Penne

Members

View Profile See their activity

Posts
7
Joined
April 15, 2016
Last visited
April 24, 2016

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by Penne

A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

Hello, I'm sorry I wasn't available all week. For now, I did not encountered any suspiciously behavior, and the add didn't showed up at all. I thank you for your time and effort. appreciate it a lot. Penne.
- April 22, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

Fixlog: Fixlog.txt AdwCleaner: AdwCleaner[C3].txt JRT: JRT.txt MRT: mrt.txt That is all the logs. in three hours from now it will be 2 o'clock at my place, so I could confirm the process. And again, I thank you for your time and effort.
- April 17, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

ROGUEKILLER report: RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Penne [Administrator] Started from : D:\Desktop\RogueKiller.exe Mode : Delete -- Date : 04/17/2016 01:46:53 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 8 ¤¤¤ [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Replaced () [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Not selected [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Not selected ¤¤¤ Tasks : 1 ¤¤¤ [Suspicious.Path] \GNU_635940224620902278 -- C:\Users\Penne\AppData\Roaming\SafeWeb\atg.exe -> Deleted ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ATA Samsung SSD 840 SCSI Disk Device +++++ --- User --- [MBR] dfb6124089ecce3332245490cb1dbf36 [BSP] 3c9a785f714dcb3815571ac78cf1ce31 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ATA WDC WD5000AAKX-2 SCSI Disk Device +++++ --- User --- [MBR] 5915bd48c71eb516b29497979b8ebc11 [BSP] fa3c82ac89ea70f72bbbcba3d9215287 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK now the FRST does work: FRST log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 Ran by Penne (administrator) on PENNE-PC (17-04-2016 01:49:30) Running from D:\Downloads Loaded Profiles: Penne (Available Profiles: Penne) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Riot Games\LolScreenSaver\service\service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SmartRecovery2\RPMDaemon.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Cm106Sound] => C:\Program Files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe [2196992 2014-01-14] (CMedia) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-02] (TODO: <Company name>) HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\GIGABYTE\EasyTune\etro.exe [5632 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd) HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\lol.scr ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ryos TKL Driver.lnk [2016-03-18] ShortcutTarget: Ryos TKL Driver.lnk -> C:\Program Files (x86)\ROCCAT\Ryos TKL Keyboard\Ryos TKL Monitor.exe (ROCCAT GmbH Co., Ltd.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2014-12-06] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll" Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll" Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-206197487-1037210532-2885666671-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-206197487-1037210532-2885666671-1000 -> DefaultScope {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1 SearchScopes: HKU\S-1-5-21-206197487-1037210532-2885666671-1000 -> {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1 BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.co.il/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404120675&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295358&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404420000&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://www.viceice.com/" CHR Profile: C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17] CHR Extension: (Google Docs) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17] CHR Extension: (Google Drive) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17] CHR Extension: (YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18] CHR Extension: (GeoGebra) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-03-25] CHR Extension: (Daum Equation Editor) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2016-03-25] CHR Extension: (Google Calendar) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-03-25] CHR Extension: (Google Sheets) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17] CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2016-03-25] CHR Extension: (Google Docs Offline) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17] CHR Extension: (AdBlock) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-17] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-03-25] CHR Extension: (YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm [2016-04-17] CHR Extension: (GMT/UTC Clock) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiboebkhioapbcogmjkkjbpgbgjlodj [2016-03-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (My Chrome Theme) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-03-25] CHR Extension: (Sleep Timer) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooopjafkemmggfcolfglbmknanpcpgji [2016-03-25] CHR Extension: (World Clocks 2) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej [2016-03-25] CHR Extension: (Gmail) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-18] CHR Extension: (Canvas Rider) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2016-03-25] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-07] () R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2519904 2016-03-18] (ESET) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-23] (Gigabyte Technology CO., LTD.) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-20] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-20] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [490256 2013-01-23] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-18] (ESET) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-03-18] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2016-03-18] (ESET) R3 etocdrv; C:\Windows\etocdrv.sys [15584 2013-10-31] (Giga-Byte Technology CO., LTD.) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-03-20] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-01] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) R3 ROCCATKV; C:\Windows\System32\DRIVERS\ROCCATKV.SYS [578560 2013-11-06] (C-Media Inc.) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-04-17] () R1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () S3 avchv; system32\DRIVERS\avchv.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-17 01:48 - 2016-04-17 01:49 - 00000000 ____D C:\FRST 2016-04-17 01:26 - 2016-04-17 01:41 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys 2016-04-17 01:26 - 2016-04-17 01:41 - 00000000 ____D C:\ProgramData\RogueKiller 2016-04-17 01:13 - 2016-04-17 01:13 - 00046778 _____ C:\ComboFix.txt 2016-04-17 01:09 - 2016-04-17 01:13 - 00000000 ____D C:\Windows\erdnt 2016-04-17 01:09 - 2016-04-17 01:13 - 00000000 ____D C:\Qoobox 2016-04-17 01:09 - 2011-06-26 09:45 - 00256000 _____ C:\Windows\PEV.exe 2016-04-17 01:09 - 2010-11-07 20:20 - 00208896 _____ C:\Windows\MBR.exe 2016-04-17 01:09 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2016-04-17 01:09 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2016-04-17 01:09 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2016-04-17 01:09 - 2000-08-31 03:00 - 00098816 _____ C:\Windows\sed.exe 2016-04-17 01:09 - 2000-08-31 03:00 - 00080412 _____ C:\Windows\grep.exe 2016-04-17 01:09 - 2000-08-31 03:00 - 00068096 _____ C:\Windows\zip.exe 2016-04-16 18:36 - 2016-04-16 18:36 - 00000000 ____D C:\Windows\system32\appmgmt 2016-04-16 18:29 - 2016-04-16 18:29 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\C4M 2016-04-16 17:21 - 2016-04-16 17:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-16 17:21 - 2016-04-16 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-16 17:21 - 2016-04-16 17:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-16 17:21 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-16 17:21 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-16 17:21 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-16 17:16 - 2016-04-16 18:29 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-04-16 11:54 - 2016-04-16 18:34 - 00000000 ____D C:\Users\Penne\AppData\Local\Battleplans 2016-04-15 14:20 - 2016-04-15 19:20 - 00000000 ____D C:\Users\Penne\.flashTool 2016-04-15 14:20 - 2016-04-15 19:03 - 00000000 ____D C:\Users\Penne\.oracle_jre_usage 2016-04-15 14:20 - 2016-04-15 14:20 - 00000000 ____D C:\Users\Penne\.swt 2016-04-15 14:19 - 2016-04-15 14:19 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool 2016-04-15 14:18 - 2016-04-15 14:20 - 00000000 ____D C:\Flashtool 2016-04-13 23:25 - 2016-04-13 23:25 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk 2016-04-13 23:25 - 2016-04-13 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh 2016-04-13 23:24 - 2016-04-13 23:32 - 00000000 ____D C:\Users\Penne\AppData\Roaming\BSplayer PRO 2016-04-13 23:24 - 2016-04-13 23:25 - 00000000 ____D C:\Program Files (x86)\BSplayerPro 2016-04-13 17:11 - 2016-03-29 20:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-04-13 17:11 - 2016-03-06 21:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-13 17:11 - 2016-03-06 21:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-04-13 17:11 - 2016-03-06 21:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-13 17:11 - 2016-03-06 21:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2016-04-13 16:51 - 2016-03-31 22:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-04-13 16:51 - 2016-03-31 21:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-04-13 16:51 - 2016-03-31 03:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-04-13 16:51 - 2016-03-31 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-04-13 16:51 - 2016-03-31 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-04-13 16:51 - 2016-03-31 03:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-04-13 16:51 - 2016-03-31 03:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-04-13 16:51 - 2016-03-31 03:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-04-13 16:51 - 2016-03-31 03:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-04-13 16:51 - 2016-03-31 03:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-04-13 16:51 - 2016-03-31 03:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-04-13 16:51 - 2016-03-31 03:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-04-13 16:51 - 2016-03-31 03:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-04-13 16:51 - 2016-03-31 03:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-04-13 16:51 - 2016-03-31 03:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-04-13 16:51 - 2016-03-31 03:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-04-13 16:51 - 2016-03-31 03:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-04-13 16:51 - 2016-03-31 03:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-04-13 16:51 - 2016-03-31 03:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-04-13 16:51 - 2016-03-31 03:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-04-13 16:51 - 2016-03-31 03:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-04-13 16:51 - 2016-03-31 03:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-04-13 16:51 - 2016-03-31 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-04-13 16:51 - 2016-03-31 03:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-04-13 16:51 - 2016-03-31 02:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-04-13 16:51 - 2016-03-31 02:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-04-13 16:51 - 2016-03-31 02:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-13 16:51 - 2016-03-31 02:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-13 16:51 - 2016-03-31 02:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-04-13 16:51 - 2016-03-31 02:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-04-13 16:51 - 2016-03-31 02:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-04-13 16:51 - 2016-03-31 02:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-04-13 16:51 - 2016-03-31 02:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-04-13 16:51 - 2016-03-31 02:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-04-13 16:51 - 2016-03-31 02:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-04-13 16:51 - 2016-03-31 02:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-04-13 16:51 - 2016-03-31 02:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-04-13 16:51 - 2016-03-31 02:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-04-13 16:51 - 2016-03-31 02:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-04-13 16:51 - 2016-03-31 02:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-04-13 16:51 - 2016-03-31 02:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-04-13 16:51 - 2016-03-31 02:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 16:51 - 2016-03-31 02:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-04-13 16:51 - 2016-03-31 02:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-04-13 16:51 - 2016-03-31 02:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-04-13 16:51 - 2016-03-31 02:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-04-13 16:51 - 2016-03-31 02:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-04-13 16:51 - 2016-03-31 02:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-04-13 16:51 - 2016-03-31 02:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-04-13 16:51 - 2016-03-31 02:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-04-13 16:51 - 2016-03-31 02:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-04-13 16:51 - 2016-03-31 02:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-04-13 16:51 - 2016-03-31 02:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-04-13 16:51 - 2016-03-31 02:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-04-13 16:51 - 2016-03-31 02:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-13 16:51 - 2016-03-31 02:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-04-13 16:51 - 2016-03-31 02:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-04-13 16:51 - 2016-03-31 02:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-04-13 16:51 - 2016-03-31 02:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-04-13 16:51 - 2016-03-31 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-04-13 16:51 - 2016-03-31 02:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-04-13 16:51 - 2016-03-31 02:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-04-13 16:51 - 2016-03-31 02:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-04-13 16:51 - 2016-03-31 02:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-04-13 16:51 - 2016-03-31 02:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-04-13 16:51 - 2016-03-31 02:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-04-13 16:51 - 2016-03-18 02:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-04-13 16:51 - 2016-03-18 02:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-13 16:51 - 2016-03-18 02:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-04-13 16:51 - 2016-03-18 02:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-04-13 16:51 - 2016-03-18 02:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-13 16:51 - 2016-03-18 02:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-13 16:51 - 2016-03-18 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-04-13 16:51 - 2016-03-18 01:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-04-13 