2017-06-20 08:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 18:26 - 2017-06-20 08:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 18:26 - 2017-06-20 08:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 18:26 - 2017-06-20 08:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 18:26 - 2017-06-20 08:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 18:26 - 2017-06-20 08:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 18:26 - 2017-06-20 08:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 18:26 - 2017-06-20 08:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 18:26 - 2017-06-20 08:12 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 18:26 - 2017-06-20 08:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 18:26 - 2017-06-20 08:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 18:26 - 2017-06-20 08:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 18:26 - 2017-06-20 08:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 18:26 - 2017-06-20 08:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 18:26 - 2017-06-20 08:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 18:26 - 2017-06-20 08:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 18:26 - 2017-06-20 08:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 18:26 - 2017-06-20 08:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 18:26 - 2017-06-20 08:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 18:26 - 2017-06-20 08:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 18:26 - 2017-06-20 08:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 18:26 - 2017-06-20 08:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 18:26 - 2017-06-20 08:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 18:26 - 2017-06-20 08:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 18:26 - 2017-06-20 08:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 18:26 - 2017-06-20 08:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 18:26 - 2017-06-20 08:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 18:26 - 2017-06-20 08:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 18:26 - 2017-06-20 08:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 18:26 - 2017-06-20 08:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 18:26 - 2017-06-20 08:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 18:26 - 2017-06-20 08:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 18:26 - 2017-06-20 08:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 18:26 - 2017-06-20 08:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 18:26 - 2017-06-20 08:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 18:26 - 2017-06-20 08:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 18:26 - 2017-06-20 08:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 18:26 - 2017-06-20 08:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 18:26 - 2017-06-20 08:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 18:26 - 2017-06-20 08:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 18:26 - 2017-06-20 07:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 18:26 - 2017-06-20 07:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 18:26 - 2017-06-20 07:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 18:26 - 2017-06-20 07:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 18:26 - 2017-06-20 07:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:26 - 2017-06-20 07:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:26 - 2017-06-20 07:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 18:26 - 2017-06-20 07:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 18:26 - 2017-06-20 07:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 18:26 - 2017-06-20 07:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 18:26 - 2017-06-20 07:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 18:26 - 2017-06-20 07:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 18:26 - 2017-06-20 07:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 18:26 - 2017-06-20 07:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 18:26 - 2017-06-20 07:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 18:26 - 2017-06-20 07:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 18:26 - 2017-06-20 07:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 18:26 - 2017-06-20 07:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 18:26 - 2017-06-20 07:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 18:26 - 2017-06-20 07:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 18:26 - 2017-06-20 07:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 18:26 - 2017-06-20 07:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 18:26 - 2017-06-20 07:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 18:26 - 2017-06-20 07:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 18:26 - 2017-06-20 07:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 18:26 - 2017-06-20 07:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 18:26 - 2017-06-20 07:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:26 - 2017-06-20 07:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 18:26 - 2017-06-20 07:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 18:26 - 2017-06-20 07:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 18:26 - 2017-06-20 07:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 18:26 - 2017-06-20 07:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 18:26 - 2017-06-20 07:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 18:26 - 2017-06-20 07:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 18:26 - 2017-06-20 07:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 18:26 - 2017-06-20 07:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 18:26 - 2017-06-20 07:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 18:26 - 2017-06-20 07:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 18:26 - 2017-06-20 07:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 18:25 - 2017-07-07 10:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 18:25 - 2017-07-07 10:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 18:25 - 2017-07-07 10:27 - 000965024 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 18:25 - 2017-07-07 10:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 18:25 - 2017-07-07 10:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 18:25 - 2017-07-07 10:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 18:25 - 2017-07-07 10:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 18:25 - 2017-07-07 10:17 - 001017760 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 18:25 - 2017-07-07 10:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 18:25 - 2017-07-07 10:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 18:25 - 2017-07-07 10:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 18:25 - 2017-07-07 10:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 18:25 - 2017-07-07 10:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 18:25 - 2017-07-07 10:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 18:25 - 2017-07-07 10:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 18:25 - 2017-07-07 09:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 18:25 - 2017-07-07 09:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 18:25 - 2017-07-07 09:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 18:25 - 2017-07-07 09:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 18:25 - 2017-07-07 09:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 18:25 - 2017-07-07 09:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 18:25 - 2017-07-07 09:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 18:25 - 2017-07-07 09:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 18:25 - 2017-07-07 09:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 18:25 - 2017-07-07 09:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 18:25 - 2017-07-07 09:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 18:25 - 2017-07-07 09:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 18:25 - 2017-07-07 09:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 18:25 - 2017-07-07 09:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 18:25 - 2017-07-07 09:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 18:25 - 2017-07-07 09:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 18:25 - 2017-07-07 09:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 18:25 - 2017-07-07 09:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 18:25 - 2017-07-07 09:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 18:25 - 2017-07-07 09:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 18:25 - 2017-07-07 09:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 18:25 - 2017-07-07 09:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 18:25 - 2017-07-07 09:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 18:25 - 2017-07-07 09:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 18:25 - 2017-07-07 09:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 18:25 - 2017-06-20 09:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 18:25 - 2017-06-20 09:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 18:25 - 2017-06-20 09:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 18:25 - 2017-06-20 09:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 18:25 - 2017-06-20 09:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 18:25 - 2017-06-20 09:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 18:25 - 2017-06-20 09:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 18:25 - 2017-06-20 09:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 18:25 - 2017-06-20 09:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 18:25 - 2017-06-20 09:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 18:25 - 2017-06-20 09:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 18:25 - 2017-06-20 09:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 18:25 - 2017-06-20 09:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 18:25 - 2017-06-20 09:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 18:25 - 2017-06-20 09:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 18:25 - 2017-06-20 08:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 18:25 - 2017-06-20 08:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 18:25 - 2017-06-20 08:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 18:25 - 2017-06-20 08:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 18:25 - 2017-06-20 08:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 18:25 - 2017-06-20 08:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 18:25 - 2017-06-20 08:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 18:25 - 2017-06-20 08:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:25 - 2017-06-20 08:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 18:25 - 2017-06-20 08:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 18:25 - 2017-06-20 08:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:25 - 2017-06-20 08:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 18:25 - 2017-06-20 08:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 18:25 - 2017-06-20 08:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 18:25 - 2017-06-20 08:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 18:25 - 2017-06-20 08:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 18:25 - 2017-06-20 08:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 18:25 - 2017-06-20 08:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 18:25 - 2017-06-20 08:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 18:25 - 2017-06-20 08:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 18:25 - 2017-06-20 08:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 18:25 - 2017-06-20 08:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 18:25 - 2017-06-20 08:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 18:25 - 2017-06-20 08:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 18:25 - 2017-06-20 08:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 18:25 - 2017-06-20 08:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 18:25 - 2017-06-20 08:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 18:25 - 2017-06-20 08:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 18:25 - 2017-06-20 08:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 18:25 - 2017-06-20 08:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 18:25 - 2017-06-20 08:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 18:25 - 2017-06-20 08:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 18:25 - 2017-06-20 08:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 18:25 - 2017-06-20 08:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 18:25 - 2017-06-20 08:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 18:25 - 2017-06-20 08:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 18:25 - 2017-06-20 08:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 18:25 - 2017-06-20 08:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 18:25 - 2017-06-20 08:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 18:25 - 2017-06-20 08:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 18:25 - 2017-06-20 08:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 18:25 - 2017-06-20 07:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 18:25 - 2017-06-20 07:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 18:25 - 2017-06-20 07:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-11 13:49 - 2017-01-04 23:08 - 000000000 ____D C:\Users\PC ALIN\Documents\MEMES
2017-08-11 13:07 - 2015-06-17 22:36 - 000005493 _____ C:\Users\PC ALIN\Desktop\K.txt
2017-08-11 11:14 - 2015-03-16 23:30 - 000000000 __SHD C:\Users\PC ALIN\IntelGraphicsProfiles
2017-08-09 18:58 - 2017-01-20 23:50 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-08-08 19:40 - 2017-01-20 23:51 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2017-08-07 11:33 - 2017-05-18 13:45 - 000204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-08-07 11:30 - 2015-08-04 00:24 - 003503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-07 11:30 - 2015-08-04 00:24 - 003203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-07 11:30 - 2015-08-04 00:24 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-07 11:30 - 2015-08-04 00:21 - 005545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-08-07 11:30 - 2015-08-04 00:21 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-08-07 11:28 - 2017-04-30 22:26 - 000000000 ____D C:\Users\PC ALIN\AppData\LocalLow\IObit
2017-08-05 19:42 - 2016-11-29 22:15 - 000000000 ____D C:\Users\PC ALIN\Downloads\brutus-aet2-darknet
2017-08-05 19:42 - 2016-10-01 16:12 - 000000000 ____D C:\Users\PC ALIN\Downloads\DAEMON Tools Ultra 4.1.0.0489 + Patch [SadeemPC]
2017-08-05 13:06 - 2017-02-07 01:42 - 000000000 ____D C:\temp
2017-08-05 11:42 - 2017-02-14 22:00 - 000000000 __SHD C:\AI_RecycleBin
2017-08-04 18:11 - 2015-08-03 20:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-04 15:00 - 2015-03-17 09:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-04 14:59 - 2016-12-24 09:49 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-08-04 14:59 - 2016-08-21 09:33 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2017-08-04 14:59 - 2016-05-31 21:54 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-08-02 15:42 - 2015-11-06 22:12 - 000000000 ____D C:\Users\PC ALIN\.android
2017-08-02 12:33 - 2017-03-29 21:21 - 000000000 ____D C:\Users\PC ALIN\Documents\A
2017-07-30 22:09 - 2017-01-23 19:54 - 000015212 _____ C:\Users\PC ALIN\Documents\starburn.txt
2017-07-28 18:13 - 2015-04-09 18:02 - 000000000 ____D C:\Users\PC ALIN\Documents\My Games
2017-07-24 22:06 - 2017-05-04 15:51 - 000984032 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-07-19 03:40 - 2017-06-09 21:56 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-19 03:40 - 2017-06-09 21:56 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-19 03:40 - 2017-06-09 21:56 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb

==================== Files in the root of some directories =======

2017-08-09 13:25 - 2017-08-09 13:26 - 000000132 _____ () C:\Users\PC ALIN\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-08-10 14:04 - 2017-08-10 14:04 - 000050156 _____ () C:\ProgramData\agent.1502363078.bdinstall.bin
2017-08-10 14:54 - 2017-08-10 14:54 - 000030916 _____ () C:\ProgramData\agent.update.1502366073.bdinstall.bin
2017-08-04 15:12 - 2017-08-04 15:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2013-08-05 09:15 - 2013-08-05 09:15 - 004292136 _____ (www.Bandisoft.com) C:\Users\PC ALIN\AppData\Local\Temp\bdfilters.dll
2017-08-04 16:04 - 2017-08-04 16:04 - 002146496 _____ (BitTorrent Inc.) C:\Users\PC ALIN\AppData\Local\Temp\utt5AA5.tmp.exe
2017-08-08 20:16 - 2017-08-08 20:16 - 030950664 _____ () C:\Users\PC ALIN\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-04 14:42

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by PC ALIN (11-08-2017 17:21:14)
Running from C:\Users\PC ALIN\Downloads
Windows 10 Pro Version 1703 (X64) (2017-08-04 12:03:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3261217118-1789687074-152833201-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3261217118-1789687074-152833201-503 - Limited - Disabled)
Guest (S-1-5-21-3261217118-1789687074-152833201-501 - Limited - Disabled)
PC ALIN (S-1-5-21-3261217118-1789687074-152833201-1001 - Administrator - Enabled) => C:\Users\PC ALIN

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 17.04.0003 - Bloody)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
f.lux (HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Flux) (Version: - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.2 - IObit)
League of Legends (HKLM-x32\...\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Opera Neon (HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.2.14.487 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-16] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {017CB183-1262-49DE-8A7E-516BE5E1FC61} - System32\Tasks\Driver Booster SkipUAC (PC ALIN) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {1F91E8C9-664C-4B5F-AB51-E99D765233E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {291EE332-1252-46E6-95D1-85F16FC6573A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {3DB8F8B4-C75C-4612-AAFE-377B39200A30} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {59E1F712-C685-4F98-9344-6F9E19639884} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {73068ECF-1C57-4141-B5B8-7B67C2D3EF53} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {80A3582B-362E-49C5-AE67-C687AFCF49C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {83B64CD1-A7E6-44F0-A2FA-D5C0DAC7C420} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [2016-11-24] (www.Bandisoft.com)
Task: {996DEC59-7A1D-44C3-BBC4-09518A6AAA5C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {A0F70E97-08A4-4FE4-A149-D260209B1F89} - System32\Tasks\Uninstaller_SkipUac_PC_ALIN => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {A5B8BDF9-07C1-4507-9147-FFD540CD5BE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-04] (Google Inc.)
Task: {AF6375B8-4084-420B-935C-CD5FD18F0313} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-07] (Realtek Semiconductor)
Task: {BFC713FE-7238-46B1-BBA3-10E42F58FE0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {D1E7B6A7-C90F-4D47-A9AB-ECBAF9059273} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-08-05] (Adobe Systems Incorporated)
Task: {D231542D-8A1E-4BDD-A574-2BF27C73AC0D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {DE703306-AB39-41E5-9FA4-7AD3E14503AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-04] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_PC_ALIN.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-08-04 14:47 - 2017-07-19 02:24 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-08-05 12:45 - 2017-07-26 20:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 23:58 - 2017-03-18 23:58 - 000138000 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-16 01:21 - 2017-02-16 01:21 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 23:59 - 2017-03-20 07:10 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-05 11:51 - 2017-08-05 11:52 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-05 11:51 - 2017-08-05 11:52 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-05 12:45 - 2017-07-26 20:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-04 15:25 - 2017-03-29 16:15 - 002250792 _____ () C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\1.0.2531.0\libglesv2.dll
2017-08-04 15:25 - 2017-03-29 16:15 - 000086568 _____ () C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\1.0.2531.0\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-08-04 15:23 - 2017-08-08 19:44 - 000000911 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 ssl.bandisoft.com
127.0.0.1 cert.bandicam.com127.0.0.1 www.r2rdownload.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pc alin\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\windows photo viewer wallpaper.jpg
DNS Servers: 95.77.94.88 - 78.96.7.88
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D616780B-14C6-4933-9290-A790A2955A2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46FD5CA0-94AD-4E84-A6E2-C5B8391AB33C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8F1980FD-6E94-4556-8C46-C80B115CCB51}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9A93D2CB-F60C-48E1-B584-F4C28BB6DA07}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{BCDA0566-2E66-4362-B67B-4860A2FCE7D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C3DC6431-6D84-4A27-AF18-1C180D68B4A7}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CDC59E54-910A-4FAA-8E9A-616731835350}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{57D6E1F3-1AAD-4BAE-856D-E23592BD8A61}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{18885A59-4CC8-4590-BFCD-5B0A112B2F0F}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9C7125AD-246D-4FE2-8C51-F06543DCA144}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EDBD3FC4-90EC-41ED-A2FD-11F7ECB984A7}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{613C4CC8-9C98-4025-9667-2667CBCEB4AD}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{990D6ACE-B2EC-4DDC-9B90-2E0293577378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2FAC01CB-852A-4D57-94C5-50286C01E996}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AD6B7180-D666-493B-AEBB-8D9C93E18E28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{ADFD0921-456F-470A-BBFC-F3813AE5B7D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{30DDFA70-C3D8-4E60-A69C-E979337D40CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A00A7868-F8E1-40E2-97B2-2787ED156F4F}C:\users\pc alin\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc alin\appdata\local\vghd\bin\vghd.exe
FirewallRules: [UDP Query User{C7CD600A-9C2E-42F2-8935-D86D49CD1BAC}C:\users\pc alin\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc alin\appdata\local\vghd\bin\vghd.exe
FirewallRules: [{7731FF38-1978-409B-971A-41E9C292EBC9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{117873DD-3406-46DD-9CDA-7EA1D0961750}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{EFB72B8A-EFB7-47BD-A8C7-235A6772AF20}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{7787BDBB-3FD0-4688-97EC-ACFF94654684}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{A7CFC960-E0E7-49B3-9E85-E4F93526E435}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{AC172CE1-6398-4234-BB0C-DBDCA0FD02F0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{4BB5C068-CB28-4C91-A558-26DE60E75500}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{5ADD4064-1877-4928-8EAC-418840AD4CA6}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe

==================== Restore Points =========================

04-08-2017 15:09:29 Windows Update
07-08-2017 11:27:48 Driver Booster : Realtek High Definition Audio

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2017 12:30:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.16.198.3278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 151c

Start Time: 01d31284568bb4b8

Termination Time: 4294967295

Application Path: D:\Games\RADS\projects\league_client\releases\0.0.0.89\deploy\LeagueClientUx.exe

Report Id: 7f044d59-c462-485f-bb20-28da4763f995

Faulting package full name:

Faulting package-relative application ID:

Error: (08/11/2017 11:28:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.15063.0, time stamp: 0x02799ef5
Faulting module name: appraiser.dll_unloaded, version: 10.0.15156.1008, time stamp: 0x9e6eb7d4
Exception code: 0xc0000005
Fault offset: 0x0000000000001000
Faulting process id: 0x16e8
Faulting application start time: 0x01d3127a8a735c93
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: appraiser.dll
Report Id: c84051f5-8a08-4ddb-940e-6bbc8aeef0e6
Faulting package full name:
Faulting package-relative application ID:

Error: (08/10/2017 07:04:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALIN)
Description: Package Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (08/10/2017 02:04:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/09/2017 06:21:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program neon.exe version 1.0.2531.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2d54

Start Time: 01d3110647f04ec6

Termination Time: 4294967295

Application Path: C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

Report Id: 4f8bf78e-7e03-4a50-a542-91218c598ede

Faulting package full name:

Faulting package-relative application ID:

Error: (08/09/2017 02:54:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.15063.447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 828

Start Time: 01d310e11832d331

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 53df9f25-55bd-40e5-8cb6-b7e2a0a956dd

Faulting package full name:

Faulting package-relative application ID:

Error: (08/09/2017 12:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/07/2017 11:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: uTorrent.exe, version: 2.2.1.25110, time stamp: 0x4d78393f
Faulting module name: GDI32.dll, version: 10.0.15063.483, time stamp: 0x88a53c1d
Exception code: 0xc000041d
Fault offset: 0x00005836
Faulting process id: 0x28c0
Faulting application start time: 0x01d30fa8e3e816fa
Faulting application path: C:\Program Files (x86)\uTorrent\uTorrent.exe
Faulting module path: C:\WINDOWS\System32\GDI32.dll
Report Id: 5e322ff9-1ce1-4473-abf3-af2e3252c96f
Faulting package full name:
Faulting package-relative application ID:

Error: (08/07/2017 11:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: uTorrent.exe, version: 2.2.1.25110, time stamp: 0x4d78393f
Faulting module name: ntdll.dll, version: 10.0.15063.447, time stamp: 0xd51d5c5e
Exception code: 0xc0000005
Fault offset: 0x00042dd5
Faulting process id: 0x28c0
Faulting application start time: 0x01d30fa8e3e816fa
Faulting application path: C:\Program Files (x86)\uTorrent\uTorrent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a3e7ef0a-efe7-49ba-a371-677b9c0720fe
Faulting package full name:
Faulting package-relative application ID:

Error: (08/07/2017 12:10:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Metin2OG.exe version 1.0.28249.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1458

Start Time: 01d30f5ce286838f

Termination Time: 4294967295

Application Path: D:\Games\Metin2OG\Metin2OG.exe

Report Id: a6f62af9-c8af-4ebf-9b06-1eb12ebe5b0d

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (08/11/2017 01:45:07 PM) (Source: DCOM) (EventID: 10016) (User: ALIN)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Alin\PC ALIN SID (S-1-5-21-3261217118-1789687074-152833201-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/11/2017 11:44:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IMF Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/11/2017 11:29:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Repornire serviciu) after the unexpected termination of the Windows Update service, but this action failed with the following error:
An instance of the service is already running.

Error: (08/11/2017 11:28:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Repornire serviciu.

Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RzActionSvc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Manager Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the RzActionSvc service to connect.

Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Razer Game Manager Service service to connect.

Error: (08/11/2017 11:13:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (08/11/2017 11:13:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:59:21 on ‎10.‎08.‎2017 was unexpected.


CodeIntegrity:
===================================
Date: 2017-08-11 13:36:36.097
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-10 12:26:51.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-08 21:54:04.953
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-07 23:34:30.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-06 16:05:10.463
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-05 19:37:13.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-04 21:27:02.306
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-04 21:27:02.144
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 52%
Total physical RAM: 3999.98 MB
Available physical RAM: 1883.49 MB
Total Virtual: 5343.98 MB
Available Virtual: 2623.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:246.74 GB) (Free:175.73 GB) NTFS
Drive d: (Goodies) (Fixed) (Total:683.59 GB) (Free:151.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1A327A34)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=246.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)
Partition 4: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 11 August 2017 - 10:32 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 11 August 2017 - 10:39 AM

Greetings Kerox and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Unfortunately there is evidence of a number of illegal softwares on your computer. I am going to request you completely uninstall any products for which you do not have a valid Product Key, including all "cracked" software. If you are willing to do that please rerun a FRST scan and copy/paste both reports in your reply. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please run this after removal.

===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • CKScanner report
  • FRST report
  • Addition report

Edited by Oh My!, 11 August 2017 - 10:51 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 11 August 2017 - 12:40 PM

Nice to meet you,Gary! My name is Alin.

Well,I wanted to copy and paste the logs but it said the message would have been too long and I'm getting this message again so I have to post the addition log in a second reply.

I've uninstalled some apss but I'm not entirely sure. CKScanner has detected some sounds from FL Studio called "crack" and some files from Android Studio having "keygen" in their names,should I uninstall these 2 apps too?

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad

c:\android\sdk\docs\reference\android\security\keystore\keygenparameterspec.builder.html

c:\android\sdk\docs\reference\android\security\keystore\keygenparameterspec.html

c:\android\sdk\docs\reference\java\security\spec\rsakeygenparameterspec.html

c:\android\sdk\docs\reference\javax\crypto\keygenerator.html

c:\android\sdk\docs\reference\javax\crypto\keygeneratorspi.html

c:\android\sdk\docs\sdk\api_diff\24\changes\android.security.keystore.keygenparameterspec.builder.html

c:\android\sdk\docs\sdk\api_diff\24\changes\android.security.keystore.keygenparameterspec.html

c:\android\sdk\sources\android-25\android\security\keystore\androidkeystorekeygeneratorspi.java

c:\android\sdk\sources\android-25\android\security\keystore\keygenparameterspec.java

c:\android\sdk\sources\android-25\java\security\spec\rsakeygenparameterspec.java

c:\android\sdk\sources\android-25\javax\crypto\keygenerator.java

c:\android\sdk\sources\android-25\javax\crypto\keygeneratorspi.java

c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\claps\ma firecracker clap.wv

c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\hi hats\ma firecracker chat.wv

c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\kicks\ma firecracker kick.wv

c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\snares\ma firecracker snare.wv

c:\program files (x86)\image-line\fl studio 12\data\patches\plugin presets\generators\drumpad\sound fx\crack.fst

c:\program files (x86)\image-line\fl studio 12\plugins\fruity\effects\hardcore\presets\default\i cracked my tube!.hdprg

c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\drumaxx\drum patches\sound fx\crack.dmpatch

c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\drumpad\drum patches\sound fx\crack.dmpatch

c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\sawer\presets\ambient\mc cracked.sawer

c:\users\pc alin\documents\image-line\data\drumaxx\drum patches\sound fx\crack.dmpatch

c:\users\pc alin\documents\image-line\data\hardcore\default\i cracked my tube!.hdprg

c:\users\pc alin\documents\image-line\data\sawer\ambient\mc cracked.sawer

c:\users\pc alin\documents\image-line\data\toxic biohazard\basses\crack.tbio

scanner sequence 3.ZZ.11.HHCPL0

----- EOF -----

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017

Ran by PC ALIN (administrator) on ALIN (11-08-2017 20:24:00)

Running from C:\Users\PC ALIN\Downloads

Loaded Profiles: PC ALIN (Available Profiles: PC ALIN)

Platform: Windows 10 Pro Version 1703 (X64) Language: Romanian (Romania)

Internet Explorer Version 11 (Default browser: "C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe" -- "%1")

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\System32\igfxTray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe

(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe

(Flux Software LLC) C:\Users\PC ALIN\AppData\Local\FluxSoftware\Flux\flux.exe

(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

(Opera Software AS) C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe

 

==================== Registry (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-08-07] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-08-07] (Realtek Semiconductor)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] ()

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [f.lux] => C:\Users\PC ALIN\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2017-08-04] (BitTorrent, Inc.)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)

HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3261217118-1789687074-152833201-1001] => hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 95.77.94.88 78.96.7.88

Tcpip\..\Interfaces\{6d614e18-8e7b-4366-b4c1-cc15b6a7ed0a}: [DhcpNameServer] 95.77.94.88 78.96.7.88

Tcpip\..\Interfaces\{a7aa6abb-7e05-4afd-908a-144dde693cb3}: [DhcpNameServer] 95.77.94.88 78.96.7.88

ManualProxies: 0hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381

 

Internet Explorer:

==================

FireFox:

========

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-04] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

 

Chrome:

=======

CHR Profile: C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default [2017-08-10]

CHR Extension: (Google Slides) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-04]

CHR Extension: (Google Docs) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-04]

CHR Extension: (Google Drive) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-04]

CHR Extension: (YouTube) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-04]

CHR Extension: (Adblock Plus) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-04]

CHR Extension: (Google Sheets) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-04]

CHR Extension: (Google Docs Offline) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-04]

CHR Extension: (Chrome Web Store Payments) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-04]

CHR Extension: (Gmail) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-04]

CHR Extension: (Chrome Media Router) - C:\Users\PC ALIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-04]

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)

R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)

S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-06-16] (Razer Inc)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-08-07] (Realtek Semiconductor)

S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)

R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-07-27] (Razer Inc.)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2017-05-04] (Qualcomm Atheros Communications, Inc.)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2017-05-27] (OSR Open Systems Resources, Inc.)

