Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adw cleaner reporting PUP's , Can someone check for me please ?


  • This topic is locked This topic is locked
14 replies to this topic

#1 the geekfreak

the geekfreak

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 28 August 2017 - 01:18 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Satch (administrator) on DESKTOP-47ES84T (28-08-2017 19:16:20)
Running from C:\Users\dan44\Downloads
Loaded Profiles: Satch (Available Profiles: Satch & danie & danie_a63rkla)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.22\AsusFanControlService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(PreSonus) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
() C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(PreSonus) C:\Program Files\PreSonus\Universal Control\Universal Control.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1216512 2017-04-12] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\Run: [ISM] => C:\Program Files (x86)\Common Files\Intel\Intel Software Manager\ism2.exe [423064 2015-10-05] (Intel Corporation)
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [12654080 2017-08-17] (PreSonus)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts\User: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{61e2db3e-2b72-4967-bbdb-d96901125688}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-150517238-643256998-2923789579-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dan44\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-150517238-643256998-2923789579-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dan44\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://duckduckgo.com/
CHR StartupUrls: Default -> "hxxps://duckduckgo.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (BetterTTV) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-05-29]
CHR Extension: (Google Drive) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-29]
CHR Extension: (DuckDuckGo Search) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-08-12]
CHR Extension: (James White) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-08-12]
CHR Extension: (YouTube) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-29]
CHR Extension: (uBlock Origin) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]
CHR Profile: C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-24]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-07-27] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.22\AsusFanControlService.exe [2683864 2016-12-15] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-23] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2168672 2017-07-26] (Electronic Arts)
S2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3148128 2017-07-26] (Electronic Arts)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [367616 2017-08-17] (PreSonus) [File not signed]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [50800 2017-08-17] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-05-29] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-03-19] (Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2016-12-15] (ASUSTeK Computer Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-07-10] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2017-04-06] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2017-04-06] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2017-04-06] (Logitech Inc.)
R1 MpKsla699b328; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9878E769-554D-4FD0-8806-D73EB703FCBD}\MpKsla699b328.sys [44928 2017-08-28] (Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Windows ® Win 7 DDK provider)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9ab613610b40aa98\nvlddmkm.sys [15610296 2017-08-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [301656 2017-03-20] ()
R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [67672 2017-03-20] ()
S3 RDID1179; C:\WINDOWS\system32\Drivers\RDWM1179.SYS [387072 2016-06-06] (Roland Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-08-27] (Wellbia.com Co., Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-28 19:16 - 2017-08-28 19:16 - 000017553 _____ C:\Users\dan44\Downloads\FRST.txt
2017-08-28 19:16 - 2017-08-28 19:16 - 000000000 ____D C:\FRST
2017-08-28 19:15 - 2017-08-28 19:15 - 002395648 _____ (Farbar) C:\Users\dan44\Downloads\FRST64.exe
2017-08-28 19:13 - 2017-08-28 19:13 - 000001470 _____ C:\Users\dan44\Desktop\AdwCleaner[S3].txt
2017-08-27 15:35 - 2017-08-27 15:35 - 000000000 ____D C:\Users\dan44\Documents\RC-20 Retro Color Logs
2017-08-27 14:23 - 2017-08-27 14:23 - 000000000 ____D C:\Users\dan44\Documents\RC-20 Retro Color
2017-08-27 09:40 - 2017-08-27 09:40 - 000000120 _____ C:\Users\dan44\Desktop\Guitar tools.url
2017-08-27 08:33 - 2017-08-28 08:05 - 000009929 _____ C:\Users\dan44\Documents\When pictures end up in the wrong hands.odt
2017-08-27 08:33 - 2017-08-27 08:33 - 000008564 _____ C:\Users\dan44\Documents\Untitled 1.odt
2017-08-26 21:38 - 2017-08-26 21:38 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign33f7a0447ace80a2
2017-08-26 21:37 - 2017-08-26 21:37 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5d982fbf0569b31e
2017-08-26 17:10 - 2017-08-27 18:09 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Chord and Scale Library
2017-08-26 17:07 - 2017-08-27 18:09 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Chords
2017-08-26 17:06 - 2017-08-26 17:06 - 000000679 _____ C:\Users\dan44\Desktop\Fretlight Studio 6.lnk
2017-08-26 17:06 - 2014-03-29 17:31 - 000747008 _____ (Trace Systems, Inc.) C:\WINDOWS\SysWOW64\HIDagentXControl1.ocx
2017-08-26 17:06 - 2013-11-08 21:56 - 001066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2017-08-26 17:06 - 2013-11-08 21:56 - 000647872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2017-08-26 17:06 - 2013-11-08 21:56 - 000140488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2017-08-26 17:06 - 2013-11-08 21:55 - 003668992 _____ C:\WINDOWS\SysWOW64\ffdshow.ax
2017-08-26 17:06 - 2013-11-08 21:55 - 000563200 _____ (MPC-HC Team) C:\WINDOWS\SysWOW64\MP4Splitter.ax
2017-08-26 17:06 - 2013-11-08 21:55 - 000140288 _____ (Optek Music Systems, Inc) C:\WINDOWS\SysWOW64\mmx.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000114688 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcFRMSHAPECTL.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000090112 _____ (hxxp://www.mvps.org/vb) C:\WINDOWS\SysWOW64\ccrpTmr6.dll
2017-08-26 17:06 - 2013-11-08 21:55 - 000077824 _____ (GDCL (www.gdcl.co.uk)) C:\WINDOWS\SysWOW64\WMFDemux.dll
2017-08-26 17:06 - 2013-11-08 21:55 - 000061440 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcSLIDERCTL.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000057399 _____ C:\WINDOWS\SysWOW64\Registry Control.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000053248 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcMASKPICCTL.ocx
2017-08-25 14:36 - 2017-08-25 14:36 - 000000928 _____ C:\Users\dan44\Desktop\Origin.exe - Shortcut.lnk
2017-08-24 14:26 - 2017-08-24 14:26 - 000748584 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 14:26 - 2017-08-24 14:26 - 000000000 ____D C:\Users\dan44\AppData\Roaming\EasyAntiCheat
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignea50420948253331
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign548b7c960fc33acd
2017-08-24 08:11 - 2017-08-24 08:11 - 075035712 _____ (PreSonus) C:\Users\dan44\Downloads\PreSonus_Universal_Control_Installer-44119 2.2.0.44119.exe
2017-08-24 08:11 - 2017-08-24 08:11 - 000001076 _____ C:\Users\dan44\Desktop\Universal Control.lnk
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9405bc68982f07fe
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign62cae7acfaa779b2
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb28d5e38b5063945
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign56bb948915b3c924
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc3ffc939d877171a
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign39b9a6dfce267862
2017-08-23 14:47 - 2017-08-23 14:47 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf7386ece4d3c68b0
2017-08-23 14:46 - 2017-08-23 14:46 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign978e1cc5c8bce18b
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignfa9207531fe14419
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2134796833432d73
2017-08-23 13:30 - 2017-08-23 13:30 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd43627842c53b666
2017-08-23 13:28 - 2017-08-23 13:28 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign05eadefa159a60e4
2017-08-23 11:48 - 2017-08-23 11:48 - 000000000 ____D C:\Users\dan44\Downloads\8d4f8d4b-0720-4d5d-ab3e-4fe046f10611_c6b556382fa5dac9acb523a3fce7adf9043f6a4b
2017-08-23 11:48 - 2017-08-17 22:17 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000852136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000604800 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-23 11:48 - 2017-08-17 22:16 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-23 11:48 - 2017-08-17 22:16 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 002211296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001348160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000877432 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000737968 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001159184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000406456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000366120 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-23 11:48 - 2017-08-17 02:35 - 013213369 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Users\dan44\AppData\Local\HirezLauncherUI
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files\MSBuild
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-23 10:17 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-08-23 10:17 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-08-23 10:16 - 2017-08-23 09:50 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-08-23 10:15 - 2017-08-28 07:52 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign61e709e180f8fbbc
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2d03ff161ae7a17f
2017-08-22 15:07 - 2017-08-22 15:07 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne3aca8865e91c390
2017-08-22 15:06 - 2017-08-22 15:06 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1a3061eaf7a2583b
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefe6299ad4d83b36
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign17678350f6c75df5
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9bdcb2107e2ae380
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4c2759a31f400949
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigndc796de078482ff7
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1eafd516485a2875
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigncf38bbba9a56a35c
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb5e4dd851106abc8
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf32a5d495f54da62
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign81f554e34cc2be07
2017-08-22 09:57 - 2017-08-22 09:57 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf756ead559dba5f0
2017-08-22 09:55 - 2017-08-22 09:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5e26f3d5798b2742
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign7bc2136d9f1e00bf
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign66d6fe932206db28
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign6a760dfc1f48adc0
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign15d3a7cd029e75c4
2017-08-21 15:49 - 2017-08-21 15:49 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne0260b96a29587ad
2017-08-21 15:48 - 2017-08-21 15:48 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2e1e2b8430f59997
2017-08-20 23:49 - 2017-08-20 23:50 - 000000140 _____ C:\Users\dan44\Desktop\Musiuc.url
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne11bbbea6417459b
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc60f18f2bf77f318
2017-08-20 16:13 - 2017-08-20 16:13 - 000000000 ____D C:\Users\dan44\Downloads\battlefield
2017-08-20 15:48 - 2017-08-20 15:48 - 006658998 _____ C:\Users\dan44\Downloads\Film - 9615.mp4
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefddc2303e3db23c
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1b70591325cae08b
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf0c61fb96b862413
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb1093cebdc90d562
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne6abdf682d48ff5e
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign0ba9175d1f18ee01
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign49d09f7f3d0ada02
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3b897dafdf708e11
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign68b101e97ac6d29d
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4dbe3a8396aa3e0b
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc21eb9b96cbe9b64
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2593040c3f30b1df
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd78811129fa22af9
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna1fa6d9366883007
2017-08-19 17:10 - 2017-08-19 18:21 - 000000000 ____D C:\Program Files (x86)\KATANAFxFloorBoard
2017-08-19 17:03 - 2017-08-19 17:03 - 000102059 _____ C:\Users\dan44\Downloads\KATANA.tsl
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignce50f44876c0ff64
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna6526924ef6a9efc
2017-08-19 13:32 - 2017-08-19 13:32 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2017-08-19 11:16 - 2017-08-19 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc88d6c6a13f7f801
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign635068bf686d19c8
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5c064ce8905b20ee
2017-08-19 11:09 - 2017-08-23 17:21 - 000000000 ____D C:\Users\dan44\AppData\Roaming\vlc
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna07faf0eee810add
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3d3016bed3476a10
2017-08-18 18:39 - 2017-08-18 18:39 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1899a8a0a4942ded
2017-08-18 18:34 - 2017-08-18 18:34 - 000000000 ____D C:\Users\dan44\AppData\Roaming\NVIDIA
2017-08-18 18:19 - 2017-08-18 18:19 - 000000000 ____D C:\Users\Public\Documents\Adobe
2017-08-18 18:16 - 2017-08-18 18:16 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2017-08-18 11:11 - 2017-08-20 14:09 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-18 11:11 - 2017-08-18 12:25 - 000000000 ____D C:\Users\dan44\AppData\Local\NVIDIA Corporation
2017-08-18 11:11 - 2017-08-18 11:11 - 000000000 ____D C:\Users\dan44\AppData\Local\NVIDIA
2017-08-18 11:10 - 2017-08-21 08:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-18 11:10 - 2017-08-20 14:09 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-18 11:10 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-18 11:10 - 2017-08-18 05:36 - 000918976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-08-18 11:10 - 2017-08-10 01:34 - 000513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-08-18 11:10 - 2017-08-10 01:34 - 000418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000549496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-08-18 11:10 - 2017-08-08 10:39 - 008112721 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-08-18 11:10 - 2017-07-26 18:09 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-08-18 11:10 - 2017-07-26 18:09 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-08-18 11:10 - 2017-03-10 22:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-08-18 11:09 - 2017-08-18 05:36 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-08-18 11:09 - 2017-08-18 05:36 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-08-18 11:09 - 2017-08-18 05:36 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-08-18 11:09 - 2017-08-10 01:34 - 040239552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 035846080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 028961912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 023074832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 018805160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 013649808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 012133296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 011585736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 004164032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 003596224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001067968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000781728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000724928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-08-18 11:09 - 2017-08-10 01:34 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-08-18 11:09 - 2017-08-10 01:34 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-08-18 11:09 - 2017-07-26 18:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-08-18 11:06 - 2017-08-20 14:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-18 11:01 - 2017-08-18 11:01 - 000000000 ____D C:\Users\dan44\Downloads\[Guru3D.com]-DDU
2017-08-18 07:55 - 2017-08-18 07:55 - 000000129 _____ C:\Users\dan44\Desktop\Guitar Sim.url
2017-08-18 07:51 - 2017-08-18 07:51 - 000000174 _____ C:\Users\dan44\Desktop\Guitar amp sim tips.url
2017-08-16 22:45 - 2017-08-16 22:45 - 000000000 ____D C:\Users\dan44\AppData\Roaming\LibreOffice
2017-08-16 22:42 - 2017-08-16 22:42 - 000000706 _____ C:\Users\Public\Desktop\LibreOffice 5.4.lnk
2017-08-15 18:34 - 2017-08-15 18:34 - 008185288 _____ (Malwarebytes) C:\Users\dan44\Downloads\adwcleaner_7.0.1.0.exe
2017-08-15 09:07 - 2017-08-18 05:36 - 001781696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-08-15 09:07 - 2017-08-18 05:36 - 001563584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-08-15 09:07 - 2017-08-17 19:13 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-14 21:55 - 2017-08-14 21:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb73b512286465a58
2017-08-14 21:53 - 2017-08-14 21:53 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf6ee8dec15a2741f
2017-08-14 21:53 - 2017-08-14 21:53 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign88ee6323c99ece1e
2017-08-14 17:47 - 2017-08-19 11:09 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-08-14 14:49 - 2017-08-10 01:34 - 004209520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-08-14 14:49 - 2017-08-10 01:34 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-08-14 12:29 - 2017-08-14 12:29 - 000000000 ____D C:\Program Files (x86)\Origin Games
2017-08-14 12:14 - 2017-08-14 12:14 - 000002255 _____ C:\Users\Public\Desktop\Skin Tool.lnk
2017-08-13 18:33 - 2017-08-15 08:59 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Software
2017-08-13 18:33 - 2017-08-13 18:33 - 000000000 ____D C:\Users\dan44\AppData\Local\SquirrelTemp
2017-08-12 10:02 - 2017-08-12 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\ProtonVPN
2017-08-12 10:01 - 2017-08-19 13:32 - 000001230 _____ C:\Users\Public\Desktop\ProtonVPN.lnk
2017-08-12 10:01 - 2017-08-19 13:32 - 000000000 ____D C:\Users\dan44\AppData\Roaming\ProtonVPN AG
2017-08-11 21:49 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Local\NordVPN
2017-08-11 21:49 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Local\IsolatedStorage
2017-08-11 21:48 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Roaming\NordVPN
2017-08-11 21:12 - 2017-08-11 21:44 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Opera Software
2017-08-11 21:12 - 2017-08-11 21:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Opera Software
2017-08-11 21:12 - 2017-08-11 21:44 - 000000000 ____D C:\Program Files\Opera