16:51 - 2016-03-18 01:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-04-13 16:51 - 2016-03-18 01:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-04-13 16:51 - 2016-03-18 01:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-04-13 16:51 - 2016-03-18 01:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-04-13 16:51 - 2016-03-18 01:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-04-13 16:51 - 2016-03-18 01:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-13 16:51 - 2016-03-18 01:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-04-13 16:51 - 2016-03-18 01:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-04-13 16:51 - 2016-03-18 01:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-04-13 16:51 - 2016-03-18 01:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-04-13 16:51 - 2016-03-18 01:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-04-13 16:51 - 2016-03-18 01:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-04-13 16:51 - 2016-03-18 01:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-04-13 16:51 - 2016-03-18 01:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-04-13 16:51 - 2016-03-18 01:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 16:51 - 2016-03-18 01:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 16:51 - 2016-03-18 01:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-13 16:51 - 2016-03-18 01:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-04-13 16:51 - 2016-03-18 01:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-04-13 16:51 - 2016-03-18 01:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-13 16:51 - 2016-03-18 01:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-04-13 16:51 - 2016-03-18 01:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-04-13 16:51 - 2016-03-18 01:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-04-13 16:51 - 2016-03-18 01:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-04-13 16:51 - 2016-03-18 01:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-04-13 16:51 - 2016-03-18 01:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-04-13 16:51 - 2016-03-18 01:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-04-13 16:51 - 2016-03-18 01:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-04-13 16:51 - 2016-03-18 01:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-13 16:51 - 2016-03-18 01:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-04-13 16:51 - 2016-03-18 01:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-04-13 16:51 - 2016-03-18 01:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-04-13 16:51 - 2016-03-18 01:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-04-13 16:51 - 2016-03-18 01:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-04-13 16:51 - 2016-03-18 01:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 00:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-04-13 16:51 - 2016-03-18 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-04-13 16:51 - 2016-03-18 00:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-04-13 16:51 - 2016-03-18 00:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-04-13 16:51 - 2016-03-18 00:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-04-13 16:51 - 2016-03-18 00:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-04-13 16:51 - 2016-03-18 00:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-04-13 16:51 - 2016-03-18 00:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-04-13 16:51 - 2016-03-18 00:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-04-13 16:51 - 2016-03-18 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-04-13 16:51 - 2016-03-18 00:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-04-13 16:51 - 2016-03-18 00:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-04-13 16:51 - 2016-03-18 00:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-04-13 16:51 - 2016-03-18 00:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-04-13 16:51 - 2016-03-18 00:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-04-13 16:51 - 2016-03-18 00:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-04-13 16:51 - 2016-03-18 00:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-04-13 16:51 - 2016-03-18 00:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 00:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 00:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-04-13 16:51 - 2016-03-18 00:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-04-13 16:51 - 2016-03-16 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-13 16:51 - 2016-03-16 21:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-13 16:51 - 2016-03-16 21:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-13 16:51 - 2016-03-16 03:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-13 16:51 - 2016-03-16 03:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-13 16:51 - 2016-03-16 02:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-13 16:51 - 2016-03-11 21:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-04-13 16:51 - 2016-03-11 21:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-04-09 20:11 - 2016-04-16 18:36 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\Adblock Plus for IE 2016-04-09 01:12 - 2016-04-04 21:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-09 01:12 - 2016-04-04 21:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-09 01:12 - 2016-04-02 16:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-07 23:04 - 2016-04-07 23:04 - 00000000 ____D C:\Users\Penne\AppData\Local\GWX 2016-04-07 14:43 - 2016-04-16 10:07 - 00000000 ____D C:\AdwCleaner 2016-04-07 14:19 - 2016-04-07 14:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2016-04-07 14:18 - 2016-03-23 17:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-07 14:18 - 2016-03-17 21:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-07 14:18 - 2016-03-17 21:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-07 14:18 - 2016-03-17 21:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-07 14:18 - 2016-03-17 21:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-03 00:57 - 2016-04-03 00:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2016-04-02 14:15 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 2016-04-02 14:15 - 2016-03-22 05:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-04-02 14:14 - 2016-03-22 07:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-04-02 14:14 - 2016-03-22 07:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00473592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2016-04-02 14:14 - 2016-03-22 07:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json 2016-04-02 14:14 - 2016-03-22 07:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json 2016-04-02 14:10 - 2016-03-21 23:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-04-02 14:10 - 2016-03-21 23:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-04-02 14:10 - 2016-03-21 23:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-04-01 23:50 - 2016-04-01 23:50 - 00000000 ____D C:\ProgramData\Steam 2016-04-01 23:19 - 2016-04-01 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks 2016-03-31 21:05 - 2016-03-31 21:05 - 00000000 ____D C:\Users\Penne\AppData\Roaming\LolScreenSaver 2016-03-31 21:05 - 2016-03-31 21:05 - 00000000 ____D C:\Riot Games 2016-03-31 15:17 - 2016-03-31 15:26 - 00000000 ____D C:\ProgramData\TrackmaniaTurbo 2016-03-31 15:15 - 2016-03-31 15:15 - 00000000 ____D C:\Users\Penne\Documents\Lightshot 2016-03-31 15:08 - 2016-03-31 15:18 - 00000000 ____D C:\Users\Penne\Documents\TrackmaniaTurbo 2016-03-31 15:07 - 2016-03-31 15:21 - 00000000 ____D C:\Users\Penne\AppData\Local\Ubisoft Game Launcher 2016-03-31 15:07 - 2016-03-31 15:07 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2016-03-31 15:07 - 2016-03-31 15:07 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-03-31 14:31 - 2016-03-31 14:31 - 00000000 ____D C:\Users\Penne\AppData\Local\Trove 2016-03-31 14:30 - 2016-04-16 18:36 - 00000000 ____D C:\Users\Penne\AppData\Local\Glyph 2016-03-31 14:30 - 2016-03-31 14:32 - 00000000 ____D C:\ProgramData\Glyph 2016-03-31 14:30 - 2016-03-31 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph 2016-03-30 21:25 - 2016-03-30 21:25 - 03721216 _____ C:\Windows\SysWOW64\lol.scr 2016-03-26 22:19 - 2016-03-26 22:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-03-26 21:11 - 2016-03-26 21:12 - 00000000 ____D C:\Users\Penne\Documents\Project CARS 2016-03-26 21:11 - 2016-03-26 21:11 - 00000000 ____D C:\Users\Penne\Documents\wmd_symbol_cache 2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-25 20:03 - 2016-03-25 20:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2016-03-25 19:04 - 2016-03-25 19:04 - 00000000 ____D C:\Program Files\USB Drivers 2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WugFresh Development 2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Users\Penne\.android 2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Program Files (x86)\Bacon Root Toolkit 2016-03-25 16:37 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\Adobe 2016-03-25 16:36 - 2016-03-25 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-03-25 16:36 - 2016-03-25 16:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-25 16:36 - 2016-03-25 16:36 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-03-25 16:33 - 2016-03-25 16:38 - 00000000 ____D C:\ProgramData\Adobe 2016-03-25 16:32 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\Local\Adobe 2016-03-25 14:16 - 2016-03-25 14:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2016-03-25 14:07 - 2016-03-25 20:40 - 00000000 ____D C:\Users\Penne\AppData\Roaming\MusicBee 2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee 2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee 2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\Program Files (x86)\MusicBee 2016-03-24 16:49 - 2016-03-24 16:49 - 00000000 ____D C:\Users\Penne\AppData\Local\TeamViewer 2016-03-24 16:48 - 2016-03-24 16:59 - 00000000 ____D C:\Users\Penne\AppData\Roaming\TeamViewer 2016-03-24 16:48 - 2016-03-24 16:48 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-03-24 16:48 - 2016-03-24 16:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-03-21 11:10 - 2015-12-20 21:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-03-21 11:10 - 2015-12-20 21:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-03-21 11:10 - 2015-12-20 17:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-03-21 11:04 - 2014-12-11 20:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2016-03-21 03:11 - 2015-07-16 22:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-03-21 03:11 - 2015-07-16 22:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2016-03-21 03:11 - 2015-07-16 22:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2016-03-21 03:11 - 2015-07-16 22:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-03-21 03:11 - 2015-07-16 22:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2016-03-21 03:11 - 2015-07-16 22:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-03-21 03:11 - 2015-07-11 16:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2016-03-21 01:04 - 2016-04-17 00:50 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job 2016-03-21 01:04 - 2016-04-16 21:50 - 00000388 _____ C:\Windows\Tasks\update-sys.job 2016-03-21 01:04 - 2016-03-21 01:04 - 00003284 _____ C:\Windows\System32\Tasks\update-sys 2016-03-21 01:04 - 2016-03-21 01:04 - 00003262 _____ C:\Windows\System32\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000 2016-03-21 01:04 - 2016-03-21 01:04 - 00000424 _____ C:\Users\Penne\AppData\Local\UserProducts.xml 2016-03-21 01:04 - 2016-03-21 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2016-03-21 01:04 - 2016-03-21 01:04 - 00000000 ____D C:\Program Files (x86)\Skillbrains 2016-03-20 22:27 - 2016-03-20 22:27 - 00000316 _____ C:\Users\Penne\AppData\Roaming\redirect2.dat 2016-03-20 22:22 - 2013-10-02 05:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2016-03-20 22:22 - 2013-10-02 05:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-03-20 22:22 - 2013-10-02 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-03-20 22:22 - 2013-10-02 04:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2016-03-20 22:22 - 2013-10-02 04:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2016-03-20 22:22 - 2013-10-02 04:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2016-03-20 22:22 - 2013-10-02 03:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2016-03-20 22:22 - 2013-10-02 03:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2016-03-20 22:22 - 2013-10-02 02:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-03-20 22:22 - 2013-10-02 01:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-03-20 22:21 - 2016-03-20 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-03-20 22:21 - 2012-08-23 17:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-03-20 22:21 - 2012-08-23 17:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys 2016-03-20 22:21 - 2012-08-23 14:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2016-03-20 22:21 - 2012-08-23 13:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2016-03-20 22:20 - 2016-03-20 22:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-03-20 22:20 - 2016-03-20 22:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-03-20 22:20 - 2016-02-05 21:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll 2016-03-20 22:20 - 2016-02-05 21:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2016-03-20 22:20 - 2016-02-05 20:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll 2016-03-20 22:20 - 2016-02-02 21:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-03-20 22:20 - 2016-02-01 22:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-03-20 22:20 - 2016-02-01 21:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-03-20 22:20 - 2016-02-01 21:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-03-20 22:20 - 2016-02-01 21:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-03-20 22:20 - 2016-02-01 21:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-03-20 22:20 - 2016-02-01 21:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-03-20 22:20 - 2016-02-01 21:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-03-20 22:20 - 2016-02-01 21:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2016-03-20 22:20 - 2016-02-01 21:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2016-03-20 22:20 - 2016-02-01 21:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-03-20 22:20 - 2016-01-21 03:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-03-20 22:20 - 2015-12-16 21:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-03-20 22:20 - 2015-12-16 21:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-03-20 22:20 - 2015-12-16 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-03-20 22:20 - 2015-12-16 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-03-20 22:20 - 2015-12-16 21:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-03-20 22:20 - 2015-12-16 17:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls 2016-03-20 22:20 - 2015-12-16 17:37 - 00419928 _____ C:\Windows\system32\locale.nls 2016-03-20 22:20 - 2015-08-05 20:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-03-20 22:20 - 2015-08-05 20:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-03-20 22:20 - 2015-06-03 23:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-03-20 15:08 - 2016-03-20 15:08 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-03-20 15:08 - 2016-03-20 15:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-03-20 