S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [270912 2015-12-27] (DT Soft Ltd)

S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-10-01] (Disc Soft Ltd)

S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-10-01] (Disc Soft Ltd)

S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [259880 2017-06-23] (BitDefender S.R.L. Bucharest, ROMANIA)

R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-06-23] (ELAN Microelectronic Corp.)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-07] (REALiX™)

R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2017-05-04] (Intel Corporation)

S3 iaLPSS_I2C; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation)

S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)

R1 MpKsl262fdb68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841F54D1-5631-4968-BD15-41136C98EEBE}\MpKsl262fdb68.sys [44928 2017-08-11] (Microsoft Corporation)

R1 MpKslb2a35b99; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B89904E-36DE-445E-A9FB-263AB58B9A59}\MpKslb2a35b99.sys [44928 2017-08-10] (Microsoft Corporation)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)

S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26744 2017-05-03] (Windows ® Win 7 DDK provider)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)

R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [22880 2013-11-30] (Christian Gulden)

R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [23608 2014-01-13] (Christian Gulden)

S3 qcusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [242688 2016-08-30] (QUALCOMM Incorporated)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-24] (Realtek )

S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-05-04] (Realsil Semiconductor Corporation)

R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)

S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [214832 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))

R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [66136 2017-02-16] (Synaptics Incorporated)

S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] ()

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-11 20:22 - 2017-08-11 20:22 - 000002475 _____ C:\Users\PC ALIN\Desktop\ckfiles.txt

2017-08-11 19:27 - 2017-08-11 19:27 - 000468480 _____ () C:\Users\PC ALIN\Desktop\CKScanner.exe

2017-08-11 18:03 - 2017-08-11 18:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\.mono

2017-08-11 17:48 - 2017-08-11 17:48 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Blizzard

2017-08-11 17:21 - 2017-08-11 17:22 - 000033309 _____ C:\Users\PC ALIN\Downloads\Addition.txt

2017-08-11 17:19 - 2017-08-11 20:24 - 000015263 _____ C:\Users\PC ALIN\Downloads\FRST.txt

2017-08-11 17:15 - 2017-08-11 20:24 - 000000000 ____D C:\FRST

2017-08-11 17:15 - 2017-08-11 17:15 - 002381824 _____ (Farbar) C:\Users\PC ALIN\Downloads\FRST64.exe

2017-08-10 15:24 - 2017-06-23 03:51 - 000259880 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys

2017-08-10 15:23 - 2017-06-07 05:04 - 000950160 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys

2017-08-10 14:08 - 2017-08-10 14:08 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\QuickScan

2017-08-10 14:04 - 2017-08-11 19:35 - 000000000 ____D C:\Program Files\Bitdefender Agent

2017-08-10 14:02 - 2017-08-10 14:02 - 009932672 _____ C:\Users\PC ALIN\Downloads\bitdefender_online.exe

2017-08-10 13:59 - 2017-08-10 13:59 - 046661328 _____ (Microsoft Corporation) C:\Users\PC ALIN\Downloads\Windows-KB890830-x64-V5.51.exe

2017-08-09 19:00 - 2017-08-09 19:00 - 000002117 _____ C:\Users\PC ALIN\Desktop\FL Studio 12 (64bit).lnk

2017-08-09 19:00 - 2017-08-09 19:00 - 000000000 ____D C:\Program Files (x86)\VstPlugins

2017-08-09 18:33 - 2017-08-09 18:33 - 000002101 _____ C:\Users\Public\Desktop\FL Studio 12.lnk

2017-08-09 18:18 - 2017-08-09 18:19 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6CBE61BC.sys

2017-08-09 15:13 - 2017-08-09 15:14 - 064442921 _____ C:\Users\PC ALIN\Downloads\Bazzooka - Trotineta Cu Trei Roti ( Album CD Original ) (www.RadioBlueEnerGy.Ro).zip

2017-08-09 13:25 - 2017-08-09 13:26 - 000000132 _____ C:\Users\PC ALIN\AppData\Roaming\Adobe PNG Format CS6 Prefs

2017-08-09 13:21 - 2017-08-09 13:21 - 000001796 _____ C:\Users\PC ALIN\Desktop\Photoshop.lnk

2017-08-09 13:21 - 2017-08-09 13:21 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\NVIDIA

2017-08-09 13:18 - 2017-08-09 13:20 - 000000000 ____D C:\Program Files\Adobe

2017-08-09 13:14 - 2017-08-09 13:18 - 000000000 ____D C:\Program Files (x86)\Adobe

2017-08-09 13:11 - 2017-08-09 13:20 - 000000000 ____D C:\Program Files\Common Files\Adobe

2017-08-09 13:03 - 2017-08-09 13:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Macromedia

2017-08-09 12:30 - 2017-08-01 05:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-08-09 12:30 - 2017-08-01 05:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2017-08-09 12:30 - 2017-08-01 05:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2017-08-09 12:30 - 2017-08-01 05:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-08-09 12:30 - 2017-08-01 05:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-08-09 12:30 - 2017-08-01 05:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2017-08-09 12:30 - 2017-08-01 05:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2017-08-09 12:30 - 2017-08-01 05:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe

2017-08-09 12:30 - 2017-08-01 05:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2017-08-09 12:30 - 2017-08-01 05:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2017-08-09 12:30 - 2017-08-01 05:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2017-08-09 12:30 - 2017-08-01 05:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2017-08-09 12:30 - 2017-08-01 05:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2017-08-09 12:30 - 2017-08-01 05:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-08-09 12:30 - 2017-08-01 05:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-08-09 12:30 - 2017-08-01 05:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-08-09 12:30 - 2017-08-01 05:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-08-09 12:30 - 2017-08-01 05:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-08-09 12:30 - 2017-08-01 05:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-08-09 12:30 - 2017-08-01 05:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll

2017-08-09 12:30 - 2017-08-01 05:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2017-08-09 12:30 - 2017-08-01 05:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2017-08-09 12:30 - 2017-08-01 05:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2017-08-09 12:30 - 2017-08-01 05:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2017-08-09 12:30 - 2017-08-01 05:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2017-08-09 12:30 - 2017-08-01 05:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe

2017-08-09 12:30 - 2017-08-01 05:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys

2017-08-09 12:30 - 2017-08-01 05:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll

2017-08-09 12:30 - 2017-08-01 05:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-08-09 12:30 - 2017-08-01 05:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2017-08-09 12:30 - 2017-08-01 05:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE

2017-08-09 12:30 - 2017-08-01 05:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-08-09 12:30 - 2017-08-01 05:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-08-09 12:30 - 2017-08-01 05:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll

2017-08-09 12:30 - 2017-08-01 05:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-08-09 12:30 - 2017-08-01 05:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll

2017-08-09 12:30 - 2017-08-01 05:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-08-09 12:30 - 2017-08-01 05:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-08-09 12:30 - 2017-08-01 05:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll

2017-08-09 12:30 - 2017-08-01 05:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-08-09 12:30 - 2017-08-01 05:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll

2017-08-09 12:30 - 2017-08-01 05:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-08-09 12:30 - 2017-08-01 05:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-08-09 12:30 - 2017-08-01 05:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll

2017-08-09 12:30 - 2017-08-01 05:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-08-09 12:30 - 2017-08-01 05:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-08-09 12:30 - 2017-08-01 05:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-08-09 12:30 - 2017-08-01 05:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-08-09 12:30 - 2017-08-01 05:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-08-09 12:30 - 2017-08-01 05:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-08-09 12:30 - 2017-08-01 05:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-08-09 12:30 - 2017-08-01 04:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-08-09 12:30 - 2017-08-01 04:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-08-09 12:30 - 2017-08-01 04:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll

2017-08-09 12:30 - 2017-08-01 04:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2017-08-09 12:30 - 2017-08-01 04:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll

2017-08-09 12:30 - 2017-08-01 04:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE

2017-08-09 12:30 - 2017-08-01 04:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys

2017-08-09 12:30 - 2017-08-01 04:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2017-08-09 12:30 - 2017-08-01 04:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-08-09 12:30 - 2017-08-01 04:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys

2017-08-09 12:30 - 2017-08-01 04:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll

2017-08-09 12:30 - 2017-08-01 04:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2017-08-09 12:30 - 2017-08-01 04:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll

2017-08-09 12:30 - 2017-08-01 04:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-08-09 12:30 - 2017-08-01 04:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2017-08-09 12:30 - 2017-08-01 04:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll

2017-08-09 12:30 - 2017-08-01 04:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll

2017-08-09 12:30 - 2017-08-01 04:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll

2017-08-09 12:30 - 2017-08-01 04:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll

2017-08-09 12:30 - 2017-08-01 04:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-08-09 12:30 - 2017-08-01 04:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll

2017-08-09 12:30 - 2017-08-01 04:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-08-09 12:30 - 2017-08-01 04:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2017-08-09 12:30 - 2017-08-01 04:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-08-09 12:30 - 2017-08-01 04:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-08-09 12:30 - 2017-08-01 04:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll

2017-08-09 12:30 - 2017-08-01 04:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-08-09 12:30 - 2017-08-01 04:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll

2017-08-09 12:30 - 2017-08-01 04:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-08-09 12:30 - 2017-08-01 04:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-08-09 12:30 - 2017-08-01 04:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2017-08-09 12:30 - 2017-08-01 04:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-08-09 12:30 - 2017-08-01 04:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-08-09 12:30 - 2017-08-01 04:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-08-09 12:30 - 2017-08-01 04:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-08-09 12:30 - 2017-08-01 04:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll

2017-08-09 12:30 - 2017-08-01 04:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-08-09 12:30 - 2017-08-01 04:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-08-09 12:30 - 2017-08-01 04:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-08-09 12:30 - 2017-08-01 04:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

2017-08-09 12:30 - 2017-08-01 04:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2017-08-09 12:30 - 2017-08-01 04:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2017-08-09 12:30 - 2017-08-01 04:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll

2017-08-09 12:30 - 2017-08-01 04:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2017-08-09 12:30 - 2017-08-01 04:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll

2017-08-09 12:30 - 2017-08-01 01:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll

2017-08-08 21:25 - 2017-08-10 22:46 - 000000000 ____D C:\Users\PC ALIN\Desktop\FL P

2017-08-08 19:40 - 2017-08-08 19:40 - 000001207 _____ C:\Users\PC ALIN\Desktop\ASIO4ALL v2 Instruction Manual.lnk

2017-08-08 19:40 - 2017-08-08 19:40 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2

2017-08-08 19:26 - 2017-08-08 19:26 - 000000000 ____D C:\Program Files\Common Files\VST2

2017-08-08 19:26 - 2017-08-08 19:26 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software

2017-08-08 19:24 - 2017-08-08 19:24 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Image-Line

2017-08-08 19:24 - 2017-08-08 19:24 - 000000000 ____D C:\Program Files\Image-Line

2017-08-08 19:12 - 2017-08-08 19:41 - 000000000 ____D C:\Program Files (x86)\Image-Line

2017-08-08 15:07 - 2017-08-08 15:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\ElevatedDiagnostics

2017-08-07 23:58 - 2017-08-08 20:19 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\vlc

2017-08-07 23:53 - 2017-08-07 23:53 - 000000496 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2017-08-07 12:00 - 2017-08-07 12:00 - 000002486 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_PC_ALIN

2017-08-07 12:00 - 2017-08-07 12:00 - 000000292 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_PC_ALIN.job

2017-08-07 11:30 - 2017-08-07 11:30 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 003203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 002201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 001353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000164424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkXInterface64.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

2017-08-07 11:30 - 2017-08-07 11:30 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll

2017-08-07 11:29 - 2017-08-07 11:29 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCORES64.dat

2017-08-07 11:29 - 2017-08-07 11:29 - 009124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2017-08-07 11:29 - 2017-08-07 11:29 - 003014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2017-08-07 11:28 - 2017-03-17 00:57 - 000044096 _____ (IObit.com) C:\WINDOWS\system32\Drivers\IMFCameraProtect.sys.oeqokp

2017-08-07 11:25 - 2017-08-07 11:25 - 000000000 ____D C:\WINDOWS\IObit

2017-08-07 11:24 - 2017-08-11 19:34 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\IObit

2017-08-07 11:24 - 2017-08-10 12:36 - 000003024 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC ALIN)

2017-08-07 11:24 - 2017-08-07 11:24 - 000027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS

2017-08-07 11:04 - 2017-08-07 11:04 - 000031672 _____ C:\Users\PC ALIN\Downloads\Game.of.Thrones.S07E04.The.Spoils.of.War.1080p.AMZN.WEB-DL.DDP5.1.H.264-GoT.torrent

2017-08-06 19:55 - 2017-08-10 13:34 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe

2017-08-06 19:55 - 2017-08-06 19:55 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA

2017-08-06 19:54 - 2017-08-06 19:54 - 000752296 _____ C:\Users\PC ALIN\Downloads\Adware Removal Tool by TSA.exe

2017-08-06 19:47 - 2017-08-06 19:47 - 004049016 _____ (Google) C:\Users\PC ALIN\Downloads\chrome_cleanup_tool.exe

2017-08-06 13:29 - 2017-08-06 13:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2017-08-06 10:29 - 2017-08-06 10:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\PackageStaging

2017-08-05 18:17 - 2017-08-05 18:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2017-08-05 18:17 - 2017-08-05 18:17 - 000000000 ____D C:\Program Files (x86)\Realtek

2017-08-05 18:14 - 2017-08-05 18:14 - 010653973 _____ C:\Users\PC ALIN\Downloads\0021-Install_Win10_10019_07252017.zip

2017-08-05 18:14 - 2017-08-05 18:14 - 000000000 ____D C:\Users\PC ALIN\Downloads\0021-Install_Win10_10019_07252017

2017-08-05 18:11 - 2017-08-05 18:11 - 000000000 ____D C:\Users\PC ALIN\Downloads\DriversCloudx64_10_0_4_0

2017-08-05 18:09 - 2017-08-05 18:10 - 010016794 _____ C:\Users\PC ALIN\Downloads\DriversCloudx64_10_0_4_0.zip

2017-08-05 14:31 - 2017-08-07 23:25 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\CrashDumps

2017-08-05 14:05 - 2017-08-05 14:05 - 030268992 _____ (Totem Entertainment ) C:\Users\PC ALIN\Downloads\setup-istripper_XDd5TVyZTRNLlMA.exe

2017-08-05 14:02 - 2017-08-10 12:16 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Adobe

2017-08-05 14:02 - 2017-08-05 14:02 - 000004572 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2017-08-05 13:50 - 2017-08-05 13:52 - 000462536 _____ C:\Users\PC ALIN\Downloads\MetArt.Network.January-July.2017.1080p.WEB-DL.AAC2.0.H.264-ForeverAloneDude.torrent

2017-08-05 13:48 - 2017-08-05 13:48 - 000462536 _____ C:\Users\PC ALIN\Downloads\2FEE.tmp

2017-08-05 13:44 - 2017-08-11 11:20 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-08-05 13:44 - 2017-08-11 11:13 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-08-05 13:44 - 2017-08-11 11:13 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-08-05 13:44 - 2017-08-11 11:13 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-08-05 13:44 - 2017-08-10 18:27 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-08-05 13:43 - 2017-08-05 13:43 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-08-05 13:43 - 2017-08-05 13:43 - 000000000 ____D C:\Program Files\Malwarebytes

2017-08-05 13:43 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-08-05 13:06 - 2017-08-05 13:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2017-08-05 13:06 - 2017-03-11 00:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll

2017-08-05 13:06 - 2017-03-11 00:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2017-08-05 13:06 - 2017-03-11 00:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe

2017-08-05 13:06 - 2017-03-11 00:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2017-08-05 12:58 - 2017-07-19 03:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2017-08-05 12:58 - 2017-07-19 03:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json

2017-08-05 12:58 - 2017-07-19 03:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json

2017-08-05 12:46 - 2017-08-05 19:44 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\NVIDIA Corporation

2017-08-05 12:46 - 2017-08-05 12:46 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2017-08-05 12:46 - 2017-08-05 12:46 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\NVIDIA

2017-08-05 12:46 - 2017-07-26 20:06 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2017-08-05 12:46 - 2017-07-26 20:06 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2017-08-05 12:46 - 2017-07-26 20:06 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