2017-08-08 23:14 - 2017-08-01 03:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 23:14 - 2017-08-01 03:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 23:14 - 2017-08-01 03:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 23:14 - 2017-08-01 03:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 23:14 - 2017-08-01 02:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 23:13 - 2017-08-01 03:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 23:13 - 2017-08-01 03:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 23:13 - 2017-08-01 03:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 23:13 - 2017-08-01 03:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 23:13 - 2017-08-01 03:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 23:13 - 2017-08-01 03:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 23:13 - 2017-08-01 03:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 23:13 - 2017-08-01 03:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 23:13 - 2017-08-01 03:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 23:13 - 2017-08-01 03:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 23:13 - 2017-08-01 03:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 23:13 - 2017-08-01 03:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 23:13 - 2017-08-01 03:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 23:13 - 2017-08-01 03:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 23:13 - 2017-08-01 03:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 23:13 - 2017-08-01 03:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 23:13 - 2017-08-01 03:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 23:13 - 2017-08-01 03:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 23:13 - 2017-08-01 03:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 23:13 - 2017-08-01 03:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 23:13 - 2017-08-01 03:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 23:13 - 2017-08-01 03:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 23:13 - 2017-08-01 03:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 23:13 - 2017-08-01 03:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 23:13 - 2017-08-01 03:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 23:13 - 2017-08-01 03:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 23:13 - 2017-08-01 03:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 23:13 - 2017-08-01 03:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 23:13 - 2017-08-01 03:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 23:13 - 2017-08-01 03:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 23:13 - 2017-08-01 03:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 23:13 - 2017-08-01 02:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 23:13 - 2017-08-01 02:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 23:13 - 2017-08-01 02:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 23:13 - 2017-08-01 02:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 23:13 - 2017-08-01 02:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 23:13 - 2017-08-01 02:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 23:13 - 2017-08-01 02:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 23:13 - 2017-08-01 02:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 23:13 - 2017-08-01 02:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 23:13 - 2017-08-01 02:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 23:13 - 2017-08-01 02:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 23:13 - 2017-08-01 02:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 23:13 - 2017-08-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 23:13 - 2017-08-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 23:13 - 2017-08-01 02:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 23:13 - 2017-08-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 23:13 - 2017-08-01 02:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 23:13 - 2017-08-01 02:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 23:13 - 2017-08-01 02:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 23:13 - 2017-08-01 02:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 23:13 - 2017-08-01 02:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 23:13 - 2017-08-01 02:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 23:13 - 2017-08-01 02:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 23:13 - 2017-08-01 02:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 23:13 - 2017-08-01 02:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 16:34 - 2017-08-08 16:34 - 001843180 _____ C:\Users\dan44\Downloads\Twitter Archive.zip
2017-08-08 16:23 - 2017-08-08 16:24 - 000000000 ___RD C:\Users\danie_a63rkla\OneDrive
2017-08-08 16:23 - 2017-08-08 16:23 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1004
2017-08-08 16:23 - 2017-08-08 16:23 - 000002387 _____ C:\Users\danie_a63rkla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Skype
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\.minecraft
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Comms
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\CEF
2017-08-08 16:22 - 2017-08-08 23:14 - 000000000 ____D C:\Users\danie_a63rkla
2017-08-08 16:22 - 2017-08-08 16:24 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Packages
2017-08-08 16:22 - 2017-08-08 16:22 - 000002332 _____ C:\Users\danie_a63rkla\Desktop\Google Chrome.lnk
2017-08-08 16:22 - 2017-08-08 16:22 - 000000020 ___SH C:\Users\danie_a63rkla\ntuser.ini
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Adobe
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\VirtualStore
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\TileDataLayer
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Publishers
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Logitech
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Google
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\ConnectedDevicesPlatform
2017-08-08 16:22 - 2017-08-05 17:48 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Macromedia
2017-08-08 16:01 - 2017-08-08 16:01 - 000153746 _____ C:\Users\dan44\Downloads\swanseacity2012.vcf
2017-08-08 08:13 - 2017-08-08 08:13 - 000002098 _____ C:\Users\dan44\Desktop\control.lnk
2017-08-07 23:14 - 2017-08-07 23:14 - 000000000 ___HD C:\$SysReset
2017-08-07 20:32 - 2017-08-07 20:32 - 000000000 ____D C:\Users\danie\AppData\Local\DBG
2017-08-07 20:32 - 2017-08-07 20:32 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2017-08-07 20:09 - 2017-08-07 20:09 - 000000000 ____D C:\Users\danie\AppData\Local\Comms
2017-08-07 20:08 - 2017-08-07 23:44 - 000000000 ___RD C:\Users\danie\OneDrive
2017-08-07 20:08 - 2017-08-07 20:08 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1003
2017-08-07 20:08 - 2017-08-07 20:08 - 000002363 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-07 20:08 - 2017-08-07 20:08 - 000000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-08-07 20:08 - 2017-08-07 20:08 - 000000000 ____D C:\Users\danie\AppData\Local\Logitech
2017-08-07 20:07 - 2017-08-08 13:35 - 000000000 ____D C:\Users\danie
2017-08-07 20:07 - 2017-08-07 21:12 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2017-08-07 20:07 - 2017-08-07 20:15 - 000000000 ____D C:\Users\danie\AppData\Local\Google
2017-08-07 20:07 - 2017-08-07 20:08 - 000002332 _____ C:\Users\danie\Desktop\Google Chrome.lnk
2017-08-07 20:07 - 2017-08-07 20:07 - 000000020 ___SH C:\Users\danie\ntuser.ini
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\VirtualStore
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\TileDataLayer
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\Publishers
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\ConnectedDevicesPlatform
2017-08-07 20:07 - 2017-08-05 17:48 - 000000000 ____D C:\Users\danie\AppData\Roaming\Macromedia
2017-08-07 14:20 - 2017-08-07 14:20 - 000102094 _____ C:\Users\dan44\Downloads\ACDC.tsl
2017-08-06 18:40 - 2017-08-06 18:40 - 000000017 _____ C:\WINDOWS\PrecisionX_x64.INI
2017-08-06 14:00 - 2017-08-06 14:00 - 000051215 _____ C:\Users\dan44\Downloads\Floydian-GIlmour1.tsl
2017-08-06 12:09 - 2017-08-06 12:09 - 000000000 ____D C:\Users\dan44\ansel
2017-08-05 18:32 - 2017-08-17 17:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-08-05 18:22 - 2017-08-05 18:22 - 000000000 ____D C:\Program Files\Roland
2017-08-05 17:50 - 2017-08-05 17:50 - 000001130 _____ C:\Users\Public\Desktop\BOSS TONE STUDIO for KATANA.lnk
2017-08-05 17:50 - 2017-08-05 17:50 - 000000000 ____D C:\Users\dan44\Downloads\bts_katana_w102
2017-08-05 17:50 - 2017-08-05 17:50 - 000000000 ____D C:\Program Files (x86)\BOSS TONE STUDIO for KATANA
2017-08-05 17:48 - 2017-08-05 17:48 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-08-05 17:07 - 2017-08-05 17:07 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-08-05 16:49 - 2017-08-24 08:11 - 000001106 _____ C:\Users\dan44\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Control.lnk
2017-08-05 16:49 - 2017-08-05 16:49 - 000000000 ____D C:\Program Files\PreSonus
2017-08-05 14:07 - 2017-08-05 14:07 - 000844456 _____ (Sysinternals - www.sysinternals.com) C:\Users\dan44\Downloads\Autoruns64.exe
2017-08-05 12:22 - 2017-08-05 12:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-08-05 11:53 - 2017-08-05 11:53 - 000000000 ____D C:\Users\dan44\AppData\Roaming\BOSS-TONE-STUDIO-for-KATANA
2017-08-02 10:20 - 2017-07-28 06:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-02 10:20 - 2017-07-28 05:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-02 10:20 - 2017-07-28 05:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-02 10:20 - 2017-07-28 05:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-02 10:20 - 2017-07-28 05:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-02 10:20 - 2017-07-28 05:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-02 10:20 - 2017-07-28 05:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-02 10:20 - 2017-07-28 05:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-02 10:20 - 2017-07-28 05:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-02 10:20 - 2017-07-28 05:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-02 10:19 - 2017-07-28 06:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-02 10:19 - 2017-07-28 06:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-02 10:19 - 2017-07-28 06:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-02 10:19 - 2017-07-28 06:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-02 10:19 - 2017-07-28 06:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-02 10:19 - 2017-07-28 06:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-02 10:19 - 2017-07-28 06:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-02 10:19 - 2017-07-28 06:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-02 10:19 - 2017-07-28 06:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-02 10:19 - 2017-07-28 06:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-02 10:19 - 2017-07-28 06:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-02 10:19 - 2017-07-28 06:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-02 10:19 - 2017-07-28 06:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-02 10:19 - 2017-07-28 06:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-02 10:19 - 2017-07-28 06:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-02 10:19 - 2017-07-28 06:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-02 10:19 - 2017-07-28 06:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-02 10:19 - 2017-07-28 06:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-02 10:19 - 2017-07-28 06:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-02 10:19 - 2017-07-28 05:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-02 10:19 - 2017-07-28 05:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-02 10:19 - 2017-07-28 05:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-02 10:19 - 2017-07-28 05:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-02 10:19 - 2017-07-28 05:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-02 10:19 - 2017-07-28 05:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-02 10:19 - 2017-07-28 05:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-02 10:19 - 2017-07-28 05:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-02 10:19 - 2017-07-28 05:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-02 10:19 - 2017-07-28 05:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-02 10:19 - 2017-07-28 05:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-02 10:19 - 2017-07-28 05:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-02 10:19 - 2017-07-28 05:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-02 10:19 - 2017-07-28 05:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-02 10:19 - 2017-07-28 05:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-02 10:19 - 2017-07-28 05:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-02 10:19 - 2017-07-28 05:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-02 10:19 - 2017-07-28 05:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-02 10:19 - 2017-07-28 05:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-02 10:19 - 2017-07-28 05:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-02 10:19 - 2017-07-28 05:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-02 10:19 - 2017-07-28 05:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-02 10:19 - 2017-07-28 05:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-02 10:19 - 2017-07-28 05:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-02 10:19 - 2017-07-28 05:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-02 10:19 - 2017-07-28 05:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-02 10:19 - 2017-07-28 05:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-02 10:19 - 2017-07-28 05:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-02 10:19 - 2017-07-28 05:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-02 10:19 - 2017-07-28 05:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-02 10:19 - 2017-07-28 05:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-02 10:19 - 2017-07-28 05:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-02 10:19 - 2017-07-28 05:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-02 10:17 - 2017-08-02 10:17 - 000000000 ____D C:\Users\dan44\Documents\FeedbackHub
2017-07-31 10:13 - 2017-07-31 10:13 - 000001645 _____ C:\Users\dan44\Downloads\sg_backup_2017-07-31-1013.spg
2017-07-29 15:58 - 2017-07-29 15:58 - 000000000 ____D C:\Users\dan44\AppData\Roaming\QuickScan
2017-07-29 15:56 - 2017-07-29 15:56 - 000611855 _____ C:\Users\dan44\AppData\Local\census.cache
2017-07-29 15:55 - 2017-07-29 15:55 - 000202773 _____ C:\Users\dan44\AppData\Local\ars.cache
2017-07-29 15:54 - 2017-07-29 15:54 - 000000010 _____ C:\Users\dan44\AppData\Local\sponge.last.runtime.cache
2017-07-29 15:50 - 2017-07-29 15:50 - 000000000 ____D C:\WINDOWS\Trend Micro
2017-07-29 15:49 - 2017-07-29 15:49 - 000000036 _____ C:\Users\dan44\AppData\Local\housecall.guid.cache
2017-07-29 15:49 - 2015-05-29 08:43 - 000307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-28 19:08 - 2017-05-31 22:17 - 000000000 ____D C:\AdwCleaner
2017-08-28 17:58 - 2017-07-27 10:07 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Origin
2017-08-28 17:50 - 2017-05-29 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-28 15:47 - 2017-06-12 12:27 - 000000000 ___RD C:\Users\dan44\Creative Cloud Files
2017-08-28 15:47 - 2017-06-12 12:19 - 000000000 ____D C:\Users\dan44\AppData\Local\Adobe
2017-08-28 13:00 - 2017-05-29 09:29 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-28 10:07 - 2017-05-29 09:24 - 000000000 ____D C:\Users\dan44
2017-08-28 08:46 - 2017-06-01 11:13 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Celemony Software GmbH
2017-08-28 07:57 - 2017-05-29 09:25 - 002573126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-28 07:52 - 2017-05-29 09:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-27 23:12 - 2017-05-29 10:12 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\system32\w3data.vss
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\system32\msvcsv60.dll
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\msocreg32.dat
2017-08-27 15:36 - 2017-06-06 14:52 - 000000048 _____ C:\Users\dan44\AppData\Roaming\msregsvv.dll
2017-08-27 14:20 - 2017-05-29 12:28 - 000000000 ____D C:\Users\dan44\Documents\XLN Online Installer
2017-08-27 12:29 - 2017-05-29 11:21 - 000000000 ____D C:\Cakewalk Projects
2017-08-27 10:03 - 2017-06-04 08:52 - 000000000 ____D C:\Users\dan44\AppData\Local\CrashDumps
2017-08-27 10:01 - 2017-06-18 14:29 - 000038368 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-08-27 10:01 - 2017-06-18 11:24 - 000000000 ____D C:\Program Files (x86)\Black Desert Online
2017-08-27 10:00 - 2017-06-18 11:24 - 000000000 ____D C:\Users\dan44\AppData\Local\BlackDesertOnline
2017-08-26 08:53 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 07:53 - 2017-05-29 10:15 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 16:32 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\rescache
2017-08-24 14:26 - 2017-05-29 15:56 - 000000000 ____D C:\Users\dan44\Documents\My Games
2017-08-24 08:32 - 2017-05-30 08:37 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2017-08-24 08:32 - 2017-05-29 10:14 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 08:11 - 2017-05-30 11:04 - 000000000 ____D C:\Users\dan44\AppData\Roaming\PreSonus
2017-08-23 13:59 - 2017-05-29 10:13 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-23 11:49 - 2017-05-29 10:40 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-08-23 11:49 - 2017-05-29 09:20 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-08-23 11:49 - 2017-05-29 09:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-08-23 11:49 - 2017-05-29 09:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-23 10:15 - 2017-05-29 10:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-22 15:00 - 2017-06-12 12:27 - 000000000 ____D C:\Users\dan44\Documents\Adobe
2017-08-22 13:46 - 2017-06-12 12:23 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-08-22 13:46 - 2017-06-12 12:22 - 000000000 ____D C:\Program Files\Adobe
2017-08-22 13:46 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Adobe
2017-08-21 08:42 - 2017-05-29 09:19 - 000333792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-19 17:20 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\VirtualStore
2017-08-18 11:10 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\Help
2017-08-18 07:06 - 2017-05-29 12:50 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 22:16 - 2017-07-19 19:01 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-17 22:16 - 2017-05-29 10:40 - 005899752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-08-17 22:16 - 2017-05-29 10:40 - 000023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-08-17 22:15 - 2017-07-19 19:01 - 003517496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-17 22:15 - 2017-07-19 19:01 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-15 18:30 - 2017-07-17 21:55 - 000000000 ____D C:\Program Files (x86)\iZotope
2017-08-15 18:30 - 2017-05-29 11:26 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-08-14 21:58 - 2017-06-12 12:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-14 19:06 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\Packages
2017-08-14 12:14 - 2017-06-14 13:18 - 000002182 _____ C:\Users\Public\Desktop\EVGA Precision XOC.lnk
2017-08-14 12:14 - 2017-06-14 13:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-08-12 14:51 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\ConnectedDevicesPlatform
2017-08-09 14:49 - 2017-06-06 18:29 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-08-08 23:14 - 2017-05-29 12:50 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 23:14 - 2017-05-29 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 16:31 - 2017-06-03 21:48 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Skype
2017-08-08 16:22 - 2017-05-29 09:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-07 19:47 - 2017-05-29 21:46 - 000000000 ____D C:\Users\dan44\AppData\Local\ElevatedDiagnostics
2017-08-06 15:25 - 2017-06-06 23:51 - 000006144 _____ C:\Users\dan44\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-05 18:17 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-05 17:07 - 2017-05-29 13:01 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ___SD C:\WINDOWS\system32\Nui
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-08-05 16:32 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\registration
2017-08-03 16:26 - 2017-05-30 11:11 - 000001926 _____ C:\Users\Public\Desktop\SONAR Platinum.lnk
2017-08-02 10:23 - 2017-05-29 10:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-02 10:23 - 2017-05-29 10:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-01 16:06 - 2017-07-09 08:57 - 000000000 ____D C:\Users\dan44\AppData\Roaming\helm
2017-07-31 16:15 - 2017-05-29 10:16 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 16:15 - 2017-05-29 10:16 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-31 11:21 - 2017-05-29 10:12 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-31 11:19 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\NDF
 