15:02 - 2016-03-20 15:02 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\CampoSanto 2016-03-20 14:34 - 2016-03-20 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab 2016-03-20 13:54 - 2016-03-20 13:54 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Firewatch_Uninstall 2016-03-20 13:54 - 2016-03-20 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2016-03-20 13:16 - 2016-03-20 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V Phantom Pain 2016-03-20 11:18 - 2016-03-20 11:18 - 00000009 _____ C:\Users\Penne\AppData\Roaming\update.dat 2016-03-20 03:18 - 2016-03-20 03:18 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Steam 2016-03-20 03:18 - 2016-03-20 03:18 - 00000000 ____D C:\Users\Penne\AppData\Local\Fallout4 2016-03-20 03:16 - 2016-03-20 03:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-03-20 03:15 - 2016-03-25 20:45 - 00000000 ____D C:\Windows\PCHEALTH 2016-03-20 03:15 - 2016-03-20 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Works 2016-03-20 03:15 - 2016-03-20 03:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2016-03-20 03:14 - 2016-03-21 02:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Users\Penne\AppData\Local\Microsoft Help 2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Program Files\Microsoft Office 2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2016-03-20 03:13 - 2016-03-20 03:13 - 00000000 ___RD C:\MSOCache 2016-03-20 03:05 - 2016-03-20 03:05 - 00000000 ____D C:\Program Files (x86)\DAMN NFO Viewer 2016-03-20 03:02 - 2016-03-20 03:03 - 00000000 ____D C:\Program Files (x86)\NFOlux 2016-03-20 03:02 - 2016-03-20 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFOlux 2016-03-20 03:00 - 2016-03-20 03:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4 2016-03-20 02:46 - 2016-03-20 02:46 - 00000000 ____D C:\Users\Penne\AppData\Local\Disc_Soft_Ltd 2016-03-20 02:43 - 2016-03-20 02:43 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2016-03-20 02:43 - 2016-03-20 02:43 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2016-03-20 02:42 - 2016-03-20 02:45 - 00000000 ____D C:\Users\Penne\AppData\Roaming\DAEMON Tools Lite 2016-03-20 02:42 - 2016-03-20 02:43 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2016-03-20 02:42 - 2016-03-20 02:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2016-03-20 02:42 - 2016-03-20 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-03-20 02:42 - 2016-03-20 02:42 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2016-03-20 02:21 - 2013-11-26 11:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-03-20 02:21 - 2013-11-23 01:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-03-20 02:04 - 2016-03-20 02:04 - 00049584 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2016-03-20 02:03 - 2016-03-20 02:03 - 00001480 _____ C:\Windows\system32\.crusader 2016-03-20 01:14 - 2016-03-20 01:14 - 00005120 _____ C:\Users\Penne\AppData\Roaming\GiftBag.db 2016-03-20 01:14 - 2016-03-20 01:14 - 00003698 _____ C:\Windows\System32\Tasks\GTNU_635940224626022571 2016-03-20 01:14 - 2016-03-20 01:14 - 00000000 ____D C:\Users\Public\Thunder Network 2016-03-20 01:14 - 2016-03-20 01:14 - 00000000 ____D C:\ProgramData\Thunder Network 2016-03-19 23:00 - 2016-03-19 23:00 - 00000000 ____D C:\Users\Penne\AppData\Local\ESET 2016-03-19 20:00 - 2016-03-19 20:00 - 00000000 ____D C:\Users\Penne\Documents\League of Legends 2016-03-19 19:55 - 2016-03-19 19:55 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Macromedia 2016-03-19 19:46 - 2015-07-30 21:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-03-19 19:46 - 2015-07-30 20:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-03-19 18:41 - 2015-12-09 00:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-03-19 18:41 - 2015-12-08 22:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-03-19 18:41 - 2015-11-10 21:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-03-19 18:41 - 2015-11-10 21:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-03-19 18:41 - 2015-11-10 21:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-03-19 18:41 - 2015-02-03 06:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-03-19 18:41 - 2015-02-03 06:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-03-19 18:30 - 2015-02-04 06:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-03-19 18:30 - 2015-02-04 05:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-03-19 18:00 - 2016-04-09 01:12 - 00000000 ____D C:\Windows\system32\appraiser 2016-03-19 18:00 - 2016-03-19 18:00 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-03-19 17:53 - 2015-07-30 16:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-03-19 17:53 - 2015-07-30 16:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-03-19 17:52 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2016-03-19 17:51 - 2016-03-19 17:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2016-03-19 17:51 - 2016-03-19 17:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2016-03-19 17:51 - 2016-03-19 17:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2016-03-19 17:51 - 2016-03-19 17:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2016-03-19 17:51 - 2016-03-19 17:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2016-03-19 17:51 - 2016-03-19 17:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-03-19 17:51 - 2016-03-19 17:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2016-03-19 17:50 - 2016-03-19 17:50 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-03-19 17:50 - 2016-03-19 17:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2016-03-19 13:41 - 2014-07-09 05:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2016-03-19 13:41 - 2014-07-09 04:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2016-03-19 13:41 - 2014-07-09 04:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2016-03-19 13:39 - 2011-03-11 09:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2016-03-19 13:39 - 2011-03-11 09:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2016-03-19 13:39 - 2011-03-11 09:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2016-03-19 13:39 - 2011-03-11 09:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2016-03-19 13:39 - 2011-03-11 09:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2016-03-19 13:39 - 2011-03-11 09:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2016-03-19 13:39 - 2011-03-11 09:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2016-03-19 13:39 - 2011-03-11 08:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2016-03-19 13:39 - 2011-03-11 08:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe 2016-03-19 13:38 - 2015-06-03 23:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2016-03-19 04:16 - 2016-03-24 18:13 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-19 04:16 - 2016-03-24 18:13 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-18 19:04 - 2016-03-18 19:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf 2016-03-18 18:37 - 2012-07-26 06:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2016-03-18 18:37 - 2012-07-26 06:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2016-03-18 18:37 - 2012-07-26 06:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-03-18 18:37 - 2012-07-26 06:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2016-03-18 18:37 - 2012-07-26 06:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2016-03-18 18:37 - 2012-07-26 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2016-03-18 18:37 - 2012-07-26 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2016-03-18 18:37 - 2012-06-02 17:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2016-03-18 18:29 - 2012-03-01 09:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2016-03-18 18:29 - 2012-03-01 09:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2016-03-18 18:29 - 2012-03-01 08:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2016-03-18 18:24 - 2016-04-13 23:47 - 00000000 ____D C:\Windows\system32\MRT 2016-03-18 18:24 - 2016-04-13 23:45 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-18 18:22 - 2014-07-01 01:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2016-03-18 18:22 - 2014-07-01 01:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2016-03-18 18:22 - 2014-06-06 09:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-03-18 18:22 - 2014-06-06 09:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-03-18 18:22 - 2014-03-10 00:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2016-03-18 18:22 - 2014-03-10 00:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2016-03-18 18:22 - 2014-03-10 00:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2016-03-18 18:22 - 2014-03-10 00:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2016-03-18 17:12 - 2016-03-26 21:13 - 00000000 ____D C:\Users\Penne\AppData\Roaming\NVIDIA 2016-03-18 17:12 - 2016-03-18 17:12 - 00000000 ____D C:\Users\Penne\AppData\Local\Uber Entertainment 2016-03-18 16:36 - 2016-04-16 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx 2016-03-18 16:36 - 2016-03-18 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A2A Simulations 2016-03-18 14:57 - 2015-01-09 06:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2016-03-18 14:57 - 2015-01-09 06:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2016-03-18 14:57 - 2015-01-09 06:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2016-03-18 14:57 - 2015-01-09 05:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2016-03-18 14:56 - 2014-12-19 06:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2016-03-18 14:56 - 2014-06-19 01:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2016-03-18 14:55 - 2015-07-15 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-03-18 14:55 - 2014-10-14 05:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2016-03-18 14:55 - 2014-01-29 05:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-03-18 14:55 - 2014-01-29 05:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-03-18 14:55 - 2013-10-12 05:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-03-18 14:55 - 2013-10-12 05:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-03-18 14:55 - 2013-10-12 05:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2016-03-18 14:55 - 2013-10-12 05:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-03-18 14:55 - 2013-10-12 05:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2016-03-18 14:55 - 2013-08-28 04:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-03-18 14:55 - 2012-06-06 09:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2016-03-18 14:55 - 2012-06-06 08:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2016-03-18 14:55 - 2011-12-30 09:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2016-03-18 14:55 - 2011-12-30 08:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2016-03-18 14:54 - 2016-01-06 22:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-03-18 14:54 - 2016-01-06 22:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-03-18 14:54 - 2016-01-06 21:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-03-18 14:54 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-03-18 14:54 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-03-18 14:54 - 2015-11-14 02:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-03-18 14:54 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-03-18 14:54 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-03-18 14:54 - 2015-11-14 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-03-18 14:54 - 2015-08-05 20:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-03-18 14:54 - 2015-07-15 21:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-03-18 14:54 - 2015-07-15 21:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2016-03-18 14:54 - 2015-07-15 21:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-03-18 14:54 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2016-03-18 14:54 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2016-03-18 14:54 - 2015-04-13 06:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2016-03-18 14:54 - 2014-01-28 05:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2016-03-18 14:54 - 2013-10-30 05:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2016-03-18 14:54 - 2013-10-30 05:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2016-03-18 14:54 - 2013-03-19 08:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2016-03-18 14:54 - 2012-10-09 21:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2016-03-18 14:54 - 2012-10-09 21:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2016-03-18 14:54 - 2012-10-09 20:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2016-03-18 14:54 - 2012-10-09 20:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2016-03-18 14:54 - 2011-06-16 08:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2016-03-18 14:54 - 2011-06-16 07:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll 2016-03-18 14:54 - 2011-06-15 13:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2016-03-18 14:54 - 2011-06-15 13:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2016-03-18 14:54 - 2011-06-15 13:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2016-03-18 14:54 - 2011-06-15 13:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2016-03-18 14:54 - 2011-06-15 11:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll 2016-03-18 14:54 - 2011-06-15 11:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll 2016-03-18 14:54 - 2011-06-15 11:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll 2016-03-18 14:54 - 2011-06-15 11:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll 2016-03-18 14:54 - 2011-06-15 11:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll 2016-03-18 14:54 - 2010-12-23 13:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2016-03-18 14:54 - 2010-12-23 13:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2016-03-18 14:54 - 2010-12-23 08:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2016-03-18 14:54 - 2010-12-23 08:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax 2016-03-18 14:53 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2016-03-18 14:53 - 2015-11-03 22:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2016-03-18 14:53 - 2015-11-03 21:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2016-03-18 14:53 - 2015-05-25 21:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2016-03-18 14:53 - 2015-05-25 21:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2016-03-18 14:53 - 2015-05-25 21:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2016-03-18 14:53 - 2015-05-25 21:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2016-03-18 14:53 - 2015-05-25 21:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2016-03-18 14:53 - 2015-05-25 21:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2016-03-18 14:53 - 2015-05-25 21:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2016-03-18 14:53 - 2015-05-25 21:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2016-03-18 14:53 - 2015-05-25 21:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2016-03-18 14:53 - 2015-05-25 21:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2016-03-18 14:53 - 2015-05-25 21:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2016-03-18 14:53 - 2015-05-25 21:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2016-03-18 14:53 - 2015-03-19 02:39 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-03-18 14:53 - 2015-02-03 06:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-03-18 14:53 - 2015-02-03 06:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-03-18 14:53 - 2015-02-03 06:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-03-18 14:53 - 2015-02-03 06:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-03-18 14:53 - 2015-02-03 06:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-03-18 14:53 - 2015-02-03 06:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-03-18 14:53 - 2015-02-03 06:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-03-18 14:53 - 2015-02-03 06:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-03-18 14:53 - 2015-02-03 06:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-03-18 14:53 - 2015-02-03 06:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-03-18 14:53 - 2015-02-03 06:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-03-18 14:53 - 2015-02-03 06:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-03-18 14:53 - 2015-02-03 06:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2016-03-18 14:53 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2016-03-18 14:53 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2016-03-18 14:53 - 2014-06-28 03:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2016-03-18 14:53 - 2012-01-04 13:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2016-03-18 14:53 - 2012-01-04 11:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2016-03-18 14:53 - 2011-11-17 09:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-03-18 14:53 - 2011-11-17 08:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-03-18 14:53 - 2011-05-04 08:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2016-03-18 14:53 - 2011-05-04 08:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2016-03-18 14:53 - 2011-05-04 08:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2016-03-18 14:53 - 2011-05-04 08:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2016-03-18 14:53 - 2011-05-04 08:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2016-03-18 14:53 - 2011-05-04 08:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2016-03-18 14:53 - 2011-05-04 08:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2016-03-18 14:53 - 2011-05-04 08:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2016-03-18 14:53 - 2011-05-04 08:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2016-03-18 14:53 - 2011-05-04 07:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2016-03-18 14:53 - 2011-05-04 07:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2016-03-18 14:53 - 2011-05-04 07:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2016-03-18 14:53 - 2011-05-04 07:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2016-03-18 14:53 - 2011-05-04 07:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2016-03-18 14:53 - 2011-05-04 07:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2016-03-18 14:53 - 2011-05-04 07:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2016-03-18 14:53 - 2011-05-04 07:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-03-18 14:53 - 2011-05-04 07:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2016-03-18 14:26 - 2015-07-09 20:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-03-18 14:26 - 2015-07-09 20:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2016-03-18 14:26 - 2015-07-09 20:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-03-18 14:26 - 2015-07-09 20:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2016-03-18 14:25 - 2013-10-19 05:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2016-03-18 14:25 - 2013-10-19 04:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2016-03-18 14:22 - 2014-04-05 05:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-03-18 14:22 - 2014-04-05 05:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-03-18 14:22 - 2013-11-26 14:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2016-03-18 14:10 - 2016-03-18 15:09 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orbx 2016-03-18 14:10 - 2016-03-18 15:09 - 00000000 ____D C:\Users\Penne\AppData\Local\Orbx 2016-03-18 14:10 - 2016-03-18 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbx 2016-03-18 14:05 - 2016-03-18 14:05 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2016-03-18 14:05 - 2016-03-18 14:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2016-03-18 14:01 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-03-18 14:01 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-03-18 14:01 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-03-18 14:01 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-03-18 14:01 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-03-18 14:01 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-18 14:01 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-03-18 14:01 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-03-18 14:01 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-18 14:01 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-03-18 14:01 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-03-18 14:01 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-03-18 14:01 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-03-18 14:01 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-03-18 14:01 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-03-18 14:01 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-03-18 14:01 - 2014-12-06 07:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2016-03-18 14:01 - 2014-12-06 06:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2016-03-18 14:01 - 2014-12-06 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2016-03-18 14:00 - 2015-11-10 21:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-03-18 14:00 - 2015-11-10 21:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-03-18 14:00 - 2015-02-03 06:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2016-03-18 14:00 - 2015-02-03 06:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2016-03-18 14:00 - 2015-01-29 06:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-03-18 14:00 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2016-03-18 14:00 - 2014-06-18 05:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2016-03-18 14:00 - 2014-06-18 04:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2016-03-18 14:00 - 2013-10-04 05:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-03-18 14:00 - 2013-10-04 05:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2016-03-18 14:00 - 2013-10-04 04:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2016-03-18 14:00 - 2013-10-04 04:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2016-03-18 14:00 - 2013-08-05 05:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2016-03-18 13:59 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-18 13:59 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-03-18 13:59 - 2015-07-01 23:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-03-18 13:59 - 2015-07-01 23:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-03-18 13:59 - 2015-07-01 23:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2016-03-18 13:59 - 2015-07-01 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2016-03-18 13:59 - 2015-04-24 21:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2016-03-18 13:59 - 2015-04-24 20:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2016-03-18 13:59 - 2013-12-04 05:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2016-03-18 13:59 - 2013-12-04 05:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2016-03-18 13:59 - 2013-12-04 05:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2016-03-18 13:59 - 2013-12-04 05:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2016-03-18 13:59 - 2013-12-04 05:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2016-03-18 13:59 - 2013-12-04 05:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2016-03-18 13:59 - 2013-12-04 05:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2016-03-18 13:59 - 2013-12-04 05:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2016-03-18 13:59 - 2013-12-04 05:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2016-03-18 13:59 - 2013-12-04 05:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2016-03-18 13:59 - 2013-12-04 05:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2016-03-18 13:59 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2016-03-18 13:59 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2016-03-18 13:59 - 2013-12-04 05:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2016-03-18 13:59 - 2013-12-04 04:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2016-03-18 13:59 - 2013-12-04 04:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2016-03-18 13:59 - 2013-12-04 04:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2016-03-18 13:59 - 2013-12-04 04:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2016-03-18 13:59 - 2013-11-27 04:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-03-18 13:59 - 2013-11-27 04:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-03-18 13:59 - 2013-11-27 04:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-03-18 13:59 - 2013-11-27 04:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-03-18 13:59 - 2013-11-27 04:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-03-18 13:59 - 2013-04-26 02:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-03-18 13:59 - 2013-04-01 01:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-03-18 13:59 - 2013-02-12 07:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2016-03-18 13:59 - 2012-07-04 23:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2016-03-18 13:59 - 2011-03-11 09:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2016-03-18 13:59 - 2011-03-11 09:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2016-03-18 13:59 - 2011-03-11 08:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2016-03-18 13:59 - 2011-03-11 08:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2016-03-18 13:58 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-18 13:58 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-18 13:58 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-03-18 13:58 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-18 13:58 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-03-18 13:58 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-18 13:58 - 2016-01-07 20:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-03-18 13:58 - 2015-11-11 21:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2016-03-18 13:58 - 2015-11-11 21:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2016-03-18 13:58 - 2015-11-11 21:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2016-03-18 13:58 - 2015-11-11 21:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2016-03-18 13:58 - 2015-11-05 22:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2016-03-18 13:58 - 2015-11-05 22:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2016-03-18 13:58 - 2015-11-05 12:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2016-03-18 13:58 - 2015-09-15 00:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-03-18 13:58 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-03-18 13:58 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-03-18 13:58 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-03-18 13:58 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-03-18 13:58 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2016-03-18 13:58 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-03-18 13:58 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2016-03-18 13:58 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2016-03-18 13:58 - 2013-07-12 13:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2016-03-18 13:58 - 2013-07-12 13:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2016-03-18 13:58 - 2013-07-03 07:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2016-03-18 13:58 - 2013-07-03 07:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2016-03-18 13:58 - 2013-06-26 01:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2016-03-18 13:58 - 2012-11-29 01:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2016-03-18 13:58 - 2012-11-29 01:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2016-03-18 13:58 - 2012-11-29 01:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2016-03-18 13:58 - 2012-10-03 20:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2016-03-18 13:58 - 2012-10-03 20:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2016-03-18 13:58 - 2012-10-03 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2016-03-18 13:58 - 2012-10-03 20:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2016-03-18 13:58 - 2012-10-03 20:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2016-03-18 13:58 - 2012-10-03 19:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2016-03-18 13:58 - 2012-10-03 19:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2016-03-18 13:58 - 2012-10-03 19:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2016-03-18 13:57 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-18 13:57 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-03-18 13:57 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-18 13:57 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-03-18 13:57 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-03-18 13:57 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-03-18 13:57 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-03-18 13:57 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-18 13:57 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-18 13:57 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-18 13:57 - 2015-10-29 20:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2016-03-18 13:57 - 2015-10-29 20:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2016-03-18 13:57 - 2015-10-29 20:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2016-03-18 13:57 - 2015-10-29 20:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2016-03-18 13:57 - 2015-10-29 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2016-03-18 13:57 - 2015-10-29 20:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2016-03-18 13:57 - 2015-10-29 20:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2016-03-18 13:57 - 2015-10-13 19:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2016-03-18 13:57 - 2015-10-13 19:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2016-03-18 13:57 - 2015-07-23 03:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-03-18 13:57 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2016-03-18 13:57 - 2015-07-22 20:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2016-03-18 13:57 - 2015-07-22 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-03-18 13:57 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-03-18 13:57 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2016-03-18 13:57 - 2014-03-04 12:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2016-03-18 13:57 - 2014-03-04 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2016-03-18 13:57 - 2014-03-04 12:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2016-03-18 13:57 - 2014-03-04 12:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2016-03-18 13:57 - 2014-03-04 12:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2016-03-18 13:57 - 2014-03-04 12:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2016-03-18 13:57 - 2014-03-04 12:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2016-03-18 13:57 - 2014-03-04 12:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2016-03-18 13:57 - 2012-11-02 08:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2016-03-18 13:57 - 2012-11-02 08:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2016-03-18 