2017-08-05 12:45 - 2017-08-05 12:45 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-08-05 12:45 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-08-05 12:45 - 2017-07-26 20:06 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2017-08-05 12:45 - 2017-07-26 20:06 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2017-08-05 12:45 - 2017-07-26 20:06 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2017-08-05 12:45 - 2017-07-26 20:05 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2017-08-05 12:45 - 2017-07-26 20:05 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2017-08-05 12:45 - 2017-07-26 16:40 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

2017-08-05 12:45 - 2017-07-19 03:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

2017-08-05 12:37 - 2017-08-05 12:38 - 089914048 _____ (NVIDIA Corporation) C:\Users\PC ALIN\Downloads\GeForce_Experience_v3.8.0.89.exe

2017-08-05 12:20 - 2017-08-05 12:20 - 000000199 _____ C:\Users\PC ALIN\Desktop\Dota 2.url

2017-08-05 12:18 - 2017-08-05 12:18 - 000000529 _____ C:\Users\PC ALIN\Desktop\Steam.lnk

2017-08-05 12:18 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll

2017-08-05 12:18 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll

2017-08-05 12:18 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll

2017-08-05 12:18 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll

2017-08-05 12:18 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll

2017-08-05 12:18 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll

2017-08-05 12:18 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll

2017-08-05 12:18 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll

2017-08-05 12:18 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll

2017-08-05 12:18 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll

2017-08-05 12:18 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll

2017-08-05 12:18 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll

2017-08-05 12:18 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll

2017-08-05 12:18 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll

2017-08-05 12:18 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll

2017-08-05 12:18 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll

2017-08-05 12:18 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll

2017-08-05 12:18 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll

2017-08-05 12:18 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll

2017-08-05 12:18 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll

2017-08-05 12:18 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll

2017-08-05 12:18 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll

2017-08-05 12:18 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll

2017-08-05 12:18 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll

2017-08-05 12:18 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll

2017-08-05 12:18 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll

2017-08-05 12:18 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll

2017-08-05 12:18 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll

2017-08-05 12:18 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll

2017-08-05 12:18 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll

2017-08-05 12:18 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll

2017-08-05 12:18 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll

2017-08-05 12:18 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll

2017-08-05 12:18 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll

2017-08-05 12:18 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll

2017-08-05 12:18 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll

2017-08-05 12:18 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll

2017-08-05 12:18 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll

2017-08-05 12:18 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll

2017-08-05 12:18 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll

2017-08-05 12:18 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll

2017-08-05 12:18 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll

2017-08-05 12:18 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll

2017-08-05 12:18 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll

2017-08-05 12:18 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll

2017-08-05 12:18 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll

2017-08-05 12:18 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll

2017-08-05 12:18 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll

2017-08-05 12:18 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll

2017-08-05 12:18 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll

2017-08-05 12:18 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll

2017-08-05 12:18 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll

2017-08-05 12:18 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll

2017-08-05 12:18 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll

2017-08-05 12:18 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll

2017-08-05 12:18 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll

2017-08-05 12:18 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll

2017-08-05 12:18 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll

2017-08-05 12:17 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll

2017-08-05 12:17 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll

2017-08-05 12:17 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll

2017-08-05 12:17 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll

2017-08-05 12:17 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll

2017-08-05 12:17 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll

2017-08-05 12:17 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll

2017-08-05 12:17 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll

2017-08-05 12:17 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll

2017-08-05 12:17 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll

2017-08-05 12:17 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll

2017-08-05 12:17 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll

2017-08-05 12:17 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll

2017-08-05 12:17 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll

2017-08-05 12:17 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll

2017-08-05 12:17 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll

2017-08-05 12:17 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll

2017-08-05 12:17 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll

2017-08-05 12:17 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll

2017-08-05 12:17 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll

2017-08-05 12:17 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll

2017-08-05 12:17 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll

2017-08-05 12:17 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll

2017-08-05 12:17 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll

2017-08-05 12:17 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll

2017-08-05 12:17 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll

2017-08-05 12:17 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll

2017-08-05 12:17 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll

2017-08-05 12:17 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll

2017-08-05 12:17 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll

2017-08-05 12:17 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll

2017-08-05 12:17 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll

2017-08-05 12:17 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll

2017-08-05 12:17 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll

2017-08-05 12:17 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll

2017-08-05 12:17 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll

2017-08-05 12:17 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll

2017-08-05 12:17 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll

2017-08-05 12:17 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll

2017-08-05 12:17 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll

2017-08-05 12:17 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll

2017-08-05 12:17 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll

2017-08-05 12:17 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll

2017-08-05 12:17 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll

2017-08-05 12:17 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll

2017-08-05 12:17 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll

2017-08-05 12:17 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll

2017-08-05 12:17 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll

2017-08-05 12:17 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll

2017-08-05 12:17 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll

2017-08-05 12:17 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll

2017-08-05 12:17 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll

2017-08-05 12:03 - 2017-08-11 11:38 - 000000637 _____ C:\Users\Public\Desktop\League of Legends.lnk

2017-08-05 12:01 - 2017-08-05 12:02 - 032529256 _____ (Riot Games) C:\Users\PC ALIN\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe

2017-08-04 23:50 - 2017-08-04 23:50 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\PeerDistRepub

2017-08-04 23:47 - 2017-08-10 14:09 - 000000000 ____D C:\AdwCleaner

2017-08-04 23:46 - 2017-08-04 23:47 - 008185288 _____ (Malwarebytes) C:\Users\PC ALIN\Downloads\adwcleaner_7.0.1.0.exe

2017-08-04 21:48 - 2017-08-04 21:48 - 000000000 _____ C:\autoexec.bat

2017-08-04 21:45 - 2017-08-04 21:45 - 002755584 _____ C:\Users\PC ALIN\Downloads\SH-Alt-Install.exe

2017-08-04 21:28 - 2017-08-04 21:28 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-08-04 21:28 - 2017-08-04 21:28 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-08-04 21:28 - 2017-08-04 21:28 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2017-08-04 21:27 - 2017-08-06 19:47 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Google

2017-08-04 21:27 - 2017-08-04 21:28 - 000000000 ____D C:\Program Files (x86)\Google

2017-08-04 21:27 - 2017-08-04 21:27 - 001130328 _____ (Google Inc.) C:\Users\PC ALIN\Downloads\ChromeSetup (1).exe

2017-08-04 20:42 - 2017-08-04 20:42 - 065033984 _____ (Malwarebytes ) C:\Users\PC ALIN\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe

2017-08-04 17:57 - 2017-08-04 17:57 - 000003028 _____ C:\WINDOWS\System32\Tasks\bandicam_start

2017-08-04 17:56 - 2017-08-04 18:06 - 000000000 ____D C:\Program Files (x86)\Bandicam

2017-08-04 17:56 - 2017-08-04 17:56 - 000001057 _____ C:\Users\Public\Desktop\Bandicam.lnk

2017-08-04 17:42 - 2017-08-04 17:42 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Razer

2017-08-04 17:15 - 2017-08-04 17:56 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1

2017-08-04 17:08 - 2017-07-18 18:21 - 000139704 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys

2017-08-04 17:06 - 2017-08-04 17:07 - 000000000 ____D C:\Program Files (x86)\Razer

2017-08-04 17:06 - 2017-08-04 17:06 - 000001354 _____ C:\Users\PC ALIN\Desktop\Razer Cortex.lnk

2017-08-04 16:55 - 2017-08-04 16:56 - 161537848 _____ (Razer Inc. ) C:\Users\PC ALIN\Downloads\RazerCortexSetup_8.2.14.487.exe

2017-08-04 16:33 - 2017-08-04 16:33 - 001398143 _____ (Igor Pavlov) C:\Users\PC ALIN\Downloads\7z1700-x64.exe

2017-08-04 16:33 - 2017-08-04 16:33 - 000000000 ____D C:\Program Files\7-Zip

2017-08-04 16:20 - 2017-08-08 20:17 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk

2017-08-04 16:20 - 2017-08-04 16:20 - 000000000 ____D C:\Program Files (x86)\VideoLAN

2017-08-04 16:19 - 2017-08-11 13:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Skype

2017-08-04 16:19 - 2017-08-04 16:19 - 000000000 ___RD C:\Program Files (x86)\Skype

2017-08-04 16:17 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll

2017-08-04 16:17 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll

2017-08-04 16:17 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll

2017-08-04 16:17 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll

2017-08-04 16:17 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll

2017-08-04 16:15 - 2017-08-05 12:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Riot Games

2017-08-04 16:03 - 2017-08-04 16:09 - 000001012 _____ C:\Users\Public\Desktop\µTorrent.lnk

2017-08-04 16:02 - 2017-08-11 20:25 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\uTorrent

2017-08-04 16:02 - 2017-08-04 16:09 - 000000000 ____D C:\Program Files (x86)\uTorrent

2017-08-04 15:59 - 2017-08-04 16:00 - 000399224 _____ (BitTorrent, Inc.) C:\Users\PC ALIN\Downloads\utorrent_2.2.1.exe

2017-08-04 15:52 - 2017-08-04 15:52 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Steam

2017-08-04 15:49 - 2017-08-04 15:49 - 001446792 _____ C:\Users\PC ALIN\Downloads\SteamSetup.exe

2017-08-04 15:43 - 2017-08-04 15:12 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-08-04 15:40 - 2017-08-06 16:06 - 000000000 ____D C:\Windows.old

2017-08-04 15:40 - 2017-08-04 15:41 - 000000000 ____D C:\WINDOWS\InfusedApps

2017-08-04 15:40 - 2017-08-04 14:42 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2017-08-04 15:39 - 2017-08-04 15:39 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\Program Files\Dell

2017-08-04 15:38 - 2017-08-04 15:38 - 000000000 ____D C:\Program Files\Alienware

2017-08-04 15:37 - 2017-08-10 14:00 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-08-04 15:37 - 2017-08-09 12:33 - 000000000 ____D C:\WINDOWS\system32\MRT

2017-08-04 15:37 - 2017-08-04 15:37 - 000000000 ____D C:\Program Files\Synaptics

2017-08-04 15:35 - 2017-07-28 08:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-08-04 15:35 - 2017-07-28 08:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-08-04 15:35 - 2017-07-28 08:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2017-08-04 15:35 - 2017-07-28 08:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll

2017-08-04 15:35 - 2017-07-28 08:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-08-04 15:35 - 2017-07-28 08:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2017-08-04 15:35 - 2017-07-28 08:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2017-08-04 15:35 - 2017-07-28 08:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2017-08-04 15:35 - 2017-07-28 08:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-08-04 15:35 - 2017-07-28 08:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2017-08-04 15:35 - 2017-07-28 08:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2017-08-04 15:35 - 2017-07-28 08:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-08-04 15:35 - 2017-07-28 08:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-08-04 15:35 - 2017-07-28 08:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-08-04 15:35 - 2017-07-28 08:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-08-04 15:35 - 2017-07-28 08:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll

2017-08-04 15:35 - 2017-07-28 08:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-08-04 15:35 - 2017-07-28 08:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2017-08-04 15:35 - 2017-07-28 08:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2017-08-04 15:35 - 2017-07-28 08:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2017-08-04 15:35 - 2017-07-28 08:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-08-04 15:35 - 2017-07-28 08:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-08-04 15:35 - 2017-07-28 07:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-08-04 15:35 - 2017-07-28 07:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll

2017-08-04 15:35 - 2017-07-28 07:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll

2017-08-04 15:35 - 2017-07-28 07:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-08-04 15:35 - 2017-07-28 07:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-08-04 15:35 - 2017-07-28 07:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2017-08-04 15:35 - 2017-07-28 07:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2017-08-04 15:35 - 2017-07-28 07:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll

2017-08-04 15:35 - 2017-07-28 07:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll

2017-08-04 15:35 - 2017-07-28 07:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-08-04 15:35 - 2017-07-28 07:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll

2017-08-04 15:35 - 2017-07-28 07:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2017-08-04 15:35 - 2017-07-28 07:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-08-04 15:35 - 2017-07-28 07:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2017-08-04 15:35 - 2017-07-28 07:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys

2017-08-04 15:35 - 2017-07-28 07:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2017-08-04 15:35 - 2017-07-28 07:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll

2017-08-04 15:35 - 2017-07-28 07:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-08-04 15:35 - 2017-07-28 07:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll

2017-08-04 15:35 - 2017-07-28 07:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll

2017-08-04 15:35 - 2017-07-28 07:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2017-08-04 15:35 - 2017-07-28 07:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2017-08-04 15:35 - 2017-07-28 07:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-08-04 15:35 - 2017-07-28 07:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-08-04 15:35 - 2017-07-28 07:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll

2017-08-04 15:35 - 2017-07-28 07:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2017-08-04 15:35 - 2017-07-28 07:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-08-04 15:35 - 2017-07-28 07:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll

2017-08-04 15:35 - 2017-07-28 07:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll

2017-08-04 15:35 - 2017-07-28 07:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-08-04 15:35 - 2017-07-28 07:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-08-04 15:35 - 2017-07-28 07:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-08-04 15:35 - 2017-07-28 07:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-08-04 15:35 - 2017-07-28 07:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll

2017-08-04 15:35 - 2017-07-28 07:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-08-04 15:35 - 2017-07-28 07:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll

2017-08-04 15:35 - 2017-07-28 07:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2017-08-04 15:35 - 2017-07-28 07:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2017-08-04 15:35 - 2017-07-28 07:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-08-04 15:35 - 2017-07-28 07:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-08-04 15:35 - 2017-07-28 07:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2017-08-04 15:35 - 2017-07-28 07:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll

2017-08-04 15:35 - 2017-07-28 07:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-08-04 15:35 - 2017-07-28 07:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe

2017-08-04 15:35 - 2017-07-28 07:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2017-08-04 15:35 - 2017-07-28 07:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-08-04 15:35 - 2017-07-28 07:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-08-04 15:35 - 2017-07-28 07:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-08-04 15:35 - 2017-07-28 07:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-08-04 15:35 - 2017-07-28 07:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-08-04 15:35 - 2017-07-28 07:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-08-04 15:35 - 2017-07-28 07:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll

2017-08-04 15:35 - 2017-07-28 07:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-08-04 15:35 - 2017-07-28 07:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-08-04 15:35 - 2017-07-28 07:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-08-04 15:35 - 2017-07-28 07:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-08-04 15:35 - 2017-07-28 07:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2017-08-04 15:35 - 2017-07-28 07:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

2017-08-04 15:35 - 2017-07-28 07:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2017-08-04 15:35 - 2017-07-28 07:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2017-08-04 15:35 - 2017-07-28 07:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll

2017-08-04 15:35 - 2017-07-28 07:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2017-08-04 15:35 - 2017-07-28 07:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll

2017-08-04 15:35 - 2017-07-28 07:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2017-08-04 15:35 - 2017-07-28 07:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2017-08-04 15:35 - 2017-07-28 07:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-08-04 15:35 - 2017-07-28 07:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2017-08-04 15:35 - 2017-07-28 07:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe

2017-08-04 15:35 - 2017-07-28 07:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe

2017-08-04 15:35 - 2017-07-28 07:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll

2017-08-04 15:34 - 2017-08-04 15:34 - 000000000 ____D C:\WINDOWS\Setup

2017-08-04 15:34 - 2017-07-28 08:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-08-04 15:34 - 2017-07-28 08:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll

2017-08-04 15:34 - 2017-07-28 08:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-08-04 15:34 - 2017-07-28 08:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2017-08-04 15:34 - 2017-07-28 08:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-08-04 15:34 - 2017-07-28 08:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2017-08-04 15:34 - 2017-07-28 08:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2017-08-04 15:34 - 2017-07-28 08:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2017-08-04 15:34 - 2017-07-28 08:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll

2017-08-04 15:34 - 2017-07-28 08:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll

2017-08-04 15:34 - 2017-07-28 08:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-08-04 15:34 - 2017-07-28 08:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2017-08-04 15:34 - 2017-07-28 08:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll

2017-08-04 15:34 - 2017-07-28 08:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2017-08-04 15:34 - 2017-07-28 07:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll

2017-08-04 15:34 - 2017-07-28 07:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll

2017-08-04 15:34 - 2017-07-28 07:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-08-04 15:34 - 2017-07-28 07:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll

2017-08-04 15:34 - 2017-07-28 07:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll

2017-08-04 15:34 - 2017-07-28 07:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe

2017-08-04 15:34 - 2017-07-28 07:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll

2017-08-04 15:34 - 2017-07-28 07:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll

2017-08-04 15:34 - 2017-07-28 07:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll

2017-08-04 15:34 - 2017-07-28 07:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-08-04 15:34 - 2017-07-28 07:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2017-08-04 15:34 - 2017-07-28 07:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys

2017-08-04 15:34 - 2017-07-28 07:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-08-04 15:34 - 2017-07-28 07:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-08-04 15:34 - 2017-07-28 07:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll

2017-08-04 15:34 - 2017-07-28 07:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-08-04 15:34 - 2017-07-28 07:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll

2017-08-04 15:34 - 2017-07-28 07:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-08-04 15:34 - 2017-07-28 07:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2017-08-04 15:34 - 2017-07-28 07:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll

2017-08-04 15:34 - 2017-07-28 07:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll

2017-08-04 15:34 - 2017-07-28 07:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll

2017-08-04 15:34 - 2017-07-28 07:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-08-04 15:34 - 2017-07-28 07:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll

2017-08-04 15:34 - 2017-07-28 07:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe

2017-08-04 15:34 - 2017-07-28 07:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-08-04 15:34 - 2017-07-28 07:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

2017-08-04 15:34 - 2017-07-28 07:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll

2017-08-04 15:34 - 2017-07-28 07:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2017-08-04 15:34 - 2017-07-28 07:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2017-08-04 15:34 - 2017-07-28 07:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-08-04 15:34 - 2017-07-28 07:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-08-04 15:34 - 2017-07-28 07:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2017-08-04 15:34 - 2017-07-28 07:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-08-04 15:34 - 2017-07-28 07:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll

2017-08-04 15:34 - 2017-07-28 07:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-08-04 15:34 - 2017-07-28 07:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-08-04 15:34 - 2017-07-28 07:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll

2017-08-04 15:34 - 2017-07-28 07:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-08-04 15:34 - 2017-07-28 07:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-08-04 15:34 - 2017-07-28 07:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2017-08-04 15:34 - 2017-07-28 07:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-08-04 15:34 - 2017-07-28 07:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-08-04 15:34 - 2017-07-28 07:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-08-04 15:34 - 2017-07-28 07:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2017-08-04 15:34 - 2017-07-28 07:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-08-04 15:34 - 2017-07-28 07:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll

2017-08-04 15:34 - 2017-07-28 07:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2017-08-04 15:34 - 2017-07-28 07:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll

2017-08-04 15:34 - 2017-07-28 07:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-08-04 15:34 - 2017-07-28 07:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll

2017-08-04 15:34 - 2017-07-28 07:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-08-04 15:34 - 2017-07-28 07:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-08-04 15:34 - 2017-07-28 07:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2017-08-04 15:34 - 2017-07-28 07:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2017-08-04 15:34 - 2017-07-28 07:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-08-04 15:34 - 2017-07-28 07:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-08-04 15:34 - 2017-07-28 07:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-08-04 15:34 - 2017-07-28 07:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-08-04 15:34 - 2017-07-28 07:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2017-08-04 15:34 - 2017-07-28 07:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-08-04 15:34 - 2017-07-28 07:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-08-04 15:34 - 2017-07-28 07:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2017-08-04 15:34 - 2017-07-28 07:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2017-08-04 15:34 - 2017-07-28 07:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2017-08-04 15:34 - 2017-07-28 07:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll

2017-08-04 15:34 - 2017-07-28 07:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2017-08-04 15:34 - 2017-07-28 07:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-08-04 15:34 - 2017-07-28 07:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe

2017-08-04 15:34 - 2017-07-28 07:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe

2017-08-04 15:34 - 2017-07-28 07:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll

2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\WINDOWS\OCR

2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files\Reference Assemblies

2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files\MSBuild

2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-08-04 15:33 - 2017-08-04 15:33 - 000000000 ____D C:\Program Files (x86)\MSBuild

2017-08-04 15:32 - 2017-08-04 15:32 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\DBG

2017-08-04 15:31 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\ro

2017-08-04 15:31 - 2017-08-04 15:31 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Blizzard Entertainment

2017-08-04 15:30 - 2017-08-11 17:48 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Battle.net

2017-08-04 15:30 - 2017-08-04 15:30 - 000001875 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk

2017-08-04 15:30 - 2017-08-04 15:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\CEF

2017-08-04 15:29 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN

2017-08-04 15:29 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\WCN

2017-08-04 15:29 - 2017-08-04 15:29 - 000000962 _____ C:\Users\Public\Desktop\Blizzard App.lnk

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\0409

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\winrm

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\slmgr

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\0409

2017-08-04 15:29 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\DigitalLocker

2017-08-04 15:28 - 2017-08-11 17:46 - 000000000 ____D C:\Program Files (x86)\Blizzard App

2017-08-04 15:26 - 2017-08-11 18:51 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Battle.net

2017-08-04 15:26 - 2017-08-04 15:26 - 000002545 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Neon.lnk

2017-08-04 15:26 - 2017-08-04 15:26 - 000002537 _____ C:\Users\PC ALIN\Desktop\Opera Neon.lnk

2017-08-04 15:26 - 2017-08-04 15:26 - 000002166 _____ C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk

2017-08-04 15:26 - 2017-08-04 15:26 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\FluxSoftware

2017-08-04 15:26 - 2017-07-31 18:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-08-04 15:26 - 2017-07-31 18:15 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-08-04 15:25 - 2017-08-04 15:25 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Opera Software

2017-08-04 15:24 - 2017-08-04 15:24 - 000002094 _____ C:\Users\Public\Desktop\Bloody6.lnk

2017-08-04 15:24 - 2017-08-04 15:19 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat

2017-08-04 15:24 - 2017-08-04 15:19 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll

2017-08-04 15:24 - 2017-08-04 15:19 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT

2017-08-04 15:24 - 2017-07-19 03:40 - 000418936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll

2017-08-04 15:23 - 2017-08-11 19:35 - 000000000 ___HD C:\Program Files\WindowsApps

2017-08-04 15:23 - 2017-08-11 19:35 - 000000000 ____D C:\WINDOWS\AppReadiness

2017-08-04 15:23 - 2017-08-11 19:34 - 000000000 ___RD C:\Program Files (x86)

2017-08-04 15:23 - 2017-08-10 23:59 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2017-08-04 15:23 - 2017-08-07 23:44 - 000000000 ____D C:\WINDOWS\rescache

2017-08-04 15:23 - 2017-08-05 14:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-08-04 15:23 - 2017-08-05 14:02 - 000000000 ____D C:\WINDOWS\system32\Macromed

2017-08-04 15:23 - 2017-08-05 12:17 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2017-08-04 15:23 - 2017-08-05 11:33 - 000000000 ____D C:\WINDOWS\appcompat

2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-08-04 15:23 - 2017-08-04 18:04 - 000000000 ____D C:\WINDOWS\system32\config\TxR

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___SD C:\WINDOWS\system32\F12

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ___RD C:\Program Files\Windows Defender

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\oobe

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\migwiz

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\Dism

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\system32\appraiser

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\ShellExperiences

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\Provisioning

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-08-04 15:23 - 2017-08-04 18:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2017-08-04 15:23 - 2017-08-04 15:40 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2017-08-04 15:23 - 2017-08-04 15:33 - 000000000 ____D C:\WINDOWS\SystemApps

2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe

2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\IME

2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2017-08-04 15:23 - 2017-08-04 15:31 - 000000000 ____D C:\Program Files\Common Files\System

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\system32\dsc

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Com

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\setup

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\MUI

2017-08-04 15:23 - 2017-08-04 15:29 - 000000000 ____D C:\WINDOWS\system32\Com

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ___SD C:\WINDOWS\system32\Nui

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates

2017-08-04 15:23 - 2017-08-04 15:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\Program Files\Windows Sidebar

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 __RSD C:\WINDOWS\Media

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\system32\Configuration

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\system32\AppV

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___RD C:\WINDOWS\Offline Web Pages

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Web

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Vss

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\tracing

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\TAPI

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\ras

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\IME

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SystemResources

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\winevt

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ras

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ProximityToast

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\PointOfService

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\NDF

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Ipmi

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\InputMethod

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\inetsrv

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\IME

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\icsxml

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\ias

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Hydrogen

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\downlevel

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\DDFs

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\config\Journal

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\Bthprops

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\AppLocker

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\System

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SKB

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\security

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\schemas

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\SchCache

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Resources

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\RemotePackages

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Registration

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\PLA

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Performance

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\ModemLogs

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\L2Schemas

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\InputMethod

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Globalization

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Cursors

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\Branding

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\bcastdvr

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\addins

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Security

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Portable Devices

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows NT

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Windows Multimedia Platform

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files\Common Files\Services

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows NT

2017-08-04 15:23 - 2017-08-04 15:23 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2017-08-04 15:23 - 2017-08-04 15:19 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll

2017-08-04 15:23 - 2017-08-04 15:19 - 000215943 _____ C:\WINDOWS\system32\dssec.dat

2017-08-04 15:23 - 2017-08-04 15:19 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services

2017-08-04 15:23 - 2017-08-04 15:19 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml

2017-08-04 15:23 - 2017-08-04 15:19 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK

2017-08-04 15:23 - 2017-08-04 15:19 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam

2017-08-04 15:23 - 2017-08-04 15:19 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol

2017-08-04 15:23 - 2017-08-04 15:19 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json

2017-08-04 15:23 - 2017-08-04 15:19 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT

2017-08-04 15:23 - 2017-08-04 15:19 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks

2017-08-04 15:23 - 2017-08-04 15:19 - 000000219 _____ C:\WINDOWS\system.ini

2017-08-04 15:23 - 2017-08-04 15:19 - 000000092 _____ C:\WINDOWS\win.ini

2017-08-04 15:23 - 2017-08-04 14:59 - 000000000 __RHD C:\Users\Public\Libraries

2017-08-04 15:23 - 2017-08-04 14:59 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\system32\spool

2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\system32\FxsTmp

2017-08-04 15:23 - 2017-08-04 14:55 - 000000000 ____D C:\WINDOWS\CSC

2017-08-04 15:23 - 2017-08-04 14:53 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ___RD C:\WINDOWS\PrintDialog

2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ___RD C:\WINDOWS\MiracastView

2017-08-04 15:23 - 2017-08-04 14:49 - 000000000 ____D C:\WINDOWS\HoloShell

2017-08-04 15:23 - 2017-08-04 14:47 - 000000000 ____D C:\WINDOWS\Help

2017-08-04 15:23 - 2017-08-04 14:42 - 000000000 ____D C:\WINDOWS\system32\config\RegBack

2017-08-04 15:21 - 2017-08-10 12:20 - 000000000 ____D C:\WINDOWS\INF

2017-08-04 15:21 - 2017-08-04 15:21 - 000000000 ____D C:\Program Files (x86)\Bloody6

2017-08-04 15:20 - 2017-08-04 15:20 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\BANDISOFT

2017-08-04 15:17 - 2017-08-04 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP

2017-08-04 15:13 - 2017-08-04 15:14 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\MicrosoftEdge

2017-08-04 15:12 - 2017-08-07 11:32 - 001019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat

2017-08-04 15:12 - 2017-08-07 11:32 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat

2017-08-04 15:12 - 2017-08-07 11:32 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat

2017-08-04 15:12 - 2017-08-04 15:12 - 000455938 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat

2017-08-04 15:12 - 2017-08-04 15:12 - 000019678 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat

2017-08-04 15:12 - 2017-08-04 15:12 - 000003218 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton

2017-08-04 15:11 - 2017-08-09 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp

2017-08-04 15:11 - 2017-08-07 11:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2017-08-04 15:11 - 2017-08-04 15:11 - 000000000 ____D C:\WINDOWS\system32\SRSLabs