==================== Files in the root of some directories =======
 
2017-06-06 14:52 - 2017-08-27 15:36 - 000000048 _____ () C:\Users\dan44\AppData\Roaming\msregsvv.dll
2017-07-29 15:55 - 2017-07-29 15:55 - 000202773 _____ () C:\Users\dan44\AppData\Local\ars.cache
2017-07-29 15:56 - 2017-07-29 15:56 - 000611855 _____ () C:\Users\dan44\AppData\Local\census.cache
2017-06-06 23:51 - 2017-08-06 15:25 - 000006144 _____ () C:\Users\dan44\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-29 15:49 - 2017-07-29 15:49 - 000000036 _____ () C:\Users\dan44\AppData\Local\housecall.guid.cache
2017-07-29 15:54 - 2017-07-29 15:54 - 000000010 _____ () C:\Users\dan44\AppData\Local\sponge.last.runtime.cache
2017-07-29 15:56 - 2017-07-29 15:56 - 000047285 _____ () C:\ProgramData\agent.1501340205.bdinstall.bin
2017-07-31 11:22 - 2017-07-31 11:22 - 000030353 _____ () C:\ProgramData\agent.uninstall.1501496535.bdinstall.bin
2017-07-30 08:51 - 2017-07-30 08:51 - 000030964 _____ () C:\ProgramData\agent.update.1501401063.bdinstall.bin
2017-06-06 14:52 - 2017-08-27 15:36 - 000000048 _____ () C:\ProgramData\autobk.inc
2017-05-29 09:20 - 2017-05-29 09:20 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
2017-08-24 18:03 - 2017-08-24 18:03 - 000000180 _____ () C:\Users\dan44\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-08-24 18:04 - 2017-08-27 10:01 - 000000044 _____ () C:\Users\dan44\AppData\Local\Temp\9d0ef6ba498a9edf23b86b6d2a661f1f.dll
2017-07-31 15:11 - 2017-07-31 15:11 - 014157672 _____ (Microsoft Corporation) C:\Users\dan44\AppData\Local\Temp\vcredist_x86.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-08-27 09:22
 
==================== End of FRST.txt ============================


BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 28 August 2017 - 03:39 PM

Hello the geekfreak and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please follow these instructions in the order given.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

  • run AdwCleaner by clicking on Scan
  • when it has finished, leave everything that was found checked, (ticked), then click on Clean
  • if it asks to reboot, allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
  • the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next message.

===================================================

Download zoek.exe to your Desktop:

Important: Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

  • on Windows Vista, 7/8/10, right-click Zoek.exe and select: Run as Administrator
  • give it a few seconds to appear
  • copy/paste the entire script inside the codebox below into the input field of Zoek:
    createsrpoint;
    autoclean;
    emptyclsid;
    emptyffcache;
    FFdefaults;
    emptyiecache;
    iedefaults;
    emptychrcache;
    CHRdefaults;
    emptyalltemp;
    emptyfolderscheck;delete
    ipconfig /flushdns;b
    
  • close any open programs.
  • click the Run script button, and wait. It takes a few minutes to run.
  • when the tool finishes, the zoek-results.log is opened in Notepad: the log can also be found on the systemdrive, normally C:\
  • if a reboot is needed, the log will be opened after the reboot.

Logs to include with next post:

AdwCleaner log
JRT.txt
zoek-results.log


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 29 August 2017 - 03:53 AM

# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 08:38:02 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [1303 B] - [2017/8/15 17:41:13]
C:/AdwCleaner/AdwCleaner[S0].txt - [1143 B] - [2017/5/31 21:17:56]
C:/AdwCleaner/AdwCleaner[S1].txt - [1217 B] - [2017/7/4 14:32:27]
C:/AdwCleaner/AdwCleaner[S2].txt - [1145 B] - [2017/8/15 17:35:26]
C:/AdwCleaner/AdwCleaner[S3].txt - [1470 B] - [2017/8/28 18:8:12]
C:/AdwCleaner/AdwCleaner[S4].txt - [1537 B] - [2017/8/29 8:37:43]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64 
Ran by Satch (Administrator) on 29/08/2017 at  9:40:08.70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 1 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/08/2017 at  9:40:52.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
 
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Satch on 29/08/2017 at  9:42:17.57.
Microsoft Windows 10 Pro 10.0.15063  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\dan44\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
29/08/2017 09:42:47 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~3\office6 deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\dan44\AppData\Local\DBG deleted successfully
C:\Users\dan44\AppData\Local\Opera Software deleted successfully
C:\Users\dan44\AppData\Local\PackageStaging deleted successfully
C:\Users\dan44\AppData\Local\PeerDistRepub deleted successfully
C:\Users\danie\AppData\Local\DBG deleted successfully
C:\Users\danie\AppData\Local\VirtualStore deleted successfully
C:\Users\danie_a63rkla\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-150517238-643256998-2923789579-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_USERS\S-1-5-21-150517238-643256998-2923789579-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5135FC3-396E-4AFB-974F-D7A91D15CCCA} deleted successfully
HKEY_USERS\S-1-5-21-150517238-643256998-2923789579-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5135FC3-396E-4AFB-974F-D7A91D15CCCA} deleted successfully
HKEY_USERS\S-1-5-21-150517238-643256998-2923789579-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F86DEB4A-8D78-4C57-8872-D2730ED051EF} deleted successfully
HKEY_USERS\S-1-5-21-150517238-643256998-2923789579-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F86DEB4A-8D78-4C57-8872-D2730ED051EF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C5135FC3-396E-4AFB-974F-D7A91D15CCCA} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F86DEB4A-8D78-4C57-8872-D2730ED051EF} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\VstPlugIns deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
 
==== Fake Chromium Profiles Check ======================
 
Fake profile C:\Users\danie_a63rkla\AppData\Local\Google\Chrome deleted
 
==== Chromium Look ======================
 
 
BTTV - dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
DuckDuckGo for Chrome - dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg
uBlock₀ - dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Chrome Media Router - dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
 
==== Chromium Fix ======================
 
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.hotukdeals.com_0.localstorage deleted successfully
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.hotukdeals.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
 
==== Reset Google Chrome ======================
 
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
 
==== Empty IE Cache ======================
 
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\dan44\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dan44\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\danie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\danie_a63rkla\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dan44\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\dan44\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\danie\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\danie_a63rkla\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
No Flash Cache Found
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=185 folders=95 176214547 bytes)
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp successfully emptied
C:\Users\dan44\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
 
==== EOF on 29/08/2017 at  9:49:32.96 ======================
 
 
 
 
I notice after reboot that all my browser extensions are gone  ?
Can you explain what else you have removed and done in easy to understand terms please
 
Thanks for helping me , it's much appreciated 
 
Also FYI , i installed a brand new SSD drive this morning but have not put anything at all on there , only formatted it. just so you know 
 
 
Dan 
 


#4 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 29 August 2017 - 04:40 AM

notice after reboot that all my browser extensions are gone  ?
Can you explain what else you have removed

To be sure everything is cleaned your browsers were reset to default settings and unwanted toolbars also removed. As long as you are sure they are safe, you can re-install them.

BTW, did you set Duck Duck Go as your browser?


Please run FRST again and make sure there is a checkmark next to ‘Addition.txt’ before you hit Scan.

Logs to include with next post:

New Frst.txt
New Addition.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#5 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 29 August 2017 - 04:57 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Satch (administrator) on DESKTOP-47ES84T (29-08-2017 10:55:50)
Running from C:\Users\dan44\Downloads
Loaded Profiles: Satch (Available Profiles: Satch & danie & danie_a63rkla)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.22\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(PreSonus) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe
() C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(PreSonus) C:\Program Files\PreSonus\Universal Control\Universal Control.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1216512 2017-04-12] (ASUSTeK COMPUTER INC.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\Run: [ISM] => C:\Program Files (x86)\Common Files\Intel\Intel Software Manager\ism2.exe [423064 2015-10-05] (Intel Corporation)
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [12654080 2017-08-17] (PreSonus)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{61e2db3e-2b72-4967-bbdb-d96901125688}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-150517238-643256998-2923789579-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-150517238-643256998-2923789579-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\dan44\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-150517238-643256998-2923789579-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\dan44\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default [2017-08-29]
CHR Extension: (No Name) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Chrome Media Router) - C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-29]
CHR Profile: C:\Users\dan44\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-24]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-07-27] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.22\AsusFanControlService.exe [2683864 2016-12-15] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-23] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2168672 2017-07-26] (Electronic Arts)
S2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3148128 2017-07-26] (Electronic Arts)
R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [367616 2017-08-17] (PreSonus) [File not signed]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [50800 2017-08-17] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-05-29] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [544744 2017-03-19] (Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2016-12-15] (ASUSTeK Computer Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-07-10] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2017-04-06] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2017-04-06] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2017-04-06] (Logitech Inc.)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2017-03-12] (Windows ® Win 7 DDK provider)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9ab613610b40aa98\nvlddmkm.sys [15610296 2017-08-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [301656 2017-03-20] ()
R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [67672 2017-03-20] ()
S3 RDID1179; C:\WINDOWS\system32\Drivers\RDWM1179.SYS [387072 2016-06-06] (Roland Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-08-27] (Wellbia.com Co., Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-29 09:49 - 2017-08-29 09:49 - 000008290 _____ C:\Users\dan44\Desktop\zoek-results.txt
2017-08-29 09:48 - 2017-08-29 09:42 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2017-08-29 09:41 - 2017-08-29 09:48 - 000000000 ____D C:\zoek_backup
2017-08-29 09:40 - 2017-08-29 09:41 - 000000606 _____ C:\Users\dan44\Desktop\JRT.txt
2017-08-29 09:39 - 2017-08-29 09:39 - 000001685 _____ C:\Users\dan44\Desktop\AdwCleaner[C1].txt
2017-08-29 09:37 - 2017-08-29 09:37 - 001790024 _____ (Malwarebytes) C:\Users\dan44\Downloads\JRT.exe
2017-08-29 09:37 - 2017-08-29 09:37 - 001309184 _____ C:\Users\dan44\Downloads\zoek.exe
2017-08-29 09:37 - 2017-08-29 09:37 - 000001537 _____ C:\Users\dan44\Desktop\AdwCleaner[S4].txt
2017-08-29 09:16 - 2017-08-29 09:16 - 000003274 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2017-08-28 19:16 - 2017-08-29 10:55 - 000015648 _____ C:\Users\dan44\Downloads\FRST.txt
2017-08-28 19:16 - 2017-08-29 10:55 - 000000000 ____D C:\FRST
2017-08-28 19:16 - 2017-08-28 19:16 - 000060386 _____ C:\Users\dan44\Downloads\Addition.txt
2017-08-28 19:15 - 2017-08-28 19:15 - 002395648 _____ (Farbar) C:\Users\dan44\Downloads\FRST64.exe
2017-08-27 15:35 - 2017-08-27 15:35 - 000000000 ____D C:\Users\dan44\Documents\RC-20 Retro Color Logs
2017-08-27 14:23 - 2017-08-27 14:23 - 000000000 ____D C:\Users\dan44\Documents\RC-20 Retro Color
2017-08-27 09:40 - 2017-08-27 09:40 - 000000120 _____ C:\Users\dan44\Desktop\Guitar tools.url
2017-08-27 08:33 - 2017-08-28 22:21 - 000011641 _____ C:\Users\dan44\Documents\When pictures end up in the wrong hands.odt
2017-08-27 08:33 - 2017-08-27 08:33 - 000008564 _____ C:\Users\dan44\Documents\Untitled 1.odt
2017-08-26 21:38 - 2017-08-26 21:38 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign33f7a0447ace80a2
2017-08-26 21:37 - 2017-08-26 21:37 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5d982fbf0569b31e
2017-08-26 17:10 - 2017-08-27 18:09 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Chord and Scale Library
2017-08-26 17:07 - 2017-08-27 18:09 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Chords
2017-08-26 17:06 - 2017-08-26 17:06 - 000000679 _____ C:\Users\dan44\Desktop\Fretlight Studio 6.lnk
2017-08-26 17:06 - 2014-03-29 17:31 - 000747008 _____ (Trace Systems, Inc.) C:\WINDOWS\SysWOW64\HIDagentXControl1.ocx
2017-08-26 17:06 - 2013-11-08 21:56 - 001066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2017-08-26 17:06 - 2013-11-08 21:56 - 000647872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2017-08-26 17:06 - 2013-11-08 21:56 - 000140488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2017-08-26 17:06 - 2013-11-08 21:55 - 003668992 _____ C:\WINDOWS\SysWOW64\ffdshow.ax
2017-08-26 17:06 - 2013-11-08 21:55 - 000563200 _____ (MPC-HC Team) C:\WINDOWS\SysWOW64\MP4Splitter.ax
2017-08-26 17:06 - 2013-11-08 21:55 - 000140288 _____ (Optek Music Systems, Inc) C:\WINDOWS\SysWOW64\mmx.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000114688 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcFRMSHAPECTL.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000090112 _____ (hxxp://www.mvps.org/vb) C:\WINDOWS\SysWOW64\ccrpTmr6.dll
2017-08-26 17:06 - 2013-11-08 21:55 - 000077824 _____ (GDCL (www.gdcl.co.uk)) C:\WINDOWS\SysWOW64\WMFDemux.dll
2017-08-26 17:06 - 2013-11-08 21:55 - 000061440 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcSLIDERCTL.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000057399 _____ C:\WINDOWS\SysWOW64\Registry Control.ocx
2017-08-26 17:06 - 2013-11-08 21:55 - 000053248 _____ (Visual Creations) C:\WINDOWS\SysWOW64\vcMASKPICCTL.ocx
2017-08-25 14:36 - 2017-08-25 14:36 - 000000928 _____ C:\Users\dan44\Desktop\Origin.exe - Shortcut.lnk
2017-08-24 14:26 - 2017-08-24 14:26 - 000748584 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 14:26 - 2017-08-24 14:26 - 000000000 ____D C:\Users\dan44\AppData\Roaming\EasyAntiCheat
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignea50420948253331
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign548b7c960fc33acd
2017-08-24 08:11 - 2017-08-24 08:11 - 075035712 _____ (PreSonus) C:\Users\dan44\Downloads\PreSonus_Universal_Control_Installer-44119 2.2.0.44119.exe
2017-08-24 08:11 - 2017-08-24 08:11 - 000001076 _____ C:\Users\dan44\Desktop\Universal Control.lnk
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9405bc68982f07fe
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign62cae7acfaa779b2
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb28d5e38b5063945
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign56bb948915b3c924
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc3ffc939d877171a
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign39b9a6dfce267862
2017-08-23 14:47 - 2017-08-23 14:47 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf7386ece4d3c68b0
2017-08-23 14:46 - 2017-08-23 14:46 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign978e1cc5c8bce18b
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignfa9207531fe14419
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2134796833432d73
2017-08-23 13:30 - 2017-08-23 13:30 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd43627842c53b666
2017-08-23 13:28 - 2017-08-23 13:28 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign05eadefa159a60e4
2017-08-23 11:48 - 2017-08-23 11:48 - 000000000 ____D C:\Users\dan44\Downloads\8d4f8d4b-0720-4d5d-ab3e-4fe046f10611_c6b556382fa5dac9acb523a3fce7adf9043f6a4b
2017-08-23 11:48 - 2017-08-17 22:17 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000852136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000604800 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-08-23 11:48 - 2017-08-17 22:17 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-23 11:48 - 2017-08-17 22:16 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-23 11:48 - 2017-08-17 22:16 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 002211296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001348160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000877432 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000737968 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:16 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 001159184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000406456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000366120 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-23 11:48 - 2017-08-17 22:15 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-23 11:48 - 2017-08-17 02:35 - 013213369 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Users\dan44\AppData\Local\HirezLauncherUI
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files\MSBuild
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-23 10:17 - 2017-08-23 10:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-23 10:17 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-08-23 10:17 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-23 10:17 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-08-23 10:16 - 2017-08-23 09:50 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-08-23 10:15 - 2017-08-29 09:49 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign61e709e180f8fbbc
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2d03ff161ae7a17f
2017-08-22 15:07 - 2017-08-22 15:07 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne3aca8865e91c390
2017-08-22 15:06 - 2017-08-22 15:06 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1a3061eaf7a2583b
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefe6299ad4d83b36
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign17678350f6c75df5
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9bdcb2107e2ae380
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4c2759a31f400949
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigndc796de078482ff7
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1eafd516485a2875
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigncf38bbba9a56a35c
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb5e4dd851106abc8
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf32a5d495f54da62
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign81f554e34cc2be07
2017-08-22 09:57 - 2017-08-22 09:57 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf756ead559dba5f0
2017-08-22 09:55 - 2017-08-22 09:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5e26f3d5798b2742
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign7bc2136d9f1e00bf
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign66d6fe932206db28
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign6a760dfc1f48adc0
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign15d3a7cd029e75c4
2017-08-21 15:49 - 2017-08-21 15:49 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne0260b96a29587ad
2017-08-21 15:48 - 2017-08-21 15:48 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2e1e2b8430f59997
2017-08-20 23:49 - 2017-08-20 23:50 - 000000140 _____ C:\Users\dan44\Desktop\Musiuc.url
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne11bbbea6417459b
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc60f18f2bf77f318
2017-08-20 16:13 - 2017-08-20 16:13 - 000000000 ____D C:\Users\dan44\Downloads\battlefield
2017-08-20 15:48 - 2017-08-20 15:48 - 006658998 _____ C:\Users\dan44\Downloads\Film - 9615.mp4
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefddc2303e3db23c
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1b70591325cae08b
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf0c61fb96b862413
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb1093cebdc90d562
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne6abdf682d48ff5e
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign0ba9175d1f18ee01
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign49d09f7f3d0ada02
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3b897dafdf708e11
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign68b101e97ac6d29d
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4dbe3a8396aa3e0b
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc21eb9b96cbe9b64
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2593040c3f30b1df
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd78811129fa22af9
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna1fa6d9366883007
2017-08-19 17:10 - 2017-08-19 18:21 - 000000000 ____D C:\Program Files (x86)\KATANAFxFloorBoard
2017-08-19 17:03 - 2017-08-19 17:03 - 000102059 _____ C:\Users\dan44\Downloads\KATANA.tsl
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignce50f44876c0ff64
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna6526924ef6a9efc
2017-08-19 13:32 - 2017-08-19 13:32 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2017-08-19 11:16 - 2017-08-19 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc88d6c6a13f7f801
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign635068bf686d19c8
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5c064ce8905b20ee
2017-08-19 11:09 - 2017-08-23 17:21 - 000000000 ____D C:\Users\dan44\AppData\Roaming\vlc
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna07faf0eee810add
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3d3016bed3476a10
2017-08-18 18:39 - 2017-08-18 18:39 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1899a8a0a4942ded
2017-08-18 18:34 - 2017-08-18 18:34 - 000000000 ____D C:\Users\dan44\AppData\Roaming\NVIDIA
2017-08-18 11:11 - 2017-08-20 14:09 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-18 11:11 - 2017-08-18 12:25 - 000000000 ____D C:\Users\dan44\AppData\Local\NVIDIA Corporation
2017-08-18 11:11 - 2017-08-18 11:11 - 000000000 ____D C:\Users\dan44\AppData\Local\NVIDIA
2017-08-18 11:10 - 2017-08-21 08:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-18 11:10 - 2017-08-20 14:09 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-20 14:09 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-18 11:10 - 2017-08-18 11:10 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-18 11:10 - 2017-08-18 05:36 - 000918976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-08-18 11:10 - 2017-08-10 01:34 - 000513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-08-18 11:10 - 2017-08-10 01:34 - 000418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000549496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-08-18 11:10 - 2017-08-09 23:53 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-08-18 11:10 - 2017-08-08 10:39 - 008112721 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-08-18 11:10 - 2017-07-26 18:09 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-08-18 11:10 - 2017-07-26 18:09 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-08-18 11:10 - 2017-03-10 22:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-08-18 11:10 - 2017-03-10 22:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-08-18 11:09 - 2017-08-18 05:36 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-08-18 11:09 - 2017-08-18 05:36 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-08-18 11:09 - 2017-08-18 05:36 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-08-18 11:09 - 2017-08-10 01:34 - 040239552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 035846080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 028961912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 023074832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 018805160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 013649808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 012133296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 011585736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 004164032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 003596224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001067968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000924096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000781728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000724928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000689808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-08-18 11:09 - 2017-08-10 01:34 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-08-18 11:09 - 2017-08-10 01:34 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-08-18 11:09 - 2017-08-10 01:34 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-08-18 11:09 - 2017-07-26 18:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-08-18 11:06 - 2017-08-20 14:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-18 11:01 - 2017-08-18 11:01 - 000000000 ____D C:\Users\dan44\Downloads\[Guru3D.com]-DDU
2017-08-18 07:55 - 2017-08-18 07:55 - 000000129 _____ C:\Users\dan44\Desktop\Guitar Sim.url
2017-08-18 07:51 - 2017-08-18 07:51 - 000000174 _____ C:\Users\dan44\Desktop\Guitar amp sim tips.url
2017-08-16 22:45 - 2017-08-16 22:45 - 000000000 ____D C:\Users\dan44\AppData\Roaming\LibreOffice
2017-08-16 22:42 - 2017-08-16 22:42 - 000000706 _____ C:\Users\Public\Desktop\LibreOffice 5.4.lnk
2017-08-15 18:34 - 2017-08-15 18:34 - 008185288 _____ (Malwarebytes) C:\Users\dan44\Downloads\adwcleaner_7.0.1.0.exe
2017-08-15 09:07 - 2017-08-18 05:36 - 001781696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-08-15 09:07 - 2017-08-18 05:36 - 001563584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-08-15 09:07 - 2017-08-17 19:13 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-14 21:55 - 2017-08-14 21:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb73b512286465a58
2017-08-14 21:53 - 2017-08-14 21:53 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf6ee8dec15a2741f
2017-08-14 21:53 - 2017-08-14 21:53 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign88ee6323c99ece1e
2017-08-14 17:47 - 2017-08-19 11:09 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-08-14 14:49 - 2017-08-10 01:34 - 004209520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-08-14 14:49 - 2017-08-10 01:34 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-08-14 12:14 - 2017-08-14 12:14 - 000002255 _____ C:\Users\Public\Desktop\Skin Tool.lnk
2017-08-13 18:33 - 2017-08-15 08:59 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Software
2017-08-13 18:33 - 2017-08-13 18:33 - 000000000 ____D C:\Users\dan44\AppData\Local\SquirrelTemp
2017-08-12 10:02 - 2017-08-12 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\ProtonVPN
2017-08-12 10:01 - 2017-08-19 13:32 - 000001230 _____ C:\Users\Public\Desktop\ProtonVPN.lnk
2017-08-12 10:01 - 2017-08-19 13:32 - 000000000 ____D C:\Users\dan44\AppData\Roaming\ProtonVPN AG
2017-08-11 21:49 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Local\NordVPN
2017-08-11 21:49 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Local\IsolatedStorage
2017-08-11 21:48 - 2017-08-11 21:49 - 000000000 ____D C:\Users\dan44\AppData\Roaming\NordVPN
2017-08-11 21:12 - 2017-08-11 21:44 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Opera Software
2017-08-11 21:12 - 2017-08-11 21:44 - 000000000 ____D C:\Program Files\Opera