13:57 - 2012-08-22 00:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2016-03-18 13:57 - 2011-03-03 09:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2016-03-18 13:57 - 2011-03-03 09:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2016-03-18 13:57 - 2011-03-03 09:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2016-03-18 13:57 - 2011-03-03 08:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2016-03-18 13:57 - 2011-03-03 08:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe 2016-03-18 13:56 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2016-03-18 13:56 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2016-03-18 13:56 - 2015-07-09 20:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2016-03-18 13:56 - 2014-08-12 05:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-03-18 13:56 - 2014-08-12 04:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2016-03-18 13:56 - 2014-06-16 05:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-03-18 13:56 - 2013-04-10 09:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-03-18 13:56 - 2011-04-29 06:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-03-18 13:56 - 2011-04-29 06:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-03-18 13:56 - 2011-04-29 06:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-03-18 13:56 - 2011-02-03 14:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2016-03-18 13:55 - 2015-12-09 00:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-03-18 13:55 - 2015-12-08 22:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-03-18 13:55 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-03-18 13:55 - 2015-02-18 10:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-03-18 13:55 - 2014-11-11 06:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2016-03-18 13:55 - 2014-11-11 05:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2016-03-18 13:55 - 2013-09-08 05:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-03-18 13:55 - 2013-09-08 05:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2016-03-18 13:55 - 2012-12-07 16:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2016-03-18 13:55 - 2012-12-07 16:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2016-03-18 13:55 - 2012-12-07 15:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2016-03-18 13:55 - 2012-12-07 15:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2016-03-18 13:55 - 2012-12-07 14:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2016-03-18 13:55 - 2012-12-07 14:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2016-03-18 13:55 - 2012-12-07 14:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs 2016-03-18 13:55 - 2012-12-07 13:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs 2016-03-18 13:55 - 2012-03-17 10:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2016-03-18 13:55 - 2011-08-17 08:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2016-03-18 13:55 - 2011-08-17 08:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2016-03-18 13:55 - 2011-08-17 07:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll 2016-03-18 13:55 - 2011-08-17 07:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax 2016-03-18 13:54 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-18 13:54 - 2015-12-09 00:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-03-18 13:54 - 2015-12-09 00:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-03-18 13:54 - 2015-12-09 00:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-03-18 13:54 - 2015-12-09 00:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-03-18 13:54 - 2015-12-09 00:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-03-18 13:54 - 2015-12-09 00:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-03-18 13:54 - 2015-12-09 00:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-03-18 13:54 - 2015-12-09 00:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-03-18 13:54 - 2015-12-09 00:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-03-18 13:54 - 2015-12-08 22:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-03-18 13:54 - 2015-12-08 22:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-03-18 13:54 - 2015-12-08 22:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-03-18 13:54 - 2015-12-08 22:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-03-18 13:54 - 2015-12-08 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-03-18 13:54 - 2015-12-08 22:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-03-18 13:54 - 2015-12-08 21:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-03-18 13:54 - 2015-12-08 21:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-03-18 13:54 - 2015-12-08 21:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-03-18 13:54 - 2015-04-11 06:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2016-03-18 13:54 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2016-03-18 13:54 - 2014-02-04 05:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2016-03-18 13:54 - 2014-02-04 05:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-03-18 13:54 - 2014-02-04 05:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2016-03-18 13:54 - 2014-02-04 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2016-03-18 13:54 - 2014-02-04 05:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2016-03-18 13:54 - 2013-07-26 05:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2016-03-18 13:54 - 2013-07-26 04:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2016-03-18 13:54 - 2012-09-26 01:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2016-03-18 13:54 - 2012-09-26 01:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2016-03-18 13:54 - 2011-02-05 20:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll 2016-03-18 13:54 - 2011-02-05 20:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll 2016-03-18 13:54 - 2011-02-05 20:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll 2016-03-18 13:53 - 2016-03-18 16:41 - 00000000 ____D C:\Users\Penne\Documents\Prepar3D v3 Files 2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Lockheed Martin 2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\Users\Penne\AppData\Local\Lockheed Martin 2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin 2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\ProgramData\Lockheed Martin 2016-03-18 13:53 - 2016-01-22 09:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-03-18 13:53 - 2016-01-22 09:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-03-18 13:53 - 2016-01-22 09:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-03-18 13:53 - 2016-01-22 09:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-03-18 13:53 - 2015-09-23 16:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-03-18 13:53 - 2015-09-23 16:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-03-18 13:53 - 2015-09-23 16:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-03-18 13:53 - 2015-08-27 21:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-03-18 13:53 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2016-03-18 13:53 - 2015-08-27 20:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2016-03-18 13:53 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2016-03-18 13:53 - 2015-01-17 05:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-03-18 13:53 - 2015-01-17 05:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-03-18 13:53 - 2014-10-30 05:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2016-03-18 13:53 - 2014-10-30 04:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2016-03-18 13:53 - 2014-09-04 08:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2016-03-18 13:53 - 2014-09-04 08:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2016-03-18 13:53 - 2013-04-26 08:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-03-18 13:53 - 2013-04-26 07:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-03-18 13:52 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-18 13:52 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-03-18 13:52 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-03-18 13:52 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-03-18 13:52 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-03-18 13:52 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-03-18 13:52 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-18 13:52 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-03-18 13:52 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-03-18 13:52 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-03-18 13:52 - 2016-01-22 09:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-03-18 13:52 - 2016-01-22 09:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-03-18 13:52 - 2016-01-22 09:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-03-18 13:52 - 2016-01-22 09:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-03-18 13:52 - 2016-01-22 08:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-03-18 13:52 - 2016-01-22 08:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-03-18 13:52 - 2014-10-03 05:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-03-18 13:52 - 2014-10-03 05:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-03-18 13:52 - 2014-10-03 05:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-03-18 13:52 - 2014-10-03 05:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-03-18 13:52 - 2014-10-03 05:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-03-18 13:52 - 2014-10-03 04:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-03-18 13:52 - 2014-10-03 04:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2016-03-18 13:52 - 2014-10-03 04:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-03-18 13:52 - 2014-10-03 04:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-03-18 13:52 - 2014-10-03 04:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2016-03-18 13:52 - 2012-11-23 06:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2016-03-18 13:51 - 2015-10-13 07:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2016-03-18 13:51 - 2014-10-25 04:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2016-03-18 13:51 - 2014-10-25 04:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2016-03-18 13:51 - 2014-07-17 05:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2016-03-18 13:51 - 2014-07-17 05:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2016-03-18 13:51 - 2014-07-17 05:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2016-03-18 13:51 - 2014-07-17 04:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2016-03-18 13:51 - 2014-07-17 04:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2016-03-18 13:51 - 2013-05-10 08:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2016-03-18 13:51 - 2013-05-10 06:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2016-03-18 13:51 - 2012-07-05 01:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2016-03-18 13:51 - 2012-07-05 01:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2016-03-18 13:51 - 2012-07-05 01:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2016-03-18 13:51 - 2012-07-05 00:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2016-03-18 13:51 - 2012-07-05 00:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2016-03-18 13:51 - 2012-04-26 08:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2016-03-18 13:51 - 2012-04-26 08:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2016-03-18 13:51 - 2011-05-24 14:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2016-03-18 13:51 - 2011-05-24 13:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll 2016-03-18 13:51 - 2011-05-24 13:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll 2016-03-18 13:51 - 2011-05-24 13:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll 2016-03-18 13:51 - 2011-05-24 13:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe 2016-03-18 13:50 - 2015-12-09 00:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-03-18 13:50 - 2015-12-08 22:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-03-18 13:50 - 2015-11-03 22:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2016-03-18 13:50 - 2015-11-03 21:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2016-03-18 13:50 - 2015-03-04 07:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-03-18 13:50 - 2015-03-04 07:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2016-03-18 13:50 - 2015-03-04 07:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2016-03-18 13:50 - 2014-12-08 06:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2016-03-18 13:50 - 2014-12-08 05:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2016-03-18 13:50 - 2013-10-12 05:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2016-03-18 13:50 - 2013-10-12 05:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2016-03-18 13:50 - 2013-10-12 05:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2016-03-18 13:50 - 2013-10-12 05:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2016-03-18 13:50 - 2013-10-12 04:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2016-03-18 13:50 - 2013-10-12 04:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2016-03-18 13:50 - 2013-10-12 04:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2016-03-18 13:50 - 2013-10-12 04:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2016-03-18 13:50 - 2013-05-13 08:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2016-03-18 13:50 - 2013-05-13 06:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2016-03-18 13:50 - 2013-05-13 06:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2016-03-18 13:50 - 2013-05-13 06:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2016-03-18 13:50 - 2013-01-24 09:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2016-03-18 13:50 - 2012-05-14 08:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-03-18 13:50 - 2012-02-17 09:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-03-18 13:50 - 2012-02-17 08:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-03-18 13:50 - 2012-02-17 07:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2016-03-18 13:50 - 2011-12-16 11:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2016-03-18 13:50 - 2011-12-16 10:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll 2016-03-18 13:50 - 2011-08-27 08:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2016-03-18 13:50 - 2011-08-27 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2016-03-18 13:50 - 2011-05-03 08:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-03-18 13:50 - 2011-05-03 07:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-03-18 13:50 - 2011-02-23 07:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-03-18 13:50 - 2011-02-18 13:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2016-03-18 13:50 - 2011-02-18 08:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe 2016-03-18 13:50 - 2011-02-12 14:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2016-03-18 13:50 - 2010-06-02 14:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-03-18 13:50 - 2010-06-02 14:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-03-18 13:50 - 2010-06-02 14:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2016-03-18 13:50 - 2010-06-02 14:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-03-18 13:50 - 2010-06-02 14:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-03-18 13:50 - 2010-06-02 14:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-03-18 13:50 - 2010-05-26 21:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-03-18 13:50 - 2010-05-26 21:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-03-18 13:50 - 2010-05-26 21:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-03-18 13:50 - 2010-05-26 21:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-03-18 13:50 - 2010-02-04 20:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-03-18 13:50 - 2009-09-05 03:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-03-18 13:50 - 2009-09-05 03:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-03-18 13:50 - 2009-03-17 00:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2016-03-18 13:50 - 2009-03-10 01:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-03-18 13:50 - 2008-10-27 20:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-03-18 13:50 - 2008-10-15 16:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2016-03-18 13:50 - 2008-07-31 20:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2016-03-18 13:50 - 2008-07-31 20:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-03-18 13:50 - 2008-07-31 20:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-03-18 13:50 - 2008-07-31 20:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-03-18 13:50 - 2008-07-10 21:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-03-18 13:50 - 2008-07-10 21:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-03-18 13:50 - 2008-07-10 21:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-03-18 13:50 - 2008-05-31 00:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-03-18 13:50 - 2008-05-31 00:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2016-03-18 13:50 - 2008-05-31 00:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2016-03-18 13:50 - 2008-05-31 00:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-03-18 13:50 - 2008-05-31 00:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-03-18 13:50 - 2008-05-31 00:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2016-03-18 13:50 - 2008-05-31 00:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2016-03-18 13:50 - 2008-05-31 00:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-03-18 13:50 - 2008-05-31 00:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2016-03-18 13:50 - 2008-03-06 02:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-03-18 13:50 - 2008-03-06 02:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2016-03-18 13:50 - 2008-03-06 02:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2016-03-18 13:50 - 2008-03-06 02:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-03-18 13:50 - 2008-03-06 02:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-03-18 13:50 - 2008-03-06 02:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2016-03-18 13:50 - 2008-03-06 01:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-03-18 13:50 - 2008-03-06 01:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2016-03-18 13:50 - 2008-03-06 01:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-03-18 13:50 - 2008-03-06 01:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2016-03-18 13:50 - 2008-02-06 09:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-03-18 13:50 - 2008-02-06 09:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2016-03-18 13:50 - 2007-10-22 13:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-03-18 13:50 - 2007-10-22 13:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2016-03-18 13:50 - 2007-10-22 13:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-03-18 13:50 - 2007-10-22 13:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2016-03-18 13:50 - 2007-10-13 01:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-03-18 13:50 - 2007-10-13 01:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2016-03-18 13:50 - 2007-10-13 01:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-03-18 13:50 - 2007-10-13 01:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2016-03-18 13:50 - 2007-10-02 19:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-03-18 13:50 - 2007-10-02 19:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2016-03-18 13:50 - 2007-07-20 10:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-03-18 13:50 - 2007-07-20 10:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-03-18 13:50 - 2007-07-20 04:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2016-03-18 13:50 - 2007-06-21 06:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-03-18 13:50 - 2007-06-21 06:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-03-18 13:50 - 2007-05-17 02:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2016-03-18 13:50 - 2007-04-05 04:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-03-18 13:50 - 2007-04-05 04:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2016-03-18 13:50 - 2007-04-05 04:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-03-18 13:50 - 2007-04-05 04:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2016-03-18 13:50 - 2007-03-16 02:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-03-18 13:50 - 2007-03-16 02:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2016-03-18 13:50 - 2007-03-13 02:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-03-18 13:50 - 2007-03-13 02:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2016-03-18 13:50 - 2007-03-13 02:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-03-18 13:50 - 2007-03-13 02:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2016-03-18 13:50 - 2007-03-05 22:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-03-18 13:50 - 2007-03-05 22:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2016-03-18 13:50 - 2007-01-25 01:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-03-18 13:50 - 2007-01-25 01:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2016-03-18 13:50 - 2006-12-08 22:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2016-03-18 13:50 - 2006-12-08 22:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-03-18 13:50 - 2006-11-29 23:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-03-18 13:50 - 2006-11-29 23:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2016-03-18 13:50 - 2006-11-29 23:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-03-18 13:50 - 2006-11-29 23:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2016-03-18 13:50 - 2006-09-29 02:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-03-18 13:50 - 2006-09-29 02:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2016-03-18 13:50 - 2006-09-29 02:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2016-03-18 13:50 - 2006-09-29 02:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-03-18 13:50 - 2006-07-28 19:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-03-18 13:50 - 2006-07-28 19:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-03-18 13:50 - 2006-07-28 19:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2016-03-18 13:50 - 2006-07-28 19:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2016-03-18 13:50 - 2006-05-31 17:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2016-03-18 13:50 - 2006-05-31 17:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-03-18 13:50 - 2006-03-31 22:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-03-18 13:50 - 2006-03-31 22:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2016-03-18 13:50 - 2006-03-31 22:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-03-18 13:50 - 2006-03-31 22:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2016-03-18 13:50 - 2006-03-31 22:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-03-18 13:50 - 2006-03-31 22:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2016-03-18 13:50 - 2006-02-03 18:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-03-18 13:50 - 2006-02-03 18:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2016-03-18 13:50 - 2006-02-03 18:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-03-18 13:50 - 2006-02-03 18:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2016-03-18 13:50 - 2006-02-03 18:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-03-18 13:50 - 2006-02-03 18:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2016-03-18 13:50 - 2005-12-06 04:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-03-18 13:50 - 2005-12-06 04:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2016-03-18 13:50 - 2005-07-23 05:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-03-18 13:50 - 2005-07-23 05:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2016-03-18 13:50 - 2005-05-27 01:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-03-18 13:50 - 2005-05-27 01:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2016-03-18 13:50 - 2005-03-19 03:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-03-18 13:50 - 2005-03-19 03:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2016-03-18 13:50 - 2005-02-06 05:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-03-18 13:50 - 2005-02-06 05:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\ProgramData\ESET 2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\Program Files\ESET 2016-03-18 11:57 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Adobe 2016-03-18 11:57 - 2016-03-18 11:57 - 00000000 ____D C:\Users\Penne\AppData\Roaming\LolClient 2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\WinRAR 2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Program Files\WinRAR 2016-03-18 11:43 - 2016-04-16 17:26 - 00000000 ____D C:\Users\Penne\AppData\Roaming\tixati 2016-03-18 11:43 - 2016-03-18 11:43 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati 2016-03-18 11:43 - 2016-03-18 11:43 - 00000000 ____D C:\Program Files\tixati 2016-03-18 11:25 - 2016-03-18 11:25 - 00000000 ___SD C:\Users\Penne\AppData\LocalLow\Temp 2016-03-18 11:13 - 2016-03-27 01:39 - 00000000 ____D C:\Users\Penne\AppData\Roaming\MultiWall 2016-03-18 11:13 - 2016-03-18 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiWall 2016-03-18 11:13 - 2016-03-18 11:13 - 00000000 ____D C:\Program Files (x86)\MultiWall 2016-03-18 10:57 - 2016-03-31 14:51 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-03-18 10:52 - 2016-03-18 10:52 - 00000000 ____D C:\Users\Penne\AppData\Local\Steam 2016-03-18 10:52 - 2016-03-18 10:52 - 00000000 ____D C:\Users\Penne\AppData\Local\CEF 2016-03-18 10:50 - 2016-04-17 01:02 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-18 10:50 - 2016-03-18 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-03-18 10:48 - 2016-03-18 10:48 - 00000000 ____D C:\ProgramData\Riot Games 2016-03-18 10:44 - 2016-03-18 10:44 - 00000000 ____D C:\Users\Penne\AppData\Local\CrashDumps 2016-03-18 10:43 - 2016-03-18 10:44 - 00000000 ____D C:\ProgramData\KaveXTD 2016-03-18 10:43 - 2016-03-18 10:43 - 00022343 _____ C:\Windows\Cm106.ini.cfl 2016-03-18 10:43 - 2016-03-18 10:43 - 00000374 _____ C:\Windows\Cm106.ini.imi 2016-03-18 10:43 - 2016-03-18 10:43 - 00000323 _____ C:\Windows\system\Cm106.ini 2016-03-18 10:43 - 2016-03-18 10:43 - 00000135 _____ C:\Windows\system\Dlap.pfx 2016-03-18 10:43 - 2016-03-18 10:43 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-03-18 10:43 - 2016-03-18 10:43 - 00000000 ____D C:\Program Files\Roccat 2016-03-18 10:43 - 2013-12-28 12:47 - 00007905 ____N C:\Windows\Cm106.ini.cfg 2016-03-18 10:43 - 2013-11-08 16:55 - 00830464 ____N C:\Windows\system32\Cmeau106.exe 2016-03-18 10:43 - 2009-08-21 02:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll 2016-03-18 10:43 - 2006-10-07 15:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll 2016-03-18 10:42 - 2016-03-18 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT 2016-03-18 10:42 - 2016-03-18 10:42 - 00000000 ____D C:\Program Files (x86)\ROCCAT 2016-03-18 10:41 - 2016-03-18 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2016-03-18 10:41 - 2008-07-31 20:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2016-03-18 10:41 - 2008-07-31 20:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2016-03-18 10:41 - 2008-07-12 18:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2016-03-18 10:41 - 2008-07-12 18:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2016-03-18 10:41 - 2008-07-12 18:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2016-03-18 10:38 - 2016-03-18 10:42 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Riot Games 2016-03-18 10:35 - 2016-03-25 19:03 - 00000000 ____D C:\ProgramData\Samsung 2016-03-18 10:35 - 2016-03-18 10:35 - 00003274 _____ C:\Windows\System32\Tasks\SamsungMagician 2016-03-18 10:35 - 2016-03-18 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2016-03-18 10:32 - 2016-04-17 01:26 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Skype 2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\Users\Penne\Tracing 2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\ProgramData\Skype 2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-03-18 10:28 - 2013-10-31 13:21 - 00015584 _____ (Giga-Byte Technology CO., LTD.) C:\Windows\etocdrv.sys 2016-03-18 09:51 - 2016-03-20 01:47 - 00000000 ____D C:\Program Files\Google 2016-03-18 09:48 - 2016-03-18 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-03-18 09:48 - 2016-03-18 09:48 - 00000000 ____D C:\Users\Penne\AppData\LocalGoogle 2016-03-18 09:19 - 2016-04-17 01:24 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys 2016-03-18 09:19 - 2013-04-10 02:44 - 00014928 _____ (Giga-Byte Technology CO., LTD.) C:\Windows\system32\etocdrv.sys 2016-03-18 09:17 - 2016-04-17 01:24 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2016-03-18 09:16 - 2016-03-18 10:35 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-03-18 09:16 - 2016-03-18 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-03-18 09:12 - 2016-04-02 14:15 - 00000000 ____D C:\Temp 2016-03-18 08:50 - 2016-04-17 01:24 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-18 08:50 - 2016-03-18 10:16 - 00000000 ____D C:\Windows\SysWOW64\GBT_DL_OBJ 2016-03-18 08:48 - 2016-03-18 09:23 - 00000000 ____D C:\Users\Penne\AppData\Local\Downloaded Installations 2016-03-18 08:44 - 2016-04-02 14:11 - 00000000 ____D C:\Users\Penne\AppData\Local\NVIDIA Corporation 2016-03-18 08:43 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-18 08:43 - 2016-03-30 04:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-03-18 08:43 - 2016-03-30 04:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-18 08:43 - 2016-03-30 04:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-03-18 08:43 - 2016-03-30 04:05 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-18 08:43 - 2016-03-30 04:05 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2016-03-18 08:43 - 2016-03-18 08:51 - 00000000 ____D C:\Users\Penne\AppData\Local\NVIDIA 2016-03-18 08:43 - 2010-05-26 21:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-03-18 08:43 - 2010-05-26 21:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-03-18 08:43 - 2010-05-26 21:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-03-18 08:43 - 2010-05-26 21:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-03-18 08:43 - 2010-05-26 21:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-03-18 08:43 - 2010-05-26 21:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-18 08:42 - 2016-04-02 14:10 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-18 08:42 - 2016-03-22 07:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-03-18 08:42 - 2016-03-22 07:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-18 08:42 - 2016-03-22 07:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-03-18 08:42 - 2016-03-22 07:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb 2016-03-18 08:42 - 2016-03-22 05:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-18 08:42 - 2016-03-22 05:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2016-03-18 08:42 - 2016-03-22 05:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-18 