2017-08-04 15:11 - 2017-08-04 15:11 - 000000000 ____D C:\Program Files\Realtek

2017-08-04 15:07 - 2017-08-04 15:07 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Comms

2017-08-04 15:06 - 2017-08-10 14:49 - 077594624 _____ C:\WINDOWS\system32\config\SOFTWARE

2017-08-04 15:06 - 2017-08-10 14:49 - 034603008 _____ C:\WINDOWS\system32\config\SYSTEM

2017-08-04 15:06 - 2017-08-10 14:49 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2017-08-04 15:06 - 2017-08-10 14:49 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT

2017-08-04 15:06 - 2017-08-10 14:49 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY

2017-08-04 15:06 - 2017-08-04 15:40 - 000032768 _____ C:\WINDOWS\system32\config\SAM

2017-08-04 15:06 - 2017-08-04 15:31 - 000000000 ____D C:\WINDOWS\servicing

2017-08-04 15:06 - 2017-08-04 15:23 - 000000000 ____D C:\WINDOWS\system32\SMI

2017-08-04 15:06 - 2017-08-04 15:03 - 000000000 ____D C:\WINDOWS\Panther

2017-08-04 15:06 - 2017-08-04 15:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2017-08-04 15:05 - 2017-08-04 15:05 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Publishers

2017-08-04 15:04 - 2017-08-11 19:35 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Packages

2017-08-04 15:04 - 2017-08-10 14:16 - 001004914 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-08-04 15:04 - 2017-08-09 13:22 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Adobe

2017-08-04 15:04 - 2017-08-04 15:04 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\VirtualStore

2017-08-04 15:04 - 2017-08-04 15:04 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\Apps\2.0

2017-08-04 15:03 - 2017-08-08 10:28 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\ConnectedDevicesPlatform

2017-08-04 15:03 - 2017-08-04 15:03 - 000000020 ___SH C:\Users\PC ALIN\ntuser.ini

2017-08-04 15:03 - 2017-08-04 15:03 - 000000000 ____D C:\Users\PC ALIN\AppData\Local\TileDataLayer

2017-08-04 15:01 - 2017-08-11 11:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-08-04 15:00 - 2017-08-04 15:00 - 000039290 _____ C:\Users\PC ALIN\Desktop\Aplicații eliminate.html

2017-08-04 14:55 - 2017-08-11 11:13 - 000000000 ____D C:\Users\PC ALIN

2017-08-04 14:48 - 2017-08-04 14:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf

2017-08-04 14:47 - 2017-08-11 11:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2017-08-04 14:47 - 2017-08-05 13:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2017-08-04 14:47 - 2017-08-05 13:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2017-08-04 14:47 - 2017-08-04 14:47 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

2017-08-04 14:47 - 2017-08-04 14:47 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin

2017-08-04 14:47 - 2017-07-19 03:40 - 000513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2017-08-04 14:47 - 2017-07-19 02:24 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2017-08-04 14:47 - 2017-07-19 02:24 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2017-08-04 14:47 - 2017-07-19 01:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2017-08-04 14:47 - 2017-07-13 04:37 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin

2017-08-04 14:46 - 2017-08-04 14:46 - 000000000 ____D C:\Program Files\Intel

2017-08-04 14:45 - 2017-03-18 23:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-08-04 14:42 - 2017-08-11 20:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2017-08-04 14:42 - 2017-08-10 12:15 - 004844960 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-08-04 13:51 - 2017-08-04 15:41 - 000000000 ___HD C:\$SysReset

2017-08-04 13:44 - 2017-08-04 13:44 - 000015400 _____ C:\Users\PC ALIN\Downloads\amifldrv64.sys

2017-08-04 13:39 - 2017-08-04 13:40 - 000519600 _____ () C:\Users\PC ALIN\Downloads\DellSystemDetectLauncher.exe

2017-08-02 15:57 - 2017-08-02 15:57 - 000000000 ____D C:\Users\PC ALIN\Downloads\Piriform.CCleaner.Professional.v5.27.5976.Multilingual.Incl.Keymaker-CORE

2017-08-02 15:20 - 2017-08-02 15:20 - 000000016 _____ C:\Users\PC ALIN\.emulator_console_auth_token

2017-08-02 15:06 - 2017-08-03 18:28 - 000000000 ____D C:\Users\PC ALIN\AndroidStudioProjects

2017-08-02 15:06 - 2017-08-02 15:09 - 000000000 ____D C:\Users\PC ALIN\.gradle

2017-08-02 14:29 - 2017-08-02 14:30 - 000000000 ____D C:\Users\PC ALIN\.AndroidStudio2.3

2017-08-02 14:06 - 2017-08-02 14:06 - 000000000 ____D C:\Android

2017-08-02 13:40 - 2017-08-02 13:44 - 2020009280 _____ (Google Inc.) C:\Users\PC ALIN\Downloads\android-studio-bundle-162.4069837-windows.exe

2017-08-01 20:53 - 2017-08-01 20:54 - 000000000 ____D C:\Users\PC ALIN\Downloads\iDubbbz - I have Crippling Depression _ Create, discover and share awesome GIFs on Gfycat_files

2017-08-01 20:53 - 2017-08-01 20:53 - 000054631 _____ C:\Users\PC ALIN\Downloads\iDubbbz - I have Crippling Depression _ Create, discover and share awesome GIFs on Gfycat.html

2017-07-31 09:12 - 2017-07-31 09:12 - 000000000 ____D C:\Users\PC ALIN\Downloads\PopcornTime

2017-07-31 09:10 - 2017-07-31 09:10 - 051919949 _____ (Popcorn Time ) C:\Users\PC ALIN\Downloads\PopcornTime-latest.exe

2017-07-26 22:44 - 2017-07-26 22:44 - 077967920 _____ (TeamSpeak Systems GmbH) C:\Users\PC ALIN\Downloads\TeamSpeak3-Client-win64-3.1.5.exe

2017-07-23 21:53 - 2017-07-23 21:53 - 001166678 _____ C:\Users\PC ALIN\Documents\MarireableepuluiCarte.pdf

2017-07-19 20:10 - 2017-08-04 16:19 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk

2017-07-15 20:24 - 2017-07-15 21:09 - 000000000 ____D C:\ESD

2017-07-15 20:01 - 2017-07-15 20:01 - 000000000 ___HD C:\$Windows.~WS

2017-07-12 18:27 - 2017-07-07 09:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-07-12 18:27 - 2017-07-07 09:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-07-12 18:27 - 2017-07-07 09:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2017-07-12 18:27 - 2017-07-07 09:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-07-12 18:27 - 2017-07-07 08:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-07-12 18:27 - 2017-06-20 08:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2017-07-12 18:27 - 2017-06-20 08:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2017-07-12 18:27 - 2017-06-20 08:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-07-12 18:27 - 2017-06-20 07:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2017-07-12 18:27 - 2017-06-20 07:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-07-12 18:27 - 2017-06-20 07:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-07-12 18:27 - 2017-06-20 07:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-07-12 18:26 - 2017-07-07 17:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll

2017-07-12 18:26 - 2017-07-07 10:26 - 001065104 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2017-07-12 18:26 - 2017-07-07 10:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2017-07-12 18:26 - 2017-07-07 10:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll

2017-07-12 18:26 - 2017-07-07 10:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2017-07-12 18:26 - 2017-07-07 10:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2017-07-12 18:26 - 2017-07-07 10:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-07-12 18:26 - 2017-07-07 10:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2017-07-12 18:26 - 2017-07-07 10:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-07-12 18:26 - 2017-07-07 10:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2017-07-12 18:26 - 2017-07-07 10:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-07-12 18:26 - 2017-07-07 10:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2017-07-12 18:26 - 2017-07-07 10:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe

2017-07-12 18:26 - 2017-07-07 09:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

2017-07-12 18:26 - 2017-07-07 09:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll

2017-07-12 18:26 - 2017-07-07 09:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll

2017-07-12 18:26 - 2017-07-07 09:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2017-07-12 18:26 - 2017-07-07 09:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2017-07-12 18:26 - 2017-07-07 09:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll

2017-07-12 18:26 - 2017-07-07 09:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2017-07-12 18:26 - 2017-07-07 09:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-07-12 18:26 - 2017-07-07 09:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll

2017-07-12 18:26 - 2017-07-07 09:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll

2017-07-12 18:26 - 2017-07-07 09:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys

2017-07-12 18:26 - 2017-07-07 09:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll

2017-07-12 18:26 - 2017-07-07 09:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2017-07-12 18:26 - 2017-07-07 09:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2017-07-12 18:26 - 2017-07-07 09:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-07-12 18:26 - 2017-07-07 09:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-07-12 18:26 - 2017-07-07 09:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-07-12 18:26 - 2017-07-07 09:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2017-07-12 18:26 - 2017-07-07 09:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-07-12 18:26 - 2017-07-07 09:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2017-07-12 18:26 - 2017-07-07 09:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2017-07-12 18:26 - 2017-07-07 09:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2017-07-12 18:26 - 2017-07-07 09:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-07-12 18:26 - 2017-07-07 09:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-07-12 18:26 - 2017-07-07 09:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-07-12 18:26 - 2017-07-07 09:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-07-12 18:26 - 2017-07-07 09:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-07-12 18:26 - 2017-07-07 09:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-07-12 18:26 - 2017-07-07 09:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2017-07-12 18:26 - 2017-07-07 09:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll

2017-07-12 18:26 - 2017-07-07 09:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-07-12 18:26 - 2017-07-07 09:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2017-07-12 18:26 - 2017-07-07 09:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-07-12 18:26 - 2017-07-07 09:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll

2017-07-12 18:26 - 2017-07-07 09:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-07-12 18:26 - 2017-07-07 09:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll

2017-07-12 18:26 - 2017-07-07 09:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll

2017-07-12 18:26 - 2017-07-07 09:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-07-12 18:26 - 2017-07-07 09:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2017-07-12 18:26 - 2017-07-07 09:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2017-07-12 18:26 - 2017-07-07 09:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2017-07-12 18:26 - 2017-07-07 09:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2017-07-12 18:26 - 2017-07-07 09:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-07-12 18:26 - 2017-07-07 09:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-07-12 18:26 - 2017-07-07 09:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2017-07-12 18:26 - 2017-07-07 09:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2017-07-12 18:26 - 2017-07-07 08:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2017-07-12 18:26 - 2017-07-07 08:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-07-12 18:26 - 2017-07-07 08:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2017-07-12 18:26 - 2017-07-07 08:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-07-12 18:26 - 2017-07-07 08:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2017-07-12 18:26 - 2017-07-07 08:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-07-12 18:26 - 2017-07-07 08:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll

2017-07-12 18:26 - 2017-07-07 08:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe

2017-07-12 18:26 - 2017-07-02 01:52 - 000031932 ____N C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

2017-07-12 18:26 - 2017-06-20 09:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-07-12 18:26 - 2017-06-20 09:11 - 001395152 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2017-07-12 18:26 - 2017-06-20 09:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2017-07-12 18:26 - 2017-06-20 09:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2017-07-12 18:26 - 2017-06-20 09:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-07-12 18:26 - 2017-06-20 09:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-07-12 18:26 - 2017-06-20 09:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-07-12 18:26 - 2017-06-20 09:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-07-12 18:26 - 2017-06-20 08:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2017-07-12 18:26 - 2017-06-20 08:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2017-07-12 18:26 - 2017-06-20 08:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-07-12 18:26 - 2017-06-20 08:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2017-07-12 18:26 - 2017-06-20 08:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2017-07-12 18:26 - 2017-06-20 08:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2017-07-12 18:26 - 2017-06-20 08:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2017-07-12 18:26 - 2017-06-20 08:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe

2017-07-12 18:26 - 2017-06-20 08:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-07-12 18:26 - 2017-06-20 08:12 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys

2017-07-12 18:26 - 2017-06-20 08:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2017-07-12 18:26 - 2017-06-20 08:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-07-12 18:26 - 2017-06-20 08:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2017-07-12 18:26 - 2017-06-20 08:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-07-12 18:26 - 2017-06-20 08:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-07-12 18:26 - 2017-06-20 08:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll

2017-07-12 18:26 - 2017-06-20 08:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe

2017-07-12 18:26 - 2017-06-20 08:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-07-12 18:26 - 2017-06-20 08:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-07-12 18:26 - 2017-06-20 08:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-07-12 18:26 - 2017-06-20 08:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-07-12 18:26 - 2017-06-20 08:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2017-07-12 18:26 - 2017-06-20 08:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

2017-07-12 18:26 - 2017-06-20 08:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-07-12 18:26 - 2017-06-20 08:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll

2017-07-12 18:26 - 2017-06-20 08:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-07-12 18:26 - 2017-06-20 08:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-07-12 18:26 - 2017-06-20 08:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-07-12 18:26 - 2017-06-20 08:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-07-12 18:26 - 2017-06-20 08:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2017-07-12 18:26 - 2017-06-20 08:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-07-12 18:26 - 2017-06-20 08:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2017-07-12 18:26 - 2017-06-20 08:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-07-12 18:26 - 2017-06-20 08:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2017-07-12 18:26 - 2017-06-20 08:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll

2017-07-12 18:26 - 2017-06-20 08:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll

2017-07-12 18:26 - 2017-06-20 08:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-07-12 18:26 - 2017-06-20 08:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2017-07-12 18:26 - 2017-06-20 08:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-07-12 18:26 - 2017-06-20 08:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2017-07-12 18:26 - 2017-06-20 08:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-07-12 18:26 - 2017-06-20 07:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-07-12 18:26 - 2017-06-20 07:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-07-12 18:26 - 2017-06-20 07:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll

2017-07-12 18:26 - 2017-06-20 07:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-07-12 18:26 - 2017-06-20 07:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-12 18:26 - 2017-06-20 07:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll

2017-07-12 18:26 - 2017-06-20 07:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-07-12 18:26 - 2017-06-20 07:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll

2017-07-12 18:26 - 2017-06-20 07:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll

2017-07-12 18:26 - 2017-06-20 07:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll

2017-07-12 18:26 - 2017-06-20 07:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-07-12 18:26 - 2017-06-20 07:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-07-12 18:26 - 2017-06-20 07:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll

2017-07-12 18:26 - 2017-06-20 07:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2017-07-12 18:26 - 2017-06-20 07:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2017-07-12 18:26 - 2017-06-20 07:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll

2017-07-12 18:26 - 2017-06-20 07:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-07-12 18:26 - 2017-06-20 07:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-07-12 18:26 - 2017-06-20 07:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2017-07-12 18:26 - 2017-06-20 07:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-07-12 18:26 - 2017-06-20 07:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll

2017-07-12 18:26 - 2017-06-20 07:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll

2017-07-12 18:26 - 2017-06-20 07:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll

2017-07-12 18:26 - 2017-06-20 07:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2017-07-12 18:26 - 2017-06-20 07:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2017-07-12 18:26 - 2017-06-20 07:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll

2017-07-12 18:26 - 2017-06-20 07:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2017-07-12 18:26 - 2017-06-20 07:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2017-07-12 18:26 - 2017-06-20 07:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-07-12 18:26 - 2017-06-20 07:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll

2017-07-12 18:26 - 2017-06-20 07:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-07-12 18:26 - 2017-06-20 07:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2017-07-12 18:26 - 2017-06-20 07:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-07-12 18:26 - 2017-06-20 07:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-07-12 18:26 - 2017-06-20 07:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-07-12 18:26 - 2017-06-20 07:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-07-12 18:26 - 2017-06-20 07:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv

2017-07-12 18:26 - 2017-06-20 07:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll

2017-07-12 18:26 - 2017-06-20 07:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2017-07-12 18:25 - 2017-07-07 10:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-07-12 18:25 - 2017-07-07 10:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-07-12 18:25 - 2017-07-07 10:27 - 000965024 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi

2017-07-12 18:25 - 2017-07-07 10:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe

2017-07-12 18:25 - 2017-07-07 10:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-07-12 18:25 - 2017-07-07 10:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2017-07-12 18:25 - 2017-07-07 10:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2017-07-12 18:25 - 2017-07-07 10:17 - 001017760 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2017-07-12 18:25 - 2017-07-07 10:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2017-07-12 18:25 - 2017-07-07 10:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll

2017-07-12 18:25 - 2017-07-07 10:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2017-07-12 18:25 - 2017-07-07 10:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-07-12 18:25 - 2017-07-07 10:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe

2017-07-12 18:25 - 2017-07-07 10:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll

2017-07-12 18:25 - 2017-07-07 10:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll

2017-07-12 18:25 - 2017-07-07 09:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2017-07-12 18:25 - 2017-07-07 09:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2017-07-12 18:25 - 2017-07-07 09:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll

2017-07-12 18:25 - 2017-07-07 09:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll

2017-07-12 18:25 - 2017-07-07 09:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll

2017-07-12 18:25 - 2017-07-07 09:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-07-12 18:25 - 2017-07-07 09:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll

2017-07-12 18:25 - 2017-07-07 09:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-07-12 18:25 - 2017-07-07 09:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll

2017-07-12 18:25 - 2017-07-07 09:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-07-12 18:25 - 2017-07-07 09:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2017-07-12 18:25 - 2017-07-07 09:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll

2017-07-12 18:25 - 2017-07-07 09:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-07-12 18:25 - 2017-07-07 09:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-07-12 18:25 - 2017-07-07 09:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2017-07-12 18:25 - 2017-07-07 09:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-07-12 18:25 - 2017-07-07 09:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2017-07-12 18:25 - 2017-07-07 09:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-07-12 18:25 - 2017-07-07 09:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-07-12 18:25 - 2017-07-07 09:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-07-12 18:25 - 2017-07-07 09:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2017-07-12 18:25 - 2017-07-07 09:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe

2017-07-12 18:25 - 2017-07-07 09:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2017-07-12 18:25 - 2017-07-07 09:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll

2017-07-12 18:25 - 2017-07-07 09:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll

2017-07-12 18:25 - 2017-06-20 09:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-07-12 18:25 - 2017-06-20 09:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-07-12 18:25 - 2017-06-20 09:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-07-12 18:25 - 2017-06-20 09:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-07-12 18:25 - 2017-06-20 09:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-07-12 18:25 - 2017-06-20 09:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-07-12 18:25 - 2017-06-20 09:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-07-12 18:25 - 2017-06-20 09:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-07-12 18:25 - 2017-06-20 09:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-07-12 18:25 - 2017-06-20 09:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2017-07-12 18:25 - 2017-06-20 09:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll

2017-07-12 18:25 - 2017-06-20 09:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe

2017-07-12 18:25 - 2017-06-20 09:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-07-12 18:25 - 2017-06-20 09:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-07-12 18:25 - 2017-06-20 09:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2017-07-12 18:25 - 2017-06-20 08:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2017-07-12 18:25 - 2017-06-20 08:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll

2017-07-12 18:25 - 2017-06-20 08:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-07-12 18:25 - 2017-06-20 08:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll

2017-07-12 18:25 - 2017-06-20 08:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll

2017-07-12 18:25 - 2017-06-20 08:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-07-12 18:25 - 2017-06-20 08:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys

2017-07-12 18:25 - 2017-06-20 08:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-12 18:25 - 2017-06-20 08:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2017-07-12 18:25 - 2017-06-20 08:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll

2017-07-12 18:25 - 2017-06-20 08:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-07-12 18:25 - 2017-06-20 08:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll

2017-07-12 18:25 - 2017-06-20 08:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll

2017-07-12 18:25 - 2017-06-20 08:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll

2017-07-12 18:25 - 2017-06-20 08:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll

2017-07-12 18:25 - 2017-06-20 08:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2017-07-12 18:25 - 2017-06-20 08:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-07-12 18:25 - 2017-06-20 08:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll

2017-07-12 18:25 - 2017-06-20 08:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-07-12 18:25 - 2017-06-20 08:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2017-07-12 18:25 - 2017-06-20 08:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2017-07-12 18:25 - 2017-06-20 08:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-07-12 18:25 - 2017-06-20 08:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll

2017-07-12 18:25 - 2017-06-20 08:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll

2017-07-12 18:25 - 2017-06-20 08:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll

2017-07-12 18:25 - 2017-06-20 08:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-07-12 18:25 - 2017-06-20 08:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2017-07-12 18:25 - 2017-06-20 08:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-07-12 18:25 - 2017-06-20 08:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-07-12 18:25 - 2017-06-20 08:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2017-07-12 18:25 - 2017-06-20 08:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2017-07-12 18:25 - 2017-06-20 08:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2017-07-12 18:25 - 2017-06-20 08:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-07-12 18:25 - 2017-06-20 08:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll

2017-07-12 18:25 - 2017-06-20 08:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-07-12 18:25 - 2017-06-20 08:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll

2017-07-12 18:25 - 2017-06-20 08:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2017-07-12 18:25 - 2017-06-20 08:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-07-12 18:25 - 2017-06-20 08:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-07-12 18:25 - 2017-06-20 08:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2017-07-12 18:25 - 2017-06-20 08:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-07-12 18:25 - 2017-06-20 07:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2017-07-12 18:25 - 2017-06-20 07:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll

2017-07-12 18:25 - 2017-06-20 07:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-11 19:34 - 2017-04-30 22:26 - 000000000 ____D C:\Users\PC ALIN\AppData\LocalLow\IObit

2017-08-11 13:49 - 2017-01-04 23:08 - 000000000 ____D C:\Users\PC ALIN\Documents\MEMES

2017-08-11 13:07 - 2015-06-17 22:36 - 000005493 _____ C:\Users\PC ALIN\Desktop\K.txt

2017-08-11 11:14 - 2015-03-16 23:30 - 000000000 __SHD C:\Users\PC ALIN\IntelGraphicsProfiles

2017-08-09 18:58 - 2017-01-20 23:50 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line

2017-08-08 19:40 - 2017-01-20 23:51 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2

2017-08-07 11:33 - 2017-05-18 13:45 - 000204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys

2017-08-07 11:30 - 2015-08-04 00:24 - 003503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2017-08-07 11:30 - 2015-08-04 00:24 - 003203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2017-08-07 11:30 - 2015-08-04 00:24 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2017-08-07 11:30 - 2015-08-04 00:21 - 005545512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2017-08-07 11:30 - 2015-08-04 00:21 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

2017-08-05 19:42 - 2016-11-29 22:15 - 000000000 ____D C:\Users\PC ALIN\Downloads\brutus-aet2-darknet

2017-08-05 13:06 - 2017-02-07 01:42 - 000000000 ____D C:\temp

2017-08-05 11:42 - 2017-02-14 22:00 - 000000000 __SHD C:\AI_RecycleBin

2017-08-04 18:11 - 2015-08-03 20:52 - 000000000 __RHD C:\Users\Public\AccountPictures

2017-08-04 15:00 - 2015-03-17 09:30 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2017-08-04 14:59 - 2016-12-24 09:49 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2017-08-04 14:59 - 2016-08-21 09:33 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi

2017-08-04 14:59 - 2016-05-31 21:54 - 000000000 ____D C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2017-08-02 15:42 - 2015-11-06 22:12 - 000000000 ____D C:\Users\PC ALIN\.android

2017-08-02 12:33 - 2017-03-29 21:21 - 000000000 ____D C:\Users\PC ALIN\Documents\A

2017-07-30 22:09 - 2017-01-23 19:54 - 000015212 _____ C:\Users\PC ALIN\Documents\starburn.txt

2017-07-28 18:13 - 2015-04-09 18:02 - 000000000 ____D C:\Users\PC ALIN\Documents\My Games

2017-07-24 22:06 - 2017-05-04 15:51 - 000984032 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2017-07-19 03:40 - 2017-06-09 21:56 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2017-07-19 03:40 - 2017-06-09 21:56 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2017-07-19 03:40 - 2017-06-09 21:56 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb

 

==================== Files in the root of some directories =======

 

2017-08-09 13:25 - 2017-08-09 13:26 - 000000132 _____ () C:\Users\PC ALIN\AppData\Roaming\Adobe PNG Format CS6 Prefs

2017-08-10 14:04 - 2017-08-10 14:04 - 000050156 _____ () C:\ProgramData\agent.1502363078.bdinstall.bin

2017-08-11 19:35 - 2017-08-11 19:35 - 000030414 _____ () C:\ProgramData\agent.uninstall.1502469299.bdinstall.bin

2017-08-10 14:54 - 2017-08-10 14:54 - 000030916 _____ () C:\ProgramData\agent.update.1502366073.bdinstall.bin

2017-08-04 15:12 - 2017-08-04 15:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

 

Some files in TEMP:

====================

2013-08-05 09:15 - 2013-08-05 09:15 - 004292136 _____ (www.Bandisoft.com) C:\Users\PC ALIN\AppData\Local\Temp\bdfilters.dll

2017-08-04 16:04 - 2017-08-04 16:04 - 002146496 _____ (BitTorrent Inc.) C:\Users\PC ALIN\AppData\Local\Temp\utt5AA5.tmp.exe

2017-08-08 20:16 - 2017-08-08 20:16 - 030950664 _____ () C:\Users\PC ALIN\AppData\Local\Temp\vlc-2.2.6-win32.exe

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2017-08-04 14:42

 

==================== End of FRST.txt ============================


Edited by Kerox, 11 August 2017 - 12:44 PM.


#4 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 11 August 2017 - 12:42 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by PC ALIN (11-08-2017 20:25:38)
Running from C:\Users\PC ALIN\Downloads
Windows 10 Pro Version 1703 (X64) (2017-08-04 12:03:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3261217118-1789687074-152833201-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3261217118-1789687074-152833201-503 - Limited - Disabled)
Guest (S-1-5-21-3261217118-1789687074-152833201-501 - Limited - Disabled)
PC ALIN (S-1-5-21-3261217118-1789687074-152833201-1001 - Administrator - Enabled) => C:\Users\PC ALIN
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 17.04.0003 - Bloody)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
f.lux (HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Flux) (Version:  - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
League of Legends (HKLM-x32\...\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Opera Neon (HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.2.14.487 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-16] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {017CB183-1262-49DE-8A7E-516BE5E1FC61} - System32\Tasks\Driver Booster SkipUAC (PC ALIN) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: {1F91E8C9-664C-4B5F-AB51-E99D765233E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {291EE332-1252-46E6-95D1-85F16FC6573A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {3DB8F8B4-C75C-4612-AAFE-377B39200A30} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {59E1F712-C685-4F98-9344-6F9E19639884} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {80A3582B-362E-49C5-AE67-C687AFCF49C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {83B64CD1-A7E6-44F0-A2FA-D5C0DAC7C420} - System32\Tasks\bandicam_start => C:\Program Files (x86)\Bandicam\bdcam.exe [2016-11-24] (www.Bandisoft.com)
Task: {996DEC59-7A1D-44C3-BBC4-09518A6AAA5C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {A0F70E97-08A4-4FE4-A149-D260209B1F89} - System32\Tasks\Uninstaller_SkipUac_PC_ALIN => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {A5B8BDF9-07C1-4507-9147-FFD540CD5BE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-04] (Google Inc.)
Task: {AF6375B8-4084-420B-935C-CD5FD18F0313} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-07] (Realtek Semiconductor)
Task: {BFC713FE-7238-46B1-BBA3-10E42F58FE0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {D1E7B6A7-C90F-4D47-A9AB-ECBAF9059273} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-08-05] (Adobe Systems Incorporated)
Task: {D231542D-8A1E-4BDD-A574-2BF27C73AC0D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {DE703306-AB39-41E5-9FA4-7AD3E14503AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-04] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_PC_ALIN.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-08-04 14:47 - 2017-07-19 02:24 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-08-05 12:45 - 2017-07-26 20:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 23:58 - 2017-03-18 23:58 - 000138000 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-16 01:21 - 2017-02-16 01:21 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 23:59 - 2017-03-20 07:10 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-05 11:51 - 2017-08-05 11:52 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-05 11:51 - 2017-08-05 11:52 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-05 12:45 - 2017-07-26 20:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-04 15:25 - 2017-03-29 16:15 - 002250792 _____ () C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\1.0.2531.0\libglesv2.dll
2017-08-04 15:25 - 2017-03-29 16:15 - 000086568 _____ () C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\1.0.2531.0\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-08-04 15:23 - 2017-08-08 19:44 - 000000911 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 ssl.bandisoft.com
127.0.0.1 cert.bandicam.com127.0.0.1 www.r2rdownload.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Control Panel\Desktop\\Wallpaper -> c:\users\pc alin\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\windows photo viewer wallpaper.jpg
DNS Servers: 95.77.94.88 - 78.96.7.88
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\...\StartupApproved\Run: => "Skype"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{D616780B-14C6-4933-9290-A790A2955A2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46FD5CA0-94AD-4E84-A6E2-C5B8391AB33C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8F1980FD-6E94-4556-8C46-C80B115CCB51}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{9A93D2CB-F60C-48E1-B584-F4C28BB6DA07}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{BCDA0566-2E66-4362-B67B-4860A2FCE7D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C3DC6431-6D84-4A27-AF18-1C180D68B4A7}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CDC59E54-910A-4FAA-8E9A-616731835350}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{57D6E1F3-1AAD-4BAE-856D-E23592BD8A61}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{18885A59-4CC8-4590-BFCD-5B0A112B2F0F}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9C7125AD-246D-4FE2-8C51-F06543DCA144}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EDBD3FC4-90EC-41ED-A2FD-11F7ECB984A7}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{613C4CC8-9C98-4025-9667-2667CBCEB4AD}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{990D6ACE-B2EC-4DDC-9B90-2E0293577378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2FAC01CB-852A-4D57-94C5-50286C01E996}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AD6B7180-D666-493B-AEBB-8D9C93E18E28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{ADFD0921-456F-470A-BBFC-F3813AE5B7D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{30DDFA70-C3D8-4E60-A69C-E979337D40CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A00A7868-F8E1-40E2-97B2-2787ED156F4F}C:\users\pc alin\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc alin\appdata\local\vghd\bin\vghd.exe
FirewallRules: [UDP Query User{C7CD600A-9C2E-42F2-8935-D86D49CD1BAC}C:\users\pc alin\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc alin\appdata\local\vghd\bin\vghd.exe
FirewallRules: [{4BB5C068-CB28-4C91-A558-26DE60E75500}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{5ADD4064-1877-4928-8EAC-418840AD4CA6}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [TCP Query User{086807A6-26B3-4C93-B505-C997BCFCD879}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9FF3C3D4-68DB-4F61-898F-B05219E8B8F5}D:\games\hearthstone\hearthstone.exe] => (Block) D:\games\hearthstone\hearthstone.exe
 