2017-08-08 23:14 - 2017-08-01 03:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 23:14 - 2017-08-01 03:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 23:14 - 2017-08-01 03:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 23:14 - 2017-08-01 03:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 23:14 - 2017-08-01 02:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 23:13 - 2017-08-01 03:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 23:13 - 2017-08-01 03:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 23:13 - 2017-08-01 03:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 23:13 - 2017-08-01 03:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 23:13 - 2017-08-01 03:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 23:13 - 2017-08-01 03:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 23:13 - 2017-08-01 03:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 23:13 - 2017-08-01 03:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 23:13 - 2017-08-01 03:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 23:13 - 2017-08-01 03:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 23:13 - 2017-08-01 03:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 23:13 - 2017-08-01 03:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 23:13 - 2017-08-01 03:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 23:13 - 2017-08-01 03:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 23:13 - 2017-08-01 03:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 23:13 - 2017-08-01 03:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 23:13 - 2017-08-01 03:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 23:13 - 2017-08-01 03:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 23:13 - 2017-08-01 03:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 23:13 - 2017-08-01 03:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 23:13 - 2017-08-01 03:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 23:13 - 2017-08-01 03:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 23:13 - 2017-08-01 03:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 23:13 - 2017-08-01 03:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 23:13 - 2017-08-01 03:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 23:13 - 2017-08-01 03:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 23:13 - 2017-08-01 03:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 23:13 - 2017-08-01 03:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 23:13 - 2017-08-01 03:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 23:13 - 2017-08-01 03:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 23:13 - 2017-08-01 03:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 23:13 - 2017-08-01 03:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 23:13 - 2017-08-01 03:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 23:13 - 2017-08-01 03:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 23:13 - 2017-08-01 03:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 23:13 - 2017-08-01 03:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 23:13 - 2017-08-01 02:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 23:13 - 2017-08-01 02:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 23:13 - 2017-08-01 02:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 23:13 - 2017-08-01 02:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 23:13 - 2017-08-01 02:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 23:13 - 2017-08-01 02:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 23:13 - 2017-08-01 02:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 23:13 - 2017-08-01 02:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 23:13 - 2017-08-01 02:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 23:13 - 2017-08-01 02:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 23:13 - 2017-08-01 02:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 23:13 - 2017-08-01 02:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 23:13 - 2017-08-01 02:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 23:13 - 2017-08-01 02:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 23:13 - 2017-08-01 02:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 23:13 - 2017-08-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 23:13 - 2017-08-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 23:13 - 2017-08-01 02:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 23:13 - 2017-08-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 23:13 - 2017-08-01 02:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 23:13 - 2017-08-01 02:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 23:13 - 2017-08-01 02:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 23:13 - 2017-08-01 02:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 23:13 - 2017-08-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 23:13 - 2017-08-01 02:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 23:13 - 2017-08-01 02:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 23:13 - 2017-08-01 02:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 23:13 - 2017-08-01 02:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 23:13 - 2017-08-01 02:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 23:13 - 2017-08-01 02:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 23:13 - 2017-08-01 02:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 23:13 - 2017-07-31 23:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 16:34 - 2017-08-08 16:34 - 001843180 _____ C:\Users\dan44\Downloads\Twitter Archive.zip
2017-08-08 16:23 - 2017-08-08 16:24 - 000000000 ___RD C:\Users\danie_a63rkla\OneDrive
2017-08-08 16:23 - 2017-08-08 16:23 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1004
2017-08-08 16:23 - 2017-08-08 16:23 - 000002387 _____ C:\Users\danie_a63rkla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Skype
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\.minecraft
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Comms
2017-08-08 16:23 - 2017-08-08 16:23 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\CEF
2017-08-08 16:22 - 2017-08-29 09:47 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Google
2017-08-08 16:22 - 2017-08-08 23:14 - 000000000 ____D C:\Users\danie_a63rkla
2017-08-08 16:22 - 2017-08-08 16:24 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Packages
2017-08-08 16:22 - 2017-08-08 16:22 - 000002332 _____ C:\Users\danie_a63rkla\Desktop\Google Chrome.lnk
2017-08-08 16:22 - 2017-08-08 16:22 - 000000020 ___SH C:\Users\danie_a63rkla\ntuser.ini
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Adobe
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\TileDataLayer
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Publishers
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\Logitech
2017-08-08 16:22 - 2017-08-08 16:22 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Local\ConnectedDevicesPlatform
2017-08-08 16:22 - 2017-08-05 17:48 - 000000000 ____D C:\Users\danie_a63rkla\AppData\Roaming\Macromedia
2017-08-08 16:01 - 2017-08-08 16:01 - 000153746 _____ C:\Users\dan44\Downloads\swanseacity2012.vcf
2017-08-08 08:13 - 2017-08-08 08:13 - 000002098 _____ C:\Users\dan44\Desktop\control.lnk
2017-08-07 23:14 - 2017-08-07 23:14 - 000000000 ___HD C:\$SysReset
2017-08-07 20:32 - 2017-08-07 20:32 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2017-08-07 20:09 - 2017-08-07 20:09 - 000000000 ____D C:\Users\danie\AppData\Local\Comms
2017-08-07 20:08 - 2017-08-07 23:44 - 000000000 ___RD C:\Users\danie\OneDrive
2017-08-07 20:08 - 2017-08-07 20:08 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1003
2017-08-07 20:08 - 2017-08-07 20:08 - 000002363 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-07 20:08 - 2017-08-07 20:08 - 000000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-08-07 20:08 - 2017-08-07 20:08 - 000000000 ____D C:\Users\danie\AppData\Local\Logitech
2017-08-07 20:07 - 2017-08-08 13:35 - 000000000 ____D C:\Users\danie
2017-08-07 20:07 - 2017-08-07 21:12 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2017-08-07 20:07 - 2017-08-07 20:15 - 000000000 ____D C:\Users\danie\AppData\Local\Google
2017-08-07 20:07 - 2017-08-07 20:08 - 000002332 _____ C:\Users\danie\Desktop\Google Chrome.lnk
2017-08-07 20:07 - 2017-08-07 20:07 - 000000020 ___SH C:\Users\danie\ntuser.ini
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\TileDataLayer
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\Publishers
2017-08-07 20:07 - 2017-08-07 20:07 - 000000000 ____D C:\Users\danie\AppData\Local\ConnectedDevicesPlatform
2017-08-07 20:07 - 2017-08-05 17:48 - 000000000 ____D C:\Users\danie\AppData\Roaming\Macromedia
2017-08-07 14:20 - 2017-08-07 14:20 - 000102094 _____ C:\Users\dan44\Downloads\ACDC.tsl
2017-08-06 18:40 - 2017-08-06 18:40 - 000000017 _____ C:\WINDOWS\PrecisionX_x64.INI
2017-08-06 14:00 - 2017-08-06 14:00 - 000051215 _____ C:\Users\dan44\Downloads\Floydian-GIlmour1.tsl
2017-08-06 12:09 - 2017-08-06 12:09 - 000000000 ____D C:\Users\dan44\ansel
2017-08-05 18:32 - 2017-08-17 17:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-08-05 18:22 - 2017-08-05 18:22 - 000000000 ____D C:\Program Files\Roland
2017-08-05 17:50 - 2017-08-05 17:50 - 000001130 _____ C:\Users\Public\Desktop\BOSS TONE STUDIO for KATANA.lnk
2017-08-05 17:50 - 2017-08-05 17:50 - 000000000 ____D C:\Users\dan44\Downloads\bts_katana_w102
2017-08-05 17:50 - 2017-08-05 17:50 - 000000000 ____D C:\Program Files (x86)\BOSS TONE STUDIO for KATANA
2017-08-05 17:48 - 2017-08-05 17:48 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-08-05 17:07 - 2017-08-05 17:07 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-08-05 16:49 - 2017-08-24 08:11 - 000001106 _____ C:\Users\dan44\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Control.lnk
2017-08-05 16:49 - 2017-08-05 16:49 - 000000000 ____D C:\Program Files\PreSonus
2017-08-05 14:07 - 2017-08-05 14:07 - 000844456 _____ (Sysinternals - www.sysinternals.com) C:\Users\dan44\Downloads\Autoruns64.exe
2017-08-05 12:22 - 2017-08-05 12:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-08-05 11:53 - 2017-08-05 11:53 - 000000000 ____D C:\Users\dan44\AppData\Roaming\BOSS-TONE-STUDIO-for-KATANA
2017-08-02 10:20 - 2017-07-28 06:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-02 10:20 - 2017-07-28 05:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-02 10:20 - 2017-07-28 05:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-02 10:20 - 2017-07-28 05:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-02 10:20 - 2017-07-28 05:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-02 10:20 - 2017-07-28 05:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-02 10:20 - 2017-07-28 05:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-02 10:20 - 2017-07-28 05:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-02 10:20 - 2017-07-28 05:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-02 10:20 - 2017-07-28 05:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-02 10:20 - 2017-07-28 05:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-02 10:19 - 2017-07-28 06:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-02 10:19 - 2017-07-28 06:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-02 10:19 - 2017-07-28 06:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-02 10:19 - 2017-07-28 06:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-02 10:19 - 2017-07-28 06:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-02 10:19 - 2017-07-28 06:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-02 10:19 - 2017-07-28 06:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-02 10:19 - 2017-07-28 06:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-02 10:19 - 2017-07-28 06:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-02 10:19 - 2017-07-28 06:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-02 10:19 - 2017-07-28 06:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-02 10:19 - 2017-07-28 06:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-02 10:19 - 2017-07-28 06:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-02 10:19 - 2017-07-28 06:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-02 10:19 - 2017-07-28 06:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-02 10:19 - 2017-07-28 06:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-02 10:19 - 2017-07-28 06:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-02 10:19 - 2017-07-28 06:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-02 10:19 - 2017-07-28 06:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-02 10:19 - 2017-07-28 06:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-02 10:19 - 2017-07-28 06:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-02 10:19 - 2017-07-28 06:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-02 10:19 - 2017-07-28 06:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-02 10:19 - 2017-07-28 05:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-02 10:19 - 2017-07-28 05:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-02 10:19 - 2017-07-28 05:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-02 10:19 - 2017-07-28 05:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-02 10:19 - 2017-07-28 05:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-02 10:19 - 2017-07-28 05:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-02 10:19 - 2017-07-28 05:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-02 10:19 - 2017-07-28 05:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-02 10:19 - 2017-07-28 05:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-02 10:19 - 2017-07-28 05:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-02 10:19 - 2017-07-28 05:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-02 10:19 - 2017-07-28 05:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-02 10:19 - 2017-07-28 05:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-02 10:19 - 2017-07-28 05:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-02 10:19 - 2017-07-28 05:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-02 10:19 - 2017-07-28 05:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-02 10:19 - 2017-07-28 05:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-02 10:19 - 2017-07-28 05:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-02 10:19 - 2017-07-28 05:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-02 10:19 - 2017-07-28 05:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-02 10:19 - 2017-07-28 05:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-02 10:19 - 2017-07-28 05:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-02 10:19 - 2017-07-28 05:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-02 10:19 - 2017-07-28 05:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-02 10:19 - 2017-07-28 05:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-02 10:19 - 2017-07-28 05:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-02 10:19 - 2017-07-28 05:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-02 10:19 - 2017-07-28 05:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-02 10:19 - 2017-07-28 05:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-02 10:19 - 2017-07-28 05:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-02 10:19 - 2017-07-28 05:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-02 10:19 - 2017-07-28 05:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-02 10:19 - 2017-07-28 05:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-02 10:19 - 2017-07-28 05:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-02 10:19 - 2017-07-28 05:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-02 10:19 - 2017-07-28 05:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-02 10:19 - 2017-07-28 05:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-02 10:19 - 2017-07-28 05:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-02 10:19 - 2017-07-28 05:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-02 10:19 - 2017-07-28 05:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-02 10:19 - 2017-07-28 05:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-02 10:19 - 2017-07-28 05:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-02 10:19 - 2017-07-28 05:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-02 10:19 - 2017-07-28 05:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-02 10:19 - 2017-07-28 05:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-02 10:19 - 2017-07-28 05:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-02 10:19 - 2017-07-28 05:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-02 10:19 - 2017-07-28 05:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-02 10:19 - 2017-07-28 05:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-02 10:19 - 2017-07-28 05:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-02 10:19 - 2017-07-28 05:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-02 10:19 - 2017-07-28 05:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-02 10:19 - 2017-07-28 05:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-02 10:19 - 2017-07-28 05:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-02 10:19 - 2017-07-28 05:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-02 10:19 - 2017-07-28 05:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-02 10:19 - 2017-07-28 05:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-02 10:17 - 2017-08-02 10:17 - 000000000 ____D C:\Users\dan44\Documents\FeedbackHub
2017-07-31 10:13 - 2017-07-31 10:13 - 000001645 _____ C:\Users\dan44\Downloads\sg_backup_2017-07-31-1013.spg
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-29 09:57 - 2017-06-12 12:27 - 000000000 ___RD C:\Users\dan44\Creative Cloud Files
2017-08-29 09:57 - 2017-06-12 12:19 - 000000000 ____D C:\Users\dan44\AppData\Local\Adobe
2017-08-29 09:56 - 2017-05-29 09:25 - 002599070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-29 09:49 - 2017-05-29 10:12 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-08-29 09:49 - 2017-05-29 09:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-29 09:47 - 2017-05-29 10:15 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-08-29 09:37 - 2017-05-31 22:17 - 000000000 ____D C:\AdwCleaner
2017-08-29 09:29 - 2017-05-29 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-29 09:17 - 2017-06-12 12:27 - 000000000 ____D C:\Users\dan44\Documents\Adobe
2017-08-29 09:17 - 2017-06-12 12:22 - 000000000 ____D C:\Program Files\Adobe
2017-08-29 09:17 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Adobe
2017-08-29 09:15 - 2017-05-29 10:15 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-29 09:15 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-28 23:15 - 2017-05-29 09:24 - 000000000 ____D C:\Users\dan44
2017-08-28 21:21 - 2017-05-29 09:29 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-28 17:58 - 2017-07-27 10:07 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Origin
2017-08-28 08:46 - 2017-06-01 11:13 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Celemony Software GmbH
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\system32\w3data.vss
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\system32\msvcsv60.dll
2017-08-27 15:36 - 2017-06-06 23:49 - 000000048 _____ C:\WINDOWS\msocreg32.dat
2017-08-27 15:36 - 2017-06-06 14:52 - 000000048 _____ C:\Users\dan44\AppData\Roaming\msregsvv.dll
2017-08-27 14:20 - 2017-05-29 12:28 - 000000000 ____D C:\Users\dan44\Documents\XLN Online Installer
2017-08-27 12:29 - 2017-05-29 11:21 - 000000000 ____D C:\Cakewalk Projects
2017-08-27 10:03 - 2017-06-04 08:52 - 000000000 ____D C:\Users\dan44\AppData\Local\CrashDumps
2017-08-27 10:01 - 2017-06-18 14:29 - 000038368 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-08-27 10:01 - 2017-06-18 11:24 - 000000000 ____D C:\Program Files (x86)\Black Desert Online
2017-08-27 10:00 - 2017-06-18 11:24 - 000000000 ____D C:\Users\dan44\AppData\Local\BlackDesertOnline
2017-08-24 16:32 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\rescache
2017-08-24 14:26 - 2017-05-29 15:56 - 000000000 ____D C:\Users\dan44\Documents\My Games
2017-08-24 08:32 - 2017-05-30 08:37 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2017-08-24 08:32 - 2017-05-29 10:14 - 000000000 ____D C:\WINDOWS\INF
2017-08-24 08:11 - 2017-05-30 11:04 - 000000000 ____D C:\Users\dan44\AppData\Roaming\PreSonus
2017-08-23 13:59 - 2017-05-29 10:13 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-23 11:49 - 2017-05-29 10:40 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-08-23 11:49 - 2017-05-29 09:20 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-08-23 11:49 - 2017-05-29 09:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-08-23 11:49 - 2017-05-29 09:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-23 10:15 - 2017-05-29 10:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-21 08:42 - 2017-05-29 09:19 - 000333792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-19 17:20 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\VirtualStore
2017-08-18 11:10 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\Help
2017-08-18 07:06 - 2017-05-29 12:50 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 22:16 - 2017-07-19 19:01 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-17 22:16 - 2017-05-29 10:40 - 005899752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-08-17 22:16 - 2017-05-29 10:40 - 000023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-08-17 22:15 - 2017-07-19 19:01 - 003517496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-17 22:15 - 2017-07-19 19:01 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-15 18:30 - 2017-07-17 21:55 - 000000000 ____D C:\Program Files (x86)\iZotope
2017-08-15 18:30 - 2017-05-29 11:26 - 000000000 ____D C:\Program Files\Common Files\VST3
2017-08-14 21:58 - 2017-06-12 12:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-14 19:06 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\Packages
2017-08-14 12:14 - 2017-06-14 13:18 - 000002182 _____ C:\Users\Public\Desktop\EVGA Precision XOC.lnk
2017-08-14 12:14 - 2017-06-14 13:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-08-12 14:51 - 2017-05-29 09:25 - 000000000 ____D C:\Users\dan44\AppData\Local\ConnectedDevicesPlatform
2017-08-09 14:49 - 2017-06-06 18:29 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-08-08 23:14 - 2017-05-29 12:50 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 23:14 - 2017-05-29 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 16:31 - 2017-06-03 21:48 - 000000000 ____D C:\Users\dan44\AppData\Roaming\Skype
2017-08-08 16:22 - 2017-05-29 09:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-07 19:47 - 2017-05-29 21:46 - 000000000 ____D C:\Users\dan44\AppData\Local\ElevatedDiagnostics
2017-08-06 15:25 - 2017-06-06 23:51 - 000006144 _____ C:\Users\dan44\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-05 18:17 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-05 17:07 - 2017-05-29 13:01 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ___SD C:\WINDOWS\system32\Nui
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-08-05 16:33 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-08-05 16:32 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\registration
2017-08-03 16:26 - 2017-05-30 11:11 - 000001926 _____ C:\Users\Public\Desktop\SONAR Platinum.lnk
2017-08-02 10:23 - 2017-05-29 10:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-02 10:23 - 2017-05-29 10:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-01 16:06 - 2017-07-09 08:57 - 000000000 ____D C:\Users\dan44\AppData\Roaming\helm
2017-07-31 16:15 - 2017-05-29 10:16 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 16:15 - 2017-05-29 10:16 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-31 11:21 - 2017-05-29 10:12 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-31 11:19 - 2017-05-29 10:15 - 000000000 ____D C:\WINDOWS\system32\NDF
 