08:42 - 2016-03-18 21:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin 2016-03-18 08:42 - 2016-03-18 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 2016-03-18 08:42 - 2016-03-17 00:30 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1.dll 2016-03-18 08:42 - 2016-03-17 00:29 - 00127768 _____ C:\Windows\system32\vulkan-1.dll 2016-03-18 08:42 - 2016-03-17 00:29 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2016-03-18 08:42 - 2016-03-17 00:28 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe 2016-03-18 08:42 - 2016-03-08 13:07 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll 2016-03-18 08:42 - 2016-03-08 13:07 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-03-18 08:42 - 2016-03-08 13:07 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll 2016-03-18 08:42 - 2016-03-08 13:07 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-03-18 08:42 - 2016-03-08 13:07 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-03-18 08:41 - 2016-04-02 14:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-18 08:41 - 2016-03-18 08:41 - 00000000 ____D C:\NVIDIA 2016-03-18 08:37 - 2016-04-16 17:26 - 00000000 ____D C:\Windows\Panther 2016-03-18 08:33 - 2016-03-18 09:45 - 00000000 ____D C:\Program Files\GIGABYTE 2016-03-18 08:33 - 2016-03-18 09:40 - 00000000 ____D C:\Program Files (x86)\GIGABYTE 2016-03-18 08:33 - 2013-03-27 19:51 - 00021072 _____ C:\Windows\system32\Drivers\UsbCharger.sys 2016-03-18 08:33 - 2013-02-19 22:18 - 00021584 _____ C:\Windows\system32\Drivers\AppleCharger.sys 2016-03-18 08:33 - 2010-04-07 02:30 - 00031272 _____ C:\Windows\system32\AppleChargerSrv.exe 2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____D C:\Users\Penne\Intel 2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Intel Corporation 2016-03-18 08:32 - 2012-12-21 17:44 - 00786056 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys 2016-03-18 08:32 - 2012-12-21 17:44 - 00366216 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys 2016-03-18 08:32 - 2012-12-21 17:44 - 00020616 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys 2016-03-18 08:31 - 2016-03-18 08:31 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-03-18 08:31 - 2016-03-18 08:31 - 00000000 ____D C:\Program Files\Realtek 2016-03-18 08:31 - 2013-01-23 03:37 - 00490256 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys 2016-03-18 08:31 - 2012-12-12 00:11 - 00543104 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2016-03-18 08:31 - 2012-11-14 23:54 - 00073032 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll 2016-03-18 08:31 - 2012-11-13 23:01 - 00101224 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll 2016-03-18 08:31 - 2012-01-06 08:03 - 00003114 _____ C:\Windows\system32\e1d62x64.din 2016-03-18 08:31 - 2009-05-26 04:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll 2016-03-18 08:31 - 2006-01-12 09:52 - 00001904 ____N C:\Windows\system32\SetupBD.din 2016-03-18 08:30 - 2016-03-18 08:31 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-03-18 08:30 - 2016-03-18 08:30 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-03-18 08:30 - 2013-03-19 16:37 - 00442368 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys 2016-03-18 08:30 - 2013-03-19 16:37 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll 2016-03-18 08:30 - 2013-03-12 23:19 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll 2016-03-18 08:30 - 2013-02-26 15:42 - 03333576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-03-18 08:30 - 2013-02-26 13:04 - 00429097 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-03-18 08:30 - 2013-02-26 11:41 - 19089920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-03-18 08:30 - 2013-02-26 08:30 - 03685448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2016-03-18 08:30 - 2013-02-21 12:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-03-18 08:30 - 2013-02-21 12:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-03-18 08:30 - 2013-02-21 12:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-03-18 08:30 - 2013-02-21 11:11 - 00131656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-03-18 08:30 - 2013-02-20 13:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-03-18 08:30 - 2013-02-20 05:55 - 00912960 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-03-18 08:30 - 2013-02-19 13:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-03-18 08:30 - 2013-02-19 10:11 - 02751560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-03-18 08:30 - 2013-02-08 10:36 - 03155536 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-03-18 08:30 - 2013-02-05 15:32 - 01658952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-03-18 08:30 - 2013-02-02 16:30 - 02099480 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-03-18 08:30 - 2013-02-02 16:30 - 00907544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-03-18 08:30 - 2013-02-02 16:29 - 13975320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-03-18 08:30 - 2013-02-02 16:29 - 01898776 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2016-03-18 08:30 - 2013-01-23 11:36 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-03-18 08:30 - 2013-01-21 20:41 - 00204864 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-03-18 08:30 - 2013-01-17 14:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-03-18 08:30 - 2013-01-17 01:05 - 00801560 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-03-18 08:30 - 2013-01-17 01:05 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll 2016-03-18 08:30 - 2013-01-17 01:05 - 00518936 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll 2016-03-18 08:30 - 2013-01-17 01:05 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2016-03-18 08:30 - 2013-01-16 11:02 - 02079816 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2016-03-18 08:30 - 2013-01-15 05:33 - 02722848 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-03-18 08:30 - 2012-12-17 12:49 - 02032584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-03-18 08:30 - 2012-12-12 06:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-03-18 08:30 - 2012-10-02 09:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-03-18 08:30 - 2012-10-02 09:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-03-18 08:30 - 2012-10-02 09:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-03-18 08:30 - 2012-09-10 15:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-03-18 08:30 - 2012-08-31 14:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-03-18 08:30 - 2012-08-31 14:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-03-18 08:30 - 2012-08-31 14:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-03-18 08:30 - 2012-08-31 14:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-03-18 08:30 - 2012-08-31 14:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-03-18 08:30 - 2012-07-15 16:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-03-18 08:30 - 2012-06-20 12:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-03-18 08:30 - 2012-03-08 06:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-03-18 08:30 - 2012-01-30 06:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-03-18 08:30 - 2012-01-10 05:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-03-18 08:30 - 2011-12-20 10:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-03-18 08:30 - 2011-11-22 11:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-03-18 08:30 - 2011-09-02 09:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-03-18 08:30 - 2011-09-02 09:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-03-18 08:30 - 2011-09-02 09:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-03-18 08:30 - 2011-08-23 12:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-03-18 08:30 - 2011-05-31 04:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-03-18 08:30 - 2011-03-17 07:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-03-18 08:30 - 2011-03-07 12:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-03-18 08:30 - 2010-11-08 02:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-03-18 08:30 - 2010-11-03 13:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-03-18 08:30 - 2010-09-27 04:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-03-18 08:30 - 2010-07-22 11:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-03-18 08:30 - 2009-11-24 04:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-03-18 08:30 - 2009-11-24 04:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-03-18 08:30 - 2009-11-24 04:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-03-18 08:30 - 2009-11-24 04:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-03-18 08:29 - 2016-03-18 08:32 - 00000000 ____D C:\ProgramData\Intel 2016-03-18 08:29 - 2016-03-18 08:32 - 00000000 ____D C:\Program Files\Intel 2016-03-18 08:29 - 2013-03-22 03:44 - 07558640 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00745968 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00534000 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00529392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00441840 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00407536 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00397808 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00250864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2016-03-18 08:29 - 2013-03-22 03:44 - 00165872 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2016-03-18 08:29 - 2013-03-19 16:37 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3071.dll 2016-03-18 08:29 - 2013-03-19 16:35 - 00017502 _____ C:\Windows\system32\iglhxs64.vp 2016-03-18 08:29 - 2013-03-19 16:34 - 01758208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2016-03-18 08:29 - 2013-03-19 16:33 - 01631744 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2016-03-18 08:29 - 2013-03-19 16:33 - 00322560 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2016-03-18 08:29 - 2013-03-19 16:33 - 00279040 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2016-03-18 08:29 - 2013-03-19 16:33 - 00258560 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2016-03-18 08:29 - 2013-03-19 16:33 - 00203264 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 24283136 _____ C:\Windows\system32\igdfcl64.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 09362944 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 07861760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 05611008 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 00240640 _____ C:\Windows\SysWOW64\igdde32.dll 2016-03-18 08:29 - 2013-03-19 16:32 - 00103936 _____ C:\Windows\SysWOW64\igdail32.dll 2016-03-18 08:29 - 2013-03-19 16:31 - 09802240 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2016-03-18 08:29 - 2013-03-19 16:31 - 08647680 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2016-03-18 08:29 - 2013-03-19 16:31 - 07175680 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll 2016-03-18 08:29 - 2013-03-19 16:31 - 04534784 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2016-03-18 08:29 - 2013-03-19 16:31 - 00286720 _____ C:\Windows\system32\igdde64.dll 2016-03-18 08:29 - 2013-03-19 16:31 - 00117760 _____ C:\Windows\system32\igdail64.dll 2016-03-18 08:29 - 2013-03-19 16:29 - 19586560 _____ C:\Windows\SysWOW64\igdfcl32.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 08901632 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 03988480 _____ (Microsoft) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 02384896 _____ C:\Windows\system32\GfxRes.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00432640 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00357888 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2016-03-18 08:29 - 2013-03-19 16:27 - 00256973 _____ C:\Windows\system32\Gfxres.th-TH.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00243062 _____ C:\Windows\system32\Gfxres.el-GR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00225909 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00192779 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00191488 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00189982 _____ C:\Windows\system32\Gfxres.ja-JP.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00184704 _____ C:\Windows\system32\Gfxres.he-IL.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00173641 _____ C:\Windows\system32\Gfxres.it-IT.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00173255 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00171308 _____ C:\Windows\system32\Gfxres.es-ES.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00170949 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00170868 _____ C:\Windows\system32\Gfxres.de-DE.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00169419 _____ C:\Windows\system32\Gfxres.ro-RO.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00168766 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00168624 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00168145 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00167827 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00167279 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00166207 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00166115 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00165888 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00165805 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00165389 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00164428 _____ C:\Windows\system32\Gfxres.hr-HR.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00161093 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00160055 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00159440 _____ C:\Windows\system32\Gfxres.da-DK.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00154905 _____ C:\Windows\system32\Gfxres.en-US.