==================== Restore Points =========================
 
04-08-2017 15:09:29 Windows Update
07-08-2017 11:27:48 Driver Booster : Realtek High Definition Audio
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/11/2017 12:30:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.16.198.3278 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 151c
 
Start Time: 01d31284568bb4b8
 
Termination Time: 4294967295
 
Application Path: D:\Games\RADS\projects\league_client\releases\0.0.0.89\deploy\LeagueClientUx.exe
 
Report Id: 7f044d59-c462-485f-bb20-28da4763f995
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/11/2017 11:28:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.15063.0, time stamp: 0x02799ef5
Faulting module name: appraiser.dll_unloaded, version: 10.0.15156.1008, time stamp: 0x9e6eb7d4
Exception code: 0xc0000005
Fault offset: 0x0000000000001000
Faulting process id: 0x16e8
Faulting application start time: 0x01d3127a8a735c93
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: appraiser.dll
Report Id: c84051f5-8a08-4ddb-940e-6bbc8aeef0e6
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/10/2017 07:04:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALIN)
Description: Package Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (08/10/2017 02:04:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (08/09/2017 06:21:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program neon.exe version 1.0.2531.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2d54
 
Start Time: 01d3110647f04ec6
 
Termination Time: 4294967295
 
Application Path: C:\Users\PC ALIN\AppData\Local\Opera Software\Opera Neon\Application\neon.exe
 
Report Id: 4f8bf78e-7e03-4a50-a542-91218c598ede
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/09/2017 02:54:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.15063.447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 828
 
Start Time: 01d310e11832d331
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 53df9f25-55bd-40e5-8cb6-b7e2a0a956dd
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/09/2017 12:33:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (08/07/2017 11:25:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: uTorrent.exe, version: 2.2.1.25110, time stamp: 0x4d78393f
Faulting module name: GDI32.dll, version: 10.0.15063.483, time stamp: 0x88a53c1d
Exception code: 0xc000041d
Fault offset: 0x00005836
Faulting process id: 0x28c0
Faulting application start time: 0x01d30fa8e3e816fa
Faulting application path: C:\Program Files (x86)\uTorrent\uTorrent.exe
Faulting module path: C:\WINDOWS\System32\GDI32.dll
Report Id: 5e322ff9-1ce1-4473-abf3-af2e3252c96f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/07/2017 11:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: uTorrent.exe, version: 2.2.1.25110, time stamp: 0x4d78393f
Faulting module name: ntdll.dll, version: 10.0.15063.447, time stamp: 0xd51d5c5e
Exception code: 0xc0000005
Fault offset: 0x00042dd5
Faulting process id: 0x28c0
Faulting application start time: 0x01d30fa8e3e816fa
Faulting application path: C:\Program Files (x86)\uTorrent\uTorrent.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a3e7ef0a-efe7-49ba-a371-677b9c0720fe
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/07/2017 12:10:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Metin2OG.exe version 1.0.28249.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1458
 
Start Time: 01d30f5ce286838f
 
Termination Time: 4294967295
 
Application Path: D:\Games\Metin2OG\Metin2OG.exe
 
Report Id: a6f62af9-c8af-4ebf-9b06-1eb12ebe5b0d
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (08/11/2017 06:03:36 PM) (Source: DCOM) (EventID: 10016) (User: ALIN)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Alin\PC ALIN SID (S-1-5-21-3261217118-1789687074-152833201-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/11/2017 01:45:07 PM) (Source: DCOM) (EventID: 10016) (User: ALIN)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user Alin\PC ALIN SID (S-1-5-21-3261217118-1789687074-152833201-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/11/2017 11:44:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IMF Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/11/2017 11:29:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Repornire serviciu) after the unexpected termination of the Windows Update service, but this action failed with the following error: 
An instance of the service is already running.
 
Error: (08/11/2017 11:28:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Repornire serviciu.
 
Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RzActionSvc service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Manager Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the RzActionSvc service to connect.
 
Error: (08/11/2017 11:13:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Razer Game Manager Service service to connect.
 
Error: (08/11/2017 11:13:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
 
CodeIntegrity:
===================================
  Date: 2017-08-11 13:36:36.097
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-10 12:26:51.590
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-08 21:54:04.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-07 23:34:30.113
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 16:05:10.463
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-05 19:37:13.502
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_1a197825c61edb6c\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-04 21:27:02.306
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-04 21:27:02.144
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 59%
Total physical RAM: 3999.98 MB
Available physical RAM: 1630.27 MB
Total Virtual: 5343.98 MB
Available Virtual: 2458.47 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:246.74 GB) (Free:175.13 GB) NTFS
Drive d: (Goodies) (Fixed) (Total:683.59 GB) (Free:158.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1A327A34)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=246.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)
Partition 4: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 11 August 2017 - 01:04 PM

Thank you Alin. It is nice to meet you too.

Leave those for now.

Which browser(s) does this happen with?

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
C:\Users\PC ALIN\Downloads\2FEE.tmp
C:\Users\PC ALIN\AppData\Local\Temp\utt5AA5.tmp.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282}
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30}
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3}
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282}
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30}
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Classes\regfile: regedit.exe "%1"
File: D:\Games\Metin2OG\Metin2OG.exe
AutoConfigURL: [S-1-5-21-3261217118-1789687074-152833201-1001] => hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: Bitsadmin /Reset /Allusers
hosts:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
  • Check you browser behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Which browser(s)?
  • Fixlog
  • Update on browser behavior

Edited by Oh My!, 11 August 2017 - 01:06 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 11 August 2017 - 01:45 PM

I know I risk my security when I download torrents,but I download them from a private tracker and from what I know they don't have viruses. I deleted some of them but I kept a few games. Opera Neon is my default browser but those pop-ups and redirects happened on Google Chrome too. After fix and reboot my browsers seem ok. I will keep opening links and come with an edit in a few minutes to tell if it's solved or not.
 
Edit: happened again on Opera Neon,clicked on a youtube video and got a pop-up and some youtube titles are highlighted and if I click there it opens a securesurf.biz search.
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by PC ALIN (11-08-2017 21:22:55) Run:1
Running from C:\Users\PC ALIN\Desktop
Loaded Profiles: PC ALIN (Available Profiles: PC ALIN)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
CloseProcesses:
C:\Users\PC ALIN\Downloads\2FEE.tmp
C:\Users\PC ALIN\AppData\Local\Temp\utt5AA5.tmp.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282}
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30}
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3}
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282}
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30}
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Classes\regfile: regedit.exe "%1"
File: D:\Games\Metin2OG\Metin2OG.exe
AutoConfigURL: [S-1-5-21-3261217118-1789687074-152833201-1001] => hxxp://access-fast-web.com/wpad.dat?e0abd230f1c9cea27f843b718dfc273034433381
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: Bitsadmin /Reset /Allusers
hosts:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\PC ALIN\Downloads\2FEE.tmp => moved successfully
C:\Users\PC ALIN\AppData\Local\Temp\utt5AA5.tmp.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found. 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found. 
HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found. 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found. 
HKLM\Software\Classes\CLSID\ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found. 
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Classes\regfile => key removed successfully
 
========================= File: D:\Games\Metin2OG\Metin2OG.exe ========================
 
File not signed
MD5: AA1B7DCDA5032EDF92705F6AB094479D
Creation and modification date: 2017-07-25 21:29 - 2013-04-16 18:03
Size: 003370496
Attributes: ----A
Company Name: Ymir Entertainment
Internal Name: Metin2Client
Original Name: Metin2Client.exe
Product: Metin2Client
Description: Metin2Client
File Version: 1.0.28249.1
Product Version: 1, 0, 0, 1
Copyright: Copyright © 2011
VirusTotal: 0
 
====== End of File: ======
 
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
 
========= RemoveProxy: =========
 
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3261217118-1789687074-152833201-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
 
 
The system needed a reboot.
 
==== End of Fixlog 21:24:10 ====

Edited by Kerox, 11 August 2017 - 02:02 PM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 11 August 2017 - 04:39 PM

Thank you.

Can you tell me if the same thing currently happens with Chrome, Edge and Internet Explorer?

Are you familiar with Ymir Entertainment/Metin2Client

Please run these.

===================================================

Shortcut Cleaner

--------------------

  • Download Shortcut Cleaner and save it to your desktop
  • Right click on sc-cleaner.exe and select Run as administrator
  • After the program automatically launches an sc-cleaner.txt file will be placed on your desktop
  • Copy and paste the contents of the report in your reply

===================================================

Zemana AntiMalware Portable

--------------------

  • Download Zemana AntiMalware Portable and save it to your Desktop
  • Right click the icon and select Run as administrator
  • Click Scan
  • If entries are identified click Next
  • When complete click on the 3 bars near the upper right corner of the screen
  • Double click on the file dated today
  • Copy and paste the information in your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

  • Ymir Entertainment?
  • Other browsers?
  • Zemana report
  • Update on browser behavior

Edited by Oh My!, 12 August 2017 - 02:06 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 12 August 2017 - 09:42 AM

Lol,is Metin2client the problem? 

Yup,it happens with Edge and Chrome too.

 

Shortcut Cleaner 1.4.9.6 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 
Windows Version: Windows 10 Pro 
Program started at: 08/12/2017 05:09:54 PM.
 
Scanning for registry hijacks:
 
 * No issues found in the Registry.
 
Searching for Hijacked Shortcuts:
 
Searching C:\Users\PC ALIN\AppData\Roaming\Microsoft\Windows\Start Menu\
 
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
 
Searching C:\Users\PC ALIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
 
Searching C:\Users\Public\Desktop\
 
Searching C:\Users\PC ALIN\Desktop\
 
Searching C:\Users\Public\Desktop\
 
 
0 bad shortcuts found.
 
Program finished at: 08/12/2017 05:09:57 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
 
 
Zemana AntiMalware 2.74.2.76 (Portable)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017-8-12
Operating System       : Windows 10 64-bit
Processor              : 4X Intel® Core™ i5-4210U CPU @ 1.70GHz
BIOS Mode              : Legacy
CUID                   : 127EE69064758418C28D50
Scan Type              : System Scan
Duration               : 27m 8s
Scanned Objects        : 157369
Detected Objects       : 0
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
No threats detected
 


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 12 August 2017 - 02:14 PM

Greetings,

Lol,is Metin2client the problem?

There are some sites that flag one of the files as potentially malicious. Shall I assume you are aware of the program?

-----
 

Edit: happened again on Opera Neon,clicked on a youtube video and got a pop-up and some youtube titles are highlighted and if I click there it opens a securesurf.biz search.


Are you only having issues with Youtube?

When you click on a Youtube video do you normally get a pop up? If the pop up is not normal please take a screen shot of this window and attach it to your reply.

Right click on one of the highlighted titles, select Copy Link Location, and paste that information in your reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 12 August 2017 - 02:41 PM

I used to play that game a few years ago,now I really want to stop playing it so deleting it won't be a problem. 

Not really on youtube,when I visit some sites,some words are highlighted and when I click random in some windows liveadexchanger or some games pop-up. Sometimes my searches are redirected with plusnetwork or yahoo or something with b...

It doesn't really happen too often,I will post a screshot if I see any pop-up or redirect



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 12 August 2017 - 02:53 PM

I would recommend removing the program. Suspicious modifications were made to at least one of the files on 7-25-17.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CloseProcesses:
D:\Games\Metin2OG
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Kerox

Kerox
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 12 August 2017 - 04:02 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08-2017
Ran by PC ALIN (12-08-2017 23:52:58) Run:2
Running from C:\Users\PC ALIN\Desktop
Loaded Profiles: PC ALIN (Available Profiles: PC ALIN)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CloseProcesses:
D:\Games\Metin2OG
 
*****************
 
Processes closed successfully.
D:\Games\Metin2OG => moved successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 23:54:14 ====


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 12 August 2017 - 04:07 PM

Thanks, guess we just wait and see.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 14 August 2017 - 06:49 PM

How are we doing?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,622 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 15 August 2017 - 09:42 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users