==================== Files in the root of some directories =======
 
2017-06-06 14:52 - 2017-08-27 15:36 - 000000048 _____ () C:\Users\dan44\AppData\Roaming\msregsvv.dll
2017-07-29 15:55 - 2017-07-29 15:55 - 000202773 _____ () C:\Users\dan44\AppData\Local\ars.cache
2017-07-29 15:56 - 2017-07-29 15:56 - 000611855 _____ () C:\Users\dan44\AppData\Local\census.cache
2017-06-06 23:51 - 2017-08-06 15:25 - 000006144 _____ () C:\Users\dan44\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-29 15:49 - 2017-07-29 15:49 - 000000036 _____ () C:\Users\dan44\AppData\Local\housecall.guid.cache
2017-07-29 15:54 - 2017-07-29 15:54 - 000000010 _____ () C:\Users\dan44\AppData\Local\sponge.last.runtime.cache
2017-07-29 15:56 - 2017-07-29 15:56 - 000047285 _____ () C:\ProgramData\agent.1501340205.bdinstall.bin
2017-07-31 11:22 - 2017-07-31 11:22 - 000030353 _____ () C:\ProgramData\agent.uninstall.1501496535.bdinstall.bin
2017-07-30 08:51 - 2017-07-30 08:51 - 000030964 _____ () C:\ProgramData\agent.update.1501401063.bdinstall.bin
2017-06-06 14:52 - 2017-08-27 15:36 - 000000048 _____ () C:\ProgramData\autobk.inc
2017-05-29 09:20 - 2017-05-29 09:20 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-08-27 09:22
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Satch (29-08-2017 10:56:12)
Running from C:\Users\dan44\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-29 08:21:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-150517238-643256998-2923789579-500 - Administrator - Disabled)
danie (S-1-5-21-150517238-643256998-2923789579-1003 - Administrator - Disabled) => C:\Users\danie
danie_a63rkla (S-1-5-21-150517238-643256998-2923789579-1004 - Limited - Enabled) => C:\Users\danie_a63rkla
DefaultAccount (S-1-5-21-150517238-643256998-2923789579-503 - Limited - Disabled)
Guest (S-1-5-21-150517238-643256998-2923789579-501 - Limited - Disabled)
Satch (S-1-5-21-150517238-643256998-2923789579-1001 - Administrator - Enabled) => C:\Users\dan44
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
30th Anniversary Modulator FX Chains (HKLM\...\30th Anniversary Modulator FX Chains_is1) (Version: 1.0 - Cakewalk, Inc.)
30thAnniversaryQuadCurvePresets (HKLM\...\30thAnniversaryQuadCurvePresets_is1) (Version: 1.0 - Cakewalk, Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.61 - ASUSTeK Computer Inc.)
AmpliTube 4 version 4.2.0 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.2.0 - IK Multimedia)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.28 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.3.201 - ASUSTeKcomputer.Inc) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{bc91cf0f-54ed-4f0d-8500-91f971851819}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc)
Asus Sonic Studio 3 (HKLM-x32\...\{ce8f20de-643e-4ad6-9a86-17bafa9782ea}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.50197 - Electronic Arts)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.6 - Kakao Games Europe B.V.)
BOSS TONE STUDIO for KATANA (HKLM-x32\...\{42385A7A-9EB8-5D9D-0E56-B0A99CDCED27}) (Version: 1.0.2 - Roland Corporation) Hidden
BOSS TONE STUDIO for KATANA (HKLM-x32\...\BOSS-TONE-STUDIO-for-KATANA) (Version: 1.0.2 - Roland Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Command Center (HKLM-x32\...\{B5C98C54-097A-4B4C-8189-FEF1C79F3638}_is1) (Version: 1.1.7.1 - Cakewalk Music Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Custom Shop version 1.7.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.7.0 - IK Multimedia)
DC1A2 version 2.1.0 (HKLM\...\DC1A2_is1) (Version: 2.1.0 - )
DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.3.201 - ASUSTeKcomputer.Inc) Hidden
Dimension Pro 1.5 (HKLM-x32\...\DimensionPro_x64_is1) (Version: 18.0 - Cakewalk Music Software)
EVGA Precision XOC (HKLM-x32\...\{43517A74-B739-4271-8DBD-48D4ACA3A084}) (Version: 6.1.14 - EVGA Corporation)
Fretlight Studio 6.exe 6.1.474 (HKLM-x32\...\{ACDFD413-942A-4525-A137-8718B65AD542}_is1) (Version: 6.1.474 - Optek Music Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IK Multimedia Authorization Manager version 1.0.18 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.18 - IK Multimedia)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
KATANA Driver (HKLM\...\RolandRDID0179) (Version:  - Roland Corporation)
LibreOffice 5.4.0.3 (HKLM\...\{992C4FE4-C278-4B62-A8B1-6FACB8E62980}) (Version: 5.4.0.3 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
MeldaProduction Audio Plugins 11 (HKLM-x32\...\MeldaProduction Audio Plugins 11) (Version:  - MeldaProduction)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
NahimicSettingsConfigurator (HKLM\...\{0CA6B676-1CB4-49D4-BD7E-CD41A5828130}) (Version: 3.3.201 - ASUSTeKcomputer.Inc) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.4.2 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.1.61 BETA (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.1.61 - NVIDIA Corporation)
NVIDIA Graphics Driver 385.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.28 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenCL™ runtime for Intel® Core™ and Xeon® Processors (HKLM\...\{1F6CF248-9A18-4740-BD09-281DBC8A2051}) (Version: 6.4.0.25 - Intel Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.17.36908 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.3.201 - ASUSTeKcomputer.Inc) Hidden
ProfileSwitcherCleanup (HKLM\...\{4C7BB0DB-CA83-4C7E-9AA9-0B3FFBEB109C}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc) Hidden
ProtonVPN (HKLM-x32\...\{F3942FFA-50A4-4DB8-B7E9-1ACFF9738AA3}) (Version: 1.0.7 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.0.7) (Version: 1.0.7 - ProtonVPN AG)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Rapture Session (x64) (HKLM\...\RaptureSession_x64_is1) (Version: 2.0 - Cakewalk, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8233 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.7.0 - IObit)
SonicMapperConfigurator (HKLM\...\{37F03B34-4B36-4959-A1F3-F5022ADF4759}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc) Hidden
SonicRadar3Setup (HKLM\...\{ABE86884-854B-4F6C-8B63-BCC0BFFAE372}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc) Hidden
SonicStudio3Setup (HKLM\...\{00460AB7-10E3-4658-A3FD-06E51A294F3C}) (Version: 3.3.2.41474 - ASUSTeKcomputer.Inc) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syntronik version 1.0.0 (HKLM\...\{F4F8EE56-65A3-480C-A0CD-5CCA567A5673}_is1) (Version: 1.0.0 - IK Multimedia)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen)
The Punch version 1.0.0 (HKLM\...\The Punch_is1) (Version: 1.0.0 - )
T-RackS CS version 4.10.0 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.10.0 - IK Multimedia)
Universal Control (HKLM\...\Universal Control) (Version: 2.2.0.44119 - PreSonus Audio Electronics, Inc)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\WinDirStat) (Version:  - )
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-150517238-643256998-2923789579-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3499B3542AE7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-150517238-643256998-2923789579-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-06-18] ()
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-09] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => E:\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {12A784C9-5C36-487C-B55C-2D9F2914154B} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13] (Adobe Systems Incorporated)
Task: {1676D1DA-FAB1-47A9-8DD6-35BF1A42156C} - System32\Tasks\S-1-5-21-150517238-643256998-2923789579-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {1AFA9011-1A4A-4CE3-9F00-8CCE36B8FA67} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {275D80A8-6147-4437-BD39-777803330160} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {33FFBCFD-B7BB-4C4C-B6FF-A49B60D0F171} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2016-11-16] (TODO: <Company name>)
Task: {50DE143A-DF9E-4DC9-9271-C0099C3DB207} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1004 => C:\Users\dan44\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5A3B645D-DE16-4C1A-BF2A-C9D2C8B10311} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {6C124D38-D1FA-4243-A4F0-C29279C9EF37} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-150517238-643256998-2923789579-1003 => C:\Users\dan44\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {8E97A1FE-945F-4D0A-A095-964B9CDD53BC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {935F468A-0657-42CD-A4D0-999DECA825A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-29] (Google Inc.)
Task: {961A5143-E671-4FD8-9FAF-10061AFE97D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {A009B598-A754-44D5-9F50-1B1475E8B579} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {A1A9D6A6-B19E-4A3E-BAD6-16E609FB1646} - System32\Tasks\IObitSelfCheckTask => E:\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {A28A0F18-4D48-4563-9560-C00A61671305} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {A7F075DB-5A3E-44A2-BE1C-065DB1D5979D} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2016-12-01] ()
Task: {A9455896-D646-469C-8CFB-32AF872837EA} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [2017-04-12] (ASUSTeK COMPUTER INC.)
Task: {B071D804-4A58-4846-B4FB-79C0D456E8D4} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [2017-04-12] (ASUSTeK COMPUTER INC.)
Task: {B1BF5F1B-7548-418B-B3FC-0CB0BBE764DE} - System32\Tasks\SmartDefrag_Update => E:\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {BE499E11-C1D3-41D3-977C-A4ED2C2C71C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {DA5EF3E6-D584-45EC-BCA3-22B26B88F473} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-29] (Google Inc.)
Task: {E0DFEE7F-D4F3-4F41-A4E9-6DF35971CE58} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2016-12-15] (ASUSTeK Computer Inc.)
Task: {F608B1FA-1B1D-4D96-85E6-CC7D5DCC40C5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dan44762000@yahoo.co.uk => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {F6EE0BA1-E8F4-4476-802A-8C7B162E9E9D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-05-29 13:01 - 2015-09-17 10:58 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2017-05-29 17:48 - 2016-07-27 17:51 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-08-18 11:10 - 2017-08-18 05:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-17 15:18 - 2017-08-17 15:18 - 000050800 _____ () C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-05 17:07 - 2016-12-01 09:15 - 001290200 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-08-14 03:48 - 2017-08-14 03:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2017-04-12 14:47 - 2017-04-12 14:47 - 000476344 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll
2017-03-18 21:59 - 2017-03-20 04:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-19 19:01 - 2017-08-17 22:15 - 000105304 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-04-12 14:57 - 2017-04-12 14:57 - 001697976 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\x64\SonicRadar3SystrayDaemon.dll
2017-04-12 15:03 - 2017-04-12 15:03 - 000175288 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\x64\SonicStudio3SystrayDaemon.dll
2017-04-12 14:47 - 2017-04-12 14:47 - 000285880 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3OSD.dll
2017-08-29 09:11 - 2017-08-23 09:48 - 002692952 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\swiftshader\libglesv2.dll
2017-08-29 09:11 - 2017-08-23 09:48 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\swiftshader\libegl.dll
2017-08-14 03:48 - 2017-08-14 03:48 - 034865232 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-08-08 21:32 - 2017-07-28 11:18 - 031134720 _____ () C:\Users\dan44\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.151\pepflashplayer.dll
2017-05-29 13:04 - 2017-08-29 09:49 - 000043816 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-05-29 13:01 - 2015-09-17 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-07-31 15:09 - 2017-07-31 15:09 - 000238008 _____ () C:\Program Files\PreSonus\Universal Control\Drivers\AudioBox\paeusbaudioapi.dll
2017-07-31 15:07 - 2017-07-31 15:07 - 001160192 _____ () C:\Program Files\PreSonus\Universal Control\vectorlib.dll
2017-08-17 16:37 - 2017-08-17 16:37 - 003227648 _____ () C:\Program Files\PreSonus\Universal Control\ipp.dll
2017-08-18 11:10 - 2017-08-18 05:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-08-05 17:07 - 2016-12-01 09:15 - 000268760 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2017-08-05 17:07 - 2016-11-16 15:31 - 000786416 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2017-08-05 17:07 - 2016-12-01 09:15 - 000901592 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2017-08-05 17:07 - 2016-11-16 15:31 - 000828376 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2017-08-05 17:07 - 2016-12-01 09:15 - 000851928 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2017-08-05 17:07 - 2016-11-16 15:32 - 001628632 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2017-08-05 17:07 - 2016-12-15 16:39 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2017-08-05 17:07 - 2016-12-15 16:39 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-08-05 17:07 - 2016-12-15 17:00 - 004857304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2017-08-05 17:07 - 2016-07-27 17:51 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2017-08-05 17:07 - 2016-07-14 16:10 - 001139712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2017-08-05 17:07 - 2016-12-15 16:39 - 000838456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2017-05-29 17:48 - 2016-11-16 15:32 - 000061440 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Exeio.dll
2017-05-29 17:48 - 2016-11-16 15:32 - 001752576 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.32\Vender.dll
2017-08-05 17:07 - 2016-12-15 16:39 - 000669656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\aaHMLib.dll
2017-08-18 11:10 - 2017-08-18 05:36 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-04-12 14:43 - 2017-04-12 14:43 - 000401080 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3DevProps.dll
2017-04-12 14:42 - 2017-04-12 14:42 - 000170680 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\CheckAPODaemon.dll
2017-04-12 14:53 - 2017-04-12 14:53 - 001152696 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicCursor3DDaemonModule.dll
2017-04-12 14:53 - 2017-04-12 14:53 - 001198776 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerDaemonModule.dll
2017-04-12 14:53 - 2017-04-12 14:53 - 001303736 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicRadarDaemonModule.dll
2017-04-12 14:51 - 2017-04-12 14:51 - 000489656 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerAutomationDaemon.dll
2017-04-12 14:51 - 2017-04-12 14:51 - 000647352 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMProfileDaemonModule.dll
2017-04-12 14:52 - 2017-04-12 14:52 - 000619704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMShortcutsDaemonModule.dll
2017-04-12 14:53 - 2017-04-12 14:53 - 001855672 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\SonicRadar3SystrayDaemon.dll
2017-04-12 14:43 - 2017-04-12 14:43 - 000363008 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-04-12 14:59 - 2017-04-12 14:59 - 000329912 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\DeviceRoutingDaemon.dll
2017-04-12 15:00 - 2017-04-12 15:00 - 000229376 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2017-04-12 15:00 - 2017-04-12 15:00 - 000321720 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\SonicStudio3SystrayDaemon.dll
2017-04-12 14:43 - 2017-04-12 14:43 - 000246456 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3OSD.dll
2017-07-31 15:08 - 2017-07-31 15:08 - 017484800 _____ () C:\Program Files\PreSonus\Universal Control\SmaartFactory_Win32.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-08-04 09:50 - 2017-08-04 09:50 - 067117168 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\libcef.dll
2017-08-04 09:50 - 2017-08-04 09:50 - 002253424 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\libglesv2.dll
2017-08-04 09:50 - 2017-08-04 09:50 - 000086640 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-05-29 10:15 - 2017-05-29 10:14 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-150517238-643256998-2923789579-1001\Control Panel\Desktop\\Wallpaper -> D:\Corel Video Projects\Photoshop finished art\stonehenge-2287980_1920.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: LMIRescue_3fb45b26-e2dd-b3b8-d6a4-3bca5f5f8ba8 => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-150517238-643256998-2923789579-1001\...\StartupApproved\Run: => "ISM"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7A8D9DFA-F4BF-4AA9-ACD0-F8B935ED287F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B72596CF-AA15-4A52-B1B5-82F26677D3C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7341BC2F-1AEF-48D1-87CB-EB49674B87D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{759EF189-A597-438F-895C-E1937DE5F3EF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{60DE4FAE-399C-4C8F-944F-DA7BDDF25A80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{835D56CF-E5A4-4154-B31C-9D7DC89D4ECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{822DAC61-01B9-464E-9B10-C81CA4FCB8A6}] => (Allow) C:\Program Files (x86)\Cakewalk\Command Center\Cakewalk-Command-Center.exe
FirewallRules: [{9FCF0F05-4005-4F8D-993C-BDAA44F48D56}] => (Allow) C:\Program Files (x86)\Cakewalk\Command Center\Cakewalk-Command-Center.exe
FirewallRules: [{FA355C04-45FE-4368-B4F3-06FD5489C618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE488815-6C50-4E76-A195-28DAB2376939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B2DD3203-6081-4AF7-BF74-738C20356BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{658B40D0-9406-40E7-A596-ECC3F25C1AD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C15D8F0F-E10F-4879-900B-FDDF5AC497FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{727E49FB-A30B-4F93-8F49-9C6E55C47565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6F6C812-631E-403E-8D43-063E01155C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6823DCAB-4C6A-429D-8597-151BB855D41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{51E9653E-4347-4831-9196-0FD6C918B84F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BDBCCE0-40B1-4817-96FC-A3AC5CA2941F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{977DC095-E1D9-4C6A-B385-B2E18CF839F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FF514190-AE8A-4622-834C-61D5061104C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C1C4A032-CEC7-4611-9C5D-A40477BD130A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B3CB685F-30D2-4284-9772-BD40597F2FF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9008DE0F-0AC8-4D59-A695-E734D25A3E59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7CD38813-222A-47EA-BCD8-95CE5E2C5B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{96F6BF3D-87E9-49F8-8221-05F0CE2FECD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA5D8B34-4A9F-4E20-84E0-B7A6A815FE96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01E30E90-9C7D-4319-853B-A071BF2DEF59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{147AD26F-C4E8-4E89-8356-9A0EDE4268C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A8815985-1190-461E-8AB1-650AB0011250}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{435B6F98-3C65-4BD2-A537-AC5A0E1F68C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{62755F35-D3EE-4921-9EE6-9EBDD1764482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD5BAEEE-933C-4128-9199-3AE070B2DF69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B57FD3CF-EBEB-48BA-997B-A7BF8B2BDF8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{455DB0AF-CB1A-4CC0-BAD6-DDF967CCE01F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5C9E0593-F5D0-4698-8BD4-778788B542C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0E230588-4E7B-4E39-BF88-D3E8B08B0912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{950A9199-6DE8-4ACC-A802-3C49BDC0A1FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDFE58BD-9ECC-487B-8522-36EAAA6D0670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{88C89E55-B3A0-4F7C-A75F-E7ADF7A18BED}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9B1DC9EC-08B8-4919-993F-2DCB17FF3D42}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AE15F535-25D6-4203-A996-D3CB10332E4F}] => (Allow) E:\SteamLibrary\SteamApps\common\Cakewalk\Music Creator 6 Touch\CWMC.exe
FirewallRules: [{B10B151B-1DE4-41DD-A53F-C5E35703B997}] => (Allow) E:\SteamLibrary\SteamApps\common\Cakewalk\Music Creator 6 Touch\CWMC.exe
FirewallRules: [{C6DE8715-487E-47E4-9E5E-3A53240D0CEB}] => (Allow) E:\SteamLibrary\SteamApps\common\Cakewalk\Misc\STEAM Plugin Manager\SteamPluginManager.exe
FirewallRules: [{7208E572-814F-490C-8D67-EEC4E44BD673}] => (Allow) E:\SteamLibrary\SteamApps\common\Cakewalk\Misc\STEAM Plugin Manager\SteamPluginManager.exe
FirewallRules: [{1529517F-CFE6-4211-AAC1-AC9798C7B36F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{626B4079-F0B6-4844-A44E-D1B1A50D1354}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{BF3B0AFA-3AEB-4208-842A-E0DA35B8DE05}] => (Allow) C:\Users\dan44\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe
FirewallRules: [{611A8881-9394-43C4-ADBC-99A1B9363FCD}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe
FirewallRules: [{722B47CC-B3CA-4DE5-B9E3-42696E45EC2E}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe
FirewallRules: [{C62BEB3C-FA9C-4FBB-9548-095E940592D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{53855EF5-349B-4235-B2C4-038666D0CD00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E43932EE-A021-4FAA-A0F7-093FCBCB5B63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{02C1D4DD-CEDE-4B2D-85DA-9BEE750F0EA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E86F3C9-C3E5-48A5-BA10-D9A0A4C56EE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9917B90E-7D65-4AB9-ABE3-7BCB68AEF5BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5F164255-7058-407E-BA9C-15FFF72EC6DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{704F1EF3-6F1E-440D-A8B6-F1C29F9377B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.60.492.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{84A2A4C4-63AF-4125-B895-71083D423393}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B9FBDE19-7C37-4AE1-989B-3845F0D1B4CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{398A2698-CEA8-480B-94F0-AE50E7B94C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{011E8523-E0E6-435F-B026-7882DBEF0DE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D582C17-6324-493F-88F4-D4A762138ABC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC036EE2-DA3A-463D-A64B-BFAC3CE33D77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{578C4638-FEBB-42E2-AE56-6E102FE3CC34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{124B9351-C62B-4F81-9976-4F0F966E1BAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B53428CF-4F15-48B6-BCAD-7258C989F497}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3584D8C1-3807-48BA-8479-9C526B03E7BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4FF225C4-06DF-468C-89FA-AF27C1C73DC6}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{EBDB58EF-523F-4CDC-88B4-28B5657E9F1A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{E4989A4C-C876-48A2-9FA5-2CACBB69585E}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{80E101AC-2495-41F5-89AE-CCE6FF353BFD}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AFA45A90-38F2-4632-B6E8-554B34AAEF10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{8E8CC5C5-D946-4CBF-8B0F-BFE0AEB87EB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BEB37795-0797-453A-A595-A29BB2FF9364}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe
FirewallRules: [{79E956FA-BE42-483F-AE7F-596A168F8B8E}] => (Allow) C
FirewallRules: [{81B4B27D-AC79-473E-9A92-8A15373A3B37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
23-08-2017 10:15:47 Installed Hi-Rez Studios Games
23-08-2017 10:16:49 Windows Modules Installer
25-08-2017 10:31:25 Removed Skype™ 7.39
29-08-2017 09:40:09 JRT Pre-Junkware Removal
29-08-2017 09:42:44 zoek.exe restore point
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/27/2017 10:03:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: xcoronahost.xem, version: 3.5.0.42, time stamp: 0x5474a737
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x05721410
Faulting process ID: 0x9e0
Faulting application start time: 0x01d31f1309023a06
Faulting application path: C:\Program Files (x86)\Black Desert Online\bin64\XC\NA\2\xcoronahost.xem
Faulting module path: unknown
Report ID: 9f7c97b3-7e27-4118-9edd-063ee896d723
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/26/2017 05:07:07 PM) (Source: MsiInstaller) (EventID: 1013) (User: DESKTOP-47ES84T)
Description: Product: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 -- A later version of Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 is already installed.
 
Error: (08/26/2017 01:01:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program kodi.exe version 17.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 122c
 
Start Time: 01d31e62d6dc1ec2
 
Termination Time: 1
 
Application Path: C:\Program Files\WindowsApps\XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
 
Report Id: 8fbd2243-2ef1-4236-96ac-51e8a0b2afca
 
Faulting package full name: XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p
 
Faulting package-relative application ID: Kodi
 
Error: (08/26/2017 12:57:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program kodi.exe version 17.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3a4
 
Start Time: 01d31e624a54bd8a
 
Termination Time: 1
 
Application Path: C:\Program Files\WindowsApps\XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
 
Report Id: 5fd7f1e5-f0bd-40a0-9499-53d30eb14b0b
 
Faulting package full name: XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p
 
Faulting package-relative application ID: Kodi
 
Error: (08/26/2017 12:55:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program kodi.exe version 17.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 888
 
Start Time: 01d31e61d27218c6
 
Termination Time: 1
 
Application Path: C:\Program Files\WindowsApps\XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe
 
Report Id: 79d3a0b3-3143-4613-b88e-242a729d2555
 
Faulting package full name: XBMCFoundation.Kodi_17.4.0.0_x86__4n2hpmxwrvr6p
 
Faulting package-relative application ID: Kodi
 
Error: (08/23/2017 02:18:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AfterFX.exe, version: 14.2.1.34, time stamp: 0x592e696f
Faulting module name: nvspcap64.dll, version: 3.9.1.61, time stamp: 0x5995db4b
Exception code: 0xc0000005
Fault offset: 0x0000000000081cb5
Faulting process ID: 0x13e0
Faulting application start time: 0x01d31c1230043244
Faulting application path: C:\Program Files\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe
Faulting module path: C:\WINDOWS\system32\nvspcap64.dll
Report ID: 0a60e9ca-4676-44b1-b8be-2727c9332f47
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/20/2017 03:34:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Adobe Premiere Pro.exe version 11.1.2.22 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 22fc
 
Start Time: 01d319c13cf63c22
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe
 
Report Id: c5b0ed59-79ad-4174-a5ee-0d4bbc10b79a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/19/2017 06:58:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Adobe Premiere Pro.exe version 11.1.2.22 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2a2c
 
Start Time: 01d319147ea18d03
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe
 
Report Id: a3b8329d-b669-4163-ba0c-c732cb41adcd
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/19/2017 04:15:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvspcaps64.exe, version: 3.8.0.89, time stamp: 0x59789a63
Faulting module name: MMDevApi.dll, version: 10.0.15063.447, time stamp: 0x8e730688
Exception code: 0xc0000005
Fault offset: 0x000000000001e350
Faulting process ID: 0x2398
Faulting application start time: 0x01d318e561155181
Faulting application path: C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
Faulting module path: C:\WINDOWS\System32\MMDevApi.dll
Report ID: 38007e35-294f-4660-b557-920514ec7494
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/19/2017 01:30:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program kodi.exe version 17.4.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 11d8
 
Start Time: 01d318e6d9c17840
 
Termination Time: 1
 
Application Path: C:\Program Files\WindowsApps\XBMCFoundation.Kodi_17.3.8.0_x86__4n2hpmxwrvr6p\kodi.exe
 
Report Id: c668e603-4a61-45ef-b20d-2846ac52043d
 
Faulting package full name: XBMCFoundation.Kodi_17.3.8.0_x86__4n2hpmxwrvr6p
 
Faulting package-relative application ID: Kodi
 
 
System errors:
=============
Error: (08/29/2017 09:49:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
Error: (08/29/2017 09:47:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (08/29/2017 09:47:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (08/29/2017 09:47:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (08/29/2017 09:47:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (08/29/2017 09:47:51 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (08/29/2017 09:40:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (08/29/2017 09:40:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/29/2017 09:38:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.
 
Error: (08/29/2017 09:38:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PreSonus Hardware Access Service service failed to start due to the following error: 
The pipe has been ended.
 
 
CodeIntegrity:
===================================
  Date: 2017-08-28 11:32:09.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-28 11:32:09.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-28 09:33:42.692
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-28 09:33:09.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-28 09:33:08.988
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-28 09:33:08.943
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-27 15:33:35.902
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-27 14:23:30.270
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-27 14:23:30.228
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-25 14:36:23.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 21%
Total physical RAM: 16320.15 MB
Available physical RAM: 12763.11 MB
Total Virtual: 18752.15 MB
Available Virtual: 15106.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:237.94 GB) (Free:97.58 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1318.26 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:232.88 GB) (Free:131.72 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:111.66 GB) (Free:111.56 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E5865CE9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2CED93D8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F3834AA2)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 
Ok thanks 
 
Dan 


#6 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 29 August 2017 - 04:58 AM

And yes i set Duck Duck Go as my search engine 



#7 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 29 August 2017 - 07:24 AM

There doesn’t appear to be anything ‘bad’ on your computer but there are a lot of temporary files that are usually related to Photoshop – strange considering it is not installed.

We’ll clean up those and run another scan to be sure.


You need to move Farbar Recovery Scan Tool to your desktop otherwise fixes will not work.

  • go to your Downloads folder and locate Farbar Recovery Scan Tool
  • right click and select Cut
  • go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

================================================

Run Farbar Recovery Scan Tool

  • right-click FRST/FRST64 and select ‘Run as administrator’
  • press Ctrl+y and a ‘fixlist.txt’ file will open up
  • copy and paste the following into it:
CloseProcesses:
2017-08-26 21:38 - 2017-08-26 21:38 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign33f7a0447ace80a2
2017-08-26 21:37 - 2017-08-26 21:37 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5d982fbf0569b31e
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignea50420948253331
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign548b7c960fc33acd
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9405bc68982f07fe
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign62cae7acfaa779b2
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb28d5e38b5063945
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign56bb948915b3c924
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc3ffc939d877171a
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign39b9a6dfce267862
2017-08-23 14:47 - 2017-08-23 14:47 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf7386ece4d3c68b0
2017-08-23 14:46 - 2017-08-23 14:46 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign978e1cc5c8bce18b
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignfa9207531fe14419
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2134796833432d73
2017-08-23 13:30 - 2017-08-23 13:30 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd43627842c53b666
2017-08-23 13:28 - 2017-08-23 13:28 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign05eadefa159a60e4
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign61e709e180f8fbbc
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2d03ff161ae7a17f
2017-08-22 15:07 - 2017-08-22 15:07 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne3aca8865e91c390
2017-08-22 15:06 - 2017-08-22 15:06 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1a3061eaf7a2583b
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefe6299ad4d83b36
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign17678350f6c75df5
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9bdcb2107e2ae380
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4c2759a31f400949
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigndc796de078482ff7
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1eafd516485a2875
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigncf38bbba9a56a35c
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb5e4dd851106abc8
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf32a5d495f54da62
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign81f554e34cc2be07
2017-08-22 09:57 - 2017-08-22 09:57 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf756ead559dba5f0
2017-08-22 09:55 - 2017-08-22 09:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5e26f3d5798b2742
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign7bc2136d9f1e00bf
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign66d6fe932206db28
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign6a760dfc1f48adc0
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign15d3a7cd029e75c4
2017-08-21 15:49 - 2017-08-21 15:49 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne0260b96a29587ad
2017-08-21 15:48 - 2017-08-21 15:48 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2e1e2b8430f59997
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne11bbbea6417459b
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc60f18f2bf77f318
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefddc2303e3db23c
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1b70591325cae08b
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf0c61fb96b862413
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb1093cebdc90d562
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne6abdf682d48ff5e
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign0ba9175d1f18ee01
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign49d09f7f3d0ada02
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3b897dafdf708e11
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign68b101e97ac6d29d
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4dbe3a8396aa3e0b
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc21eb9b96cbe9b64
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2593040c3f30b1df
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd78811129fa22af9
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna1fa6d9366883007
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignce50f44876c0ff64
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna6526924ef6a9efc
2017-08-19 11:16 - 2017-08-19 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc88d6c6a13f7f801
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign635068bf686d19c8
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5c064ce8905b20ee
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna07faf0eee810add
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3d3016bed3476a10
2017-08-18 18:39 - 2017-08-18 18:39 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1899a8a0a4942ded
FirewallRules: [{79E956FA-BE42-483F-AE7F-596A168F8B8E}] => (Allow) C
EmptyTemp:

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • press Ctrl+s to save it then close the fixlist.txt file
  • press the ‘Fix’ button once and wait
  • please reboot the computer if requested
  • it will create a log on your desktop, (Fixlog.txt); please post it to your reply.

================================================

Run Malwarebytes Anti-Malware

Please download Malwarebytes Anti-Malware to your desktop.

  • double-click mbam-setup- mb3-setup-consumer-3.0.4.exe and follow the prompts to install the program
  • at the end, be sure a checkmark is placed next to the following
    • Launch Malwarebytes Anti-Malware
    • a 14 day trial of the Premium features is pre-selected: deselect this if you don’t want it, (it won’t diminish the scanning and removal capabilities of the program).
  • click Finish.
  • on the Dashboard, click Update Now
  • after the update completes, click the Scan Now' button.
  • if an update is available, clicking the Update Now button will update it
  • a Threat Scan will begin.
  • when the scan is complete, if malware has been detected, click Apply Actions to allow MBAM to clean what was found
  • when the prompt to restart the computer appears, click Yes.
  • after the restart once you are back at your desktop, open MBAM once more
  • click on the “History” tab, the “Application Logs”
  • double-click on the scan log which shows the date and time of the scan just performed.
  • click Copy to Clipboard
  • please paste the contents of the clipboard into your reply.

Logs to include with next post:

Fixlog.txt
Mbam.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#8 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 29 August 2017 - 08:29 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Satch (29-08-2017 14:22:47) Run:1
Running from C:\Users\dan44\Desktop
Loaded Profiles: Satch (Available Profiles: Satch & danie & danie_a63rkla)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
2017-08-26 21:38 - 2017-08-26 21:38 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign33f7a0447ace80a2
2017-08-26 21:37 - 2017-08-26 21:37 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5d982fbf0569b31e
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignea50420948253331
2017-08-24 13:26 - 2017-08-24 13:26 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign548b7c960fc33acd
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9405bc68982f07fe
2017-08-23 17:08 - 2017-08-23 17:08 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign62cae7acfaa779b2
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb28d5e38b5063945
2017-08-23 16:58 - 2017-08-23 16:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign56bb948915b3c924
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc3ffc939d877171a
2017-08-23 16:31 - 2017-08-23 16:31 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign39b9a6dfce267862
2017-08-23 14:47 - 2017-08-23 14:47 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf7386ece4d3c68b0
2017-08-23 14:46 - 2017-08-23 14:46 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign978e1cc5c8bce18b
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignfa9207531fe14419
2017-08-23 14:21 - 2017-08-23 14:21 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2134796833432d73
2017-08-23 13:30 - 2017-08-23 13:30 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd43627842c53b666
2017-08-23 13:28 - 2017-08-23 13:28 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign05eadefa159a60e4
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign61e709e180f8fbbc
2017-08-22 15:09 - 2017-08-22 15:09 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2d03ff161ae7a17f
2017-08-22 15:07 - 2017-08-22 15:07 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne3aca8865e91c390
2017-08-22 15:06 - 2017-08-22 15:06 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1a3061eaf7a2583b
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefe6299ad4d83b36
2017-08-22 15:00 - 2017-08-22 15:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign17678350f6c75df5
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign9bdcb2107e2ae380
2017-08-22 11:35 - 2017-08-22 11:35 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4c2759a31f400949
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigndc796de078482ff7
2017-08-22 11:20 - 2017-08-22 11:20 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1eafd516485a2875
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigncf38bbba9a56a35c
2017-08-22 11:17 - 2017-08-22 11:17 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb5e4dd851106abc8
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf32a5d495f54da62
2017-08-22 11:16 - 2017-08-22 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign81f554e34cc2be07
2017-08-22 09:57 - 2017-08-22 09:57 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf756ead559dba5f0
2017-08-22 09:55 - 2017-08-22 09:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5e26f3d5798b2742
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign7bc2136d9f1e00bf
2017-08-22 08:36 - 2017-08-22 08:36 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign66d6fe932206db28
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign6a760dfc1f48adc0
2017-08-21 17:44 - 2017-08-21 17:44 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign15d3a7cd029e75c4
2017-08-21 15:49 - 2017-08-21 15:49 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne0260b96a29587ad
2017-08-21 15:48 - 2017-08-21 15:48 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2e1e2b8430f59997
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne11bbbea6417459b
2017-08-20 18:55 - 2017-08-20 18:55 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc60f18f2bf77f318
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignefddc2303e3db23c
2017-08-20 15:34 - 2017-08-20 15:34 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1b70591325cae08b
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignf0c61fb96b862413
2017-08-20 15:33 - 2017-08-20 15:33 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignb1093cebdc90d562
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigne6abdf682d48ff5e
2017-08-20 14:02 - 2017-08-20 14:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign0ba9175d1f18ee01
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign49d09f7f3d0ada02
2017-08-19 19:13 - 2017-08-19 19:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3b897dafdf708e11
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign68b101e97ac6d29d
2017-08-19 19:00 - 2017-08-19 19:00 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign4dbe3a8396aa3e0b
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc21eb9b96cbe9b64
2017-08-19 18:58 - 2017-08-19 18:58 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign2593040c3f30b1df
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignd78811129fa22af9
2017-08-19 18:56 - 2017-08-19 18:56 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna1fa6d9366883007
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignce50f44876c0ff64
2017-08-19 16:13 - 2017-08-19 16:13 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna6526924ef6a9efc
2017-08-19 11:16 - 2017-08-19 11:16 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsignc88d6c6a13f7f801
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign635068bf686d19c8
2017-08-19 11:15 - 2017-08-19 11:15 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign5c064ce8905b20ee
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsigna07faf0eee810add
2017-08-19 10:02 - 2017-08-19 10:02 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign3d3016bed3476a10
2017-08-18 18:39 - 2017-08-18 18:39 - 000000000 ____D C:\Users\dan44\AppData\Local\Tempzxpsign1899a8a0a4942ded
FirewallRules: [{79E956FA-BE42-483F-AE7F-596A168F8B8E}] => (Allow) C
EmptyTemp:
*****************
 
Processes closed successfully.
C:\Users\dan44\AppData\Local\Tempzxpsign33f7a0447ace80a2 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign5d982fbf0569b31e => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignea50420948253331 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign548b7c960fc33acd => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign9405bc68982f07fe => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign62cae7acfaa779b2 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignb28d5e38b5063945 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign56bb948915b3c924 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignc3ffc939d877171a => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign39b9a6dfce267862 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignf7386ece4d3c68b0 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign978e1cc5c8bce18b => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignfa9207531fe14419 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign2134796833432d73 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignd43627842c53b666 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign05eadefa159a60e4 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign61e709e180f8fbbc => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign2d03ff161ae7a17f => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigne3aca8865e91c390 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign1a3061eaf7a2583b => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignefe6299ad4d83b36 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign17678350f6c75df5 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign9bdcb2107e2ae380 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign4c2759a31f400949 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigndc796de078482ff7 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign1eafd516485a2875 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigncf38bbba9a56a35c => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignb5e4dd851106abc8 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignf32a5d495f54da62 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign81f554e34cc2be07 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignf756ead559dba5f0 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign5e26f3d5798b2742 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign7bc2136d9f1e00bf => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign66d6fe932206db28 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign6a760dfc1f48adc0 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign15d3a7cd029e75c4 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigne0260b96a29587ad => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign2e1e2b8430f59997 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigne11bbbea6417459b => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignc60f18f2bf77f318 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignefddc2303e3db23c => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign1b70591325cae08b => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignf0c61fb96b862413 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignb1093cebdc90d562 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigne6abdf682d48ff5e => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign0ba9175d1f18ee01 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign49d09f7f3d0ada02 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign3b897dafdf708e11 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign68b101e97ac6d29d => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign4dbe3a8396aa3e0b => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignc21eb9b96cbe9b64 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign2593040c3f30b1df => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignd78811129fa22af9 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigna1fa6d9366883007 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignce50f44876c0ff64 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigna6526924ef6a9efc => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsignc88d6c6a13f7f801 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign635068bf686d19c8 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign5c064ce8905b20ee => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsigna07faf0eee810add => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign3d3016bed3476a10 => moved successfully
C:\Users\dan44\AppData\Local\Tempzxpsign1899a8a0a4942ded => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79E956FA-BE42-483F-AE7F-596A168F8B8E} => value removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 65109463 B
Java, Flash, Steam htmlcache => 363063729 B
Windows/system/drivers => 63401 B
Edge => 11497529 B
Chrome => 476503375 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 32920 B
dan44 => 5824034 B
danie => 28708230 B
danie_a63rkla => 28120720 B
 
RecycleBin => 0 B
EmptyTemp: => 941.1 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 14:22:52 ====
 
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 8/29/17
Scan Time: 2:26 PM
Log File: b14a600c-8cbd-11e7-bbcc-2c4d54d41baf.json
Administrator: Yes
 
-Software Information-
Version: 3.2.2.2018
Components Version: 1.0.188
Update Package Version: 1.0.2682
License: Trial
 
-System Information-
OS: Windows 10 (Build 15063.540)
CPU: x64
File System: NTFS
User: DESKTOP-47ES84T\Satch
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 416616
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 min, 6 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#9 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 29 August 2017 - 09:11 AM

Your computer appears to be fine.

 

Please let me know if there are any outstanding problems. If there are none and, if you're happy to clean up the tools we've used, I'll send instructions.

 

Satchfan


Edited by satchfan, 29 August 2017 - 09:11 AM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#10 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 29 August 2017 - 10:11 AM

Let me test it for a few hours, it will save me from saying everything is fine and then have to open the case again.

 

Thanks for your time 

 

Dan 



#11 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 29 August 2017 - 10:13 AM

:thumbup2:

 

Nina


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#12 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 31 August 2017 - 04:30 PM

It has been a couple of days since I last heard from you.

Please let me know if you are having problems and still need help. If I don't hear from you within 24 hours I'll assume that all is now OK and close this topic.

Nina


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#13 the geekfreak

the geekfreak
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:swansea uk
  • Local time:01:39 PM

Posted 01 September 2017 - 04:31 AM

Hi,

yes everything is fine , i am going to follow you so i can make a small donation in due course. on pay day :) 

 

Many thanks for all your help

 

Sincerely 

 

Dan



#14 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 01 September 2017 - 05:36 AM

yes everything is fine

:thumbup2:


i am going to follow you so i can make a small donation in due course. on pay day

Thanks.

Your computer appears to be clean. As your computer seems to be running well and free of infection, please follow these steps to tidy up your computer and decrease the likelihood of future infection:


Uninstall AdwCleaner

  • double click on adwcleaner.exe to run the tool
  • click on Uninstall
  • confirm with Yes.

===================================================

Download & run Delfix

  • download Delfix from here to remove many of the tools we've used during the cleaning process.
  • ensure “Remove disinfection tools” is checked.

Also place a checkmark next to:


o    Create registry backup
o    Purge system restore

  • click the Run button.

You can delete all other logs and programs we’ve used that are on your desktop. Just click on them and press Delete.

===================================================

Windows firewall

Windows firewall seems to be disabled which is very dangerous.

To turn on Windows firewall:

  • in the ‘Search’ box, type firewall, then select Windows Firewall
  • select Turn Windows Firewall on or off. You might be asked for an admin password or to confirm your choice
  • select the option “Turn off Windows Firewall” for both the private and public network.

Note: If your PC is connected to a network, network policy settings might prevent you from completing these steps. For more info, contact your administrator.

===================================================

Recommended programs

Update and run Malwarebytes. This really is an excellent program that you should also update and run on a regular basis, probably weekly.

======================

It’s important to keep programs up to date so that malware doesn't exploit any old security flaws.

FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated.

======================

Download WOT

Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:


green if it's safe
yellow for caution
red for unsafe
 

You can download the WOT add-on for Firefox, Chrome, Internet Explorer, Opera, and Safari browsers. It does not slow down your browsing experience, it is easy to use and free. Just click “Download” and you are ready to go!

======================

MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

A couple of links with information here and here which can answer any questions you might have about installing/using it.

======================

Unchecky

Be careful when downloading free software. Many free programs come bundled with adware, many of which cause redirects/popups and verge on being malware. There is a program that automatically “unckecks” the boxes you may not notice when downloading programs.

Download and install Unchecky .

===================================================

I also recommend that you read the following:

Best Practices for Safe Computing - Prevention of Malware Infection by miekiemoes

Simple and easy ways to keep your computer safe and secure on the Internet  by Lawrence Abrams

I will keep this open for 24 hours in case you have any problems, after which I’ll close the topic.

Safe computing and guitar-playing. :guitar:

Nina (a 'Satch' fan) :guitar:


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#15 satchfan

satchfan

  • Malware Response Team
  • 2,714 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:39 PM

Posted 03 September 2017 - 03:18 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users