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00148171 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00146480 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2016-03-18 08:29 - 2013-03-19 16:27 - 00140288 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00124928 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2016-03-18 08:29 - 2013-03-19 16:27 - 00108032 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00065536 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2016-03-18 08:29 - 2013-03-19 16:27 - 00001806 _____ C:\Windows\system32\GfxUIEx.exe.config 2016-03-18 08:29 - 2013-03-19 16:27 - 00000935 _____ C:\Windows\system32\DPTopologyApp.exe.config 2016-03-18 08:29 - 2013-03-19 16:27 - 00000935 _____ C:\Windows\system32\CustomModeApp.exe.config 2016-03-18 08:29 - 2013-03-19 16:27 - 00000264 _____ C:\Windows\system32\GfxUIHotKeyMenu.exe.config 2016-03-18 08:29 - 2013-03-19 16:25 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2016-03-18 08:29 - 2013-03-19 16:25 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00861184 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00856576 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2016-03-18 08:29 - 2013-03-19 16:25 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2016-03-18 08:29 - 2013-03-19 16:25 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2016-03-18 08:29 - 2013-03-19 16:25 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2016-03-18 08:29 - 2013-03-19 16:25 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2016-03-18 08:29 - 2013-03-19 16:25 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2016-03-18 08:29 - 2013-03-19 16:25 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2016-03-18 08:29 - 2013-03-19 16:25 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2016-03-18 08:29 - 2013-03-19 16:24 - 03401728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2016-03-18 08:29 - 2013-03-19 16:23 - 04359168 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2016-03-18 08:29 - 2013-03-12 23:19 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys 2016-03-18 08:28 - 2016-03-20 03:27 - 00768152 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-03-18 08:28 - 2016-03-18 10:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-03-18 08:28 - 2016-03-18 08:49 - 00000000 ____D C:\Program Files (x86)\Intel 2016-03-18 08:28 - 2016-03-18 08:29 - 00000000 ____D C:\Intel 2016-03-18 08:28 - 2013-02-28 01:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2016-03-18 08:26 - 2016-04-17 01:24 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-18 08:26 - 2016-04-17 01:00 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-18 08:26 - 2016-03-20 01:47 - 00000000 ____D C:\Program Files (x86)\Google 2016-03-18 08:26 - 2016-03-20 01:36 - 00000000 ____D C:\Users\Penne\AppData\Local\Google 2016-03-18 08:26 - 2016-03-18 08:56 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-18 08:26 - 2016-03-18 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-03-18 08:26 - 2016-03-18 08:55 - 00003922 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-03-18 08:26 - 2016-03-18 08:55 - 00003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-03-18 08:25 - 2016-03-18 08:59 - 00000010 _____ C:\Windows\GSetup.ini 2016-03-18 07:43 - 2016-03-25 00:45 - 00000000 ____D C:\Users\Penne\AppData\Local\VirtualStore 2016-03-18 07:43 - 2016-03-19 18:01 - 00001413 _____ C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-03-18 07:41 - 2016-04-15 14:20 - 00000000 ____D C:\Users\Penne 2016-03-18 07:41 - 2016-03-25 00:45 - 00109688 _____ C:\Users\Penne\AppData\Local\GDIPFONTCACHEV1.DAT 2016-03-18 07:41 - 2016-03-18 07:41 - 00000020 ___SH C:\Users\Penne\ntuser.ini 2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\My Documents 2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Videos 2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Pictures 2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Music 2016-03-18 07:41 - 2010-11-21 10:16 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Media Center Programs ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-17 01:30 - 2009-07-14 08:13 - 00784286 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-17 01:30 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf 2016-04-17 01:24 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-17 01:18 - 2009-07-14 07:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-17 01:18 - 2009-07-14 07:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-17 01:12 - 2009-07-14 05:34 - 00000215 _____ C:\Windows\system.ini 2016-04-14 21:51 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache 2016-04-14 20:36 - 2009-07-14 07:45 - 00417112 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-06 10:18 - 2010-11-21 06:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-01 23:50 - 2015-10-05 01:47 - 00000000 ____D C:\Users\Penne\Documents\My Games 2016-03-21 02:41 - 2009-07-14 05:34 - 00000478 _____ C:\Windows\win.ini 2016-03-20 22:26 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-03-20 13:54 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-03-20 05:27 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\AppCompat 2016-03-20 03:17 - 2009-07-14 08:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-03-20 03:15 - 2010-11-21 10:17 - 00000000 ____D C:\Windows\ShellNew 2016-03-20 03:15 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-03-20 02:32 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\Web 2016-03-19 18:00 - 2010-11-21 10:17 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-19 18:00 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\System 2016-03-19 04:16 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Windows Defender 2016-03-19 04:16 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\tracing 2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Dism 2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2016-03-18 12:10 - 2015-07-30 22:41 - 00264552 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2016-03-18 12:10 - 2015-07-30 22:41 - 00186784 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2016-03-18 12:10 - 2015-07-30 22:41 - 00170792 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys 2016-03-18 11:54 - 2010-11-21 06:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2016-03-18 11:54 - 2010-11-21 06:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2016-03-18 11:54 - 2010-11-21 06:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2016-03-18 10:43 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system 2016-03-18 08:42 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\Help 2016-03-18 08:37 - 2009-07-14 08:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-03-18 08:36 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Public\Libraries 2016-03-18 08:33 - 2009-07-14 08:32 - 00000000 ____D C:\Windows\Downloaded Program Files ==================== Files in the root of some directories ======= 2016-03-20 01:14 - 2016-03-20 01:14 - 0005120 _____ () C:\Users\Penne\AppData\Roaming\GiftBag.db 2016-03-20 22:27 - 2016-03-20 22:27 - 0000316 _____ () C:\Users\Penne\AppData\Roaming\redirect2.dat 2016-03-20 11:18 - 2016-03-20 11:18 - 0000009 _____ () C:\Users\Penne\AppData\Roaming\update.dat 2016-03-20 11:19 - 2016-03-24 15:16 - 0000004 _____ () C:\Users\Penne\AppData\Roaming\Microsoft\notaut.txt 2016-03-21 00:18 - 2016-03-21 00:18 - 0000004 _____ () C:\Users\Penne\AppData\Roaming\Microsoft\notautfbb.txt 2016-03-21 01:04 - 2016-03-21 01:04 - 0000003 _____ () C:\Users\Penne\AppData\Local\updater.log 2016-03-21 01:04 - 2016-03-21 01:04 - 0000424 _____ () C:\Users\Penne\AppData\Local\UserProducts.xml 2016-03-18 10:43 - 2016-03-18 10:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Penne\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-14 21:43 ==================== End of FRST.txt ============================ FRST Addition log: Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 Ran by Penne (2016-04-17 01:49:42) Running from D:\Downloads Windows 7 Professional Service Pack 1 (X64) (2016-03-18 04:41:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-206197487-1037210532-2885666671-500 - Administrator - Disabled) Guest (S-1-5-21-206197487-1037210532-2885666671-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-206197487-1037210532-2885666671-1002 - Limited - Enabled) Penne (S-1-5-21-206197487-1037210532-2885666671-1000 - Administrator - Enabled) => C:\Users\Penne ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 9.0.318.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 9.0.375.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS B14.1003.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) @BIOS B14.1003.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden A2A C172 Trainer Academic for P3D (HKLM-x32\...\A2A C172 Trainer Academic for P3D) (Version: - ) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Atlas Reactor Live (HKLM-x32\...\Glyph Atlas Reactor Live) (Version: - Trion Worlds, Inc.) BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.70.1080 - AB Team, d.o.o.) BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.13.0911.1 - GIGABYTE) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd) Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version: - ) Dota 2 (HKLM\...\Steam App 570) (Version: - Valve) EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE) EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden ESET NOD32 Antivirus (HKLM\...\{60853F5E-E6F5-4A34-BBCD-C09D49BB5E64}) (Version: 9.0.318.0 - ESET, spol. s r.o.) Everybody's Gone to the Rapture (HKLM-x32\...\Everybody's Gone to the Rapture_is1) (Version: - ) EZSetup B15.0623.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) EZSetup B15.0623.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - ) Firewatch (HKLM-x32\...\Firewatch_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.20.0 - Androxyde) FTX Global Base Pack (HKLM-x32\...\FTX Global Base Pack1.40) (Version: 1.40 - Orbx Simulation Systems Pty Ltd) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Network Connections 18.0.1.0 (HKLM\...\PROSetDX) (Version: 18.0.1.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation) Kerbal Space Program (HKLM\...\Steam App 220200) (Version: - Squad) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden League Screensaver (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games) Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Metal Gear Solid V Phantom Pain, גונסט 1.0.0.1 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.0.1 - RePack by SEYTER) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MultiWall version 1.0.26 (HKLM-x32\...\{54384F46-6346-4BDC-A137-4D4037D362D3}_is1) (Version: 1.0.26 - MultiWall) MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall) NFOlux (HKLM-x32\...\NFOlux) (Version: - ) Nosgoth (HKLM\...\Steam App 200110) (Version: - Psyonix) NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Planetary Annihilation (HKLM\...\Steam App 233250) (Version: - Uber Entertainment) Prepar3D v3 Academic (HKLM-x32\...\{ef7923e2-4857-4683-820d-a3994d88d709}) (Version: 3.0.10.14945 - Lockheed Martin) Prepar3D v3 Academic Client (HKLM-x32\...\{213CD124-D688-436D-9BD8-FFB56DC830BE}) (Version: 3.0.10.14945 - Lockheed Martin) Prepar3D v3 Content (HKLM-x32\...\{CE8E65FC-9BE3-438A-8449-BCD5E8ACC6BE}) (Version: 3.0.10.14945 - Lockheed Martin) Prepar3D v3 Scenery (HKLM-x32\...\{3F2CF900-1437-4F93-9ABF-07B8B80E37DA}) (Version: 3.0.10.14945 - Lockheed Martin) Project CARS v.9.0 (HKLM-x32\...\Project CARS_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.) ROCCAT Ryos TKL Keyboard Driver (HKLM-x32\...\{2EF5DFF4-EEF0-4FF7-97BD-C5B8C5C5D0F1}) (Version: 1.00.0011 - Roccat GmbH) ROCCAT Kave XTD (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016206}) (Version: - Roccat GmbH) Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.5 - Samsung Electronics) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Smart Recovery 2 B14.1209.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B14.0731.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B14.0731.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) Tixati (HKLM-x32\...\tixati) (Version: - ) Trackmania Turbo (HKLM\...\Steam App 375900) (Version: - Nadeo) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2F5BBB12-EE07-4E27-BD19-423F18CF03A5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-01-08] (Samsung Electronics.) Task: {46E61794-AA76-4D47-86C3-3081D6C52D7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.) Task: {49BF7E02-B6E6-403F-BEE8-719F99A37C14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.) Task: {C3031F5A-CA73-471B-9314-9045A81F0F19} - System32\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {E14C44BE-E430-4602-937A-75A86AFFE745} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {E1639A15-7B07-442F-BCB1-EEF3636E7A5F} - System32\Tasks\GTNU_635940224626022571 => Chrome.exe hxxp://www.5web.co/wapi/tudp.php?fp=70DF-4A3E-34F0-1E38-C887-9B35-AE47-9586&cc=IL Task: {E5AFBB1F-AA5D-4947-AC75-C07917A56276} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-03-18 08:42 - 2016-03-22 05:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 09:45 - 2016-03-18 09:45 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll 2016-03-30 21:25 - 2016-03-30 21:25 - 00707072 _____ () C:\Riot Games\LolScreenSaver\service\service.exe 2016-03-18 08:42 - 2016-03-30 04:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-04-02 14:10 - 2016-03-30 04:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-18 08:42 - 2016-03-30 04:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-03-18 08:42 - 2016-03-30 04:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-02 14:10 - 2016-03-30 04:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-02 14:10 - 2016-03-30 04:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-02 14:10 - 2016-03-30 04:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-18 08:42 - 2016-03-30 04:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-02 14:10 - 2016-03-30 04:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-02 14:10 - 2016-03-30 04:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-03-18 08:29 - 2013-03-19 16:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-03-18 08:42 - 2016-03-30 04:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2009-07-14 00:03 - 2009-07-14 04:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2016-03-18 08:56 - 2016-03-08 05:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-18 08:56 - 2016-03-08 05:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-04-09 13:29 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Penne\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2016-04-17 01:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Penne\AppData\Roaming\MultiWall\\wallpaper.bmp DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F97853C9-3C52-4D5A-AEB2-C0760B36C30F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DFA471F5-9527-45A1-8D7B-0B000267A6DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A61EA972-30A0-482F-B799-7FE8F51DC368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8E9B1A61-B3B1-41C1-866A-3DE58DCFA837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{241F3230-51DE-4BD6-938E-98DDB154AF4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{2E20D67E-43D4-4AEB-8DA3-F113C8E9EDC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C0640F91-D55B-4F81-98E0-BA7FBED1F8E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E0074908-A3B1-4443-853D-AB8D9C4B65F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{FEF3C82E-AEF3-4617-80EF-E059C3254CD8}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe FirewallRules: [UDP Query User{8C841A1D-F28B-4F8D-ADF7-DA13A24FED7A}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe FirewallRules: [{FE88C34C-49BF-4714-828C-D9EB7E988357}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{268F4022-0559-4DC5-AE50-E78953065C57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B351FF78-89CE-4FE6-A90F-03CC5F38A316}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1B9CCA89-A970-4270-B3DB-E3C5CFBD7AEB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{145C947C-3F69-4DEB-BC1A-8437E7760D84}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DAF8F908-4628-4F59-A49E-6C5ED8F48C97}] => (Allow) D:\Steam-Apps\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{3D11F486-6E12-4075-BF18-BA21A1AF1217}] => (Allow) D:\Steam-Apps\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{D2D57AAB-CC36-49CD-9820-93822E546EBC}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [UDP Query User{A90A9723-82EE-4E92-93B7-9FE73E9A8677}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [{C79DFBCE-49AF-4A43-AA16-4C4FD9054735}] => (Allow) D:\Steam-Apps\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{8C473422-B915-4CCA-8C39-86E726D819CD}] => (Allow) D:\Steam-Apps\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{978EBBB8-8C00-442C-AAE5-8581B859DB97}] => (Allow) D:\Steam-Apps\steamapps\common\nosgoth\NosgothLauncher.exe FirewallRules: [{83C0289B-6D08-48F0-9495-2B9C38B7A6E3}] => (Allow) D:\Steam-Apps\steamapps\common\nosgoth\NosgothLauncher.exe FirewallRules: [{DA7F5A0F-BC47-48C3-A45E-243487AA07AC}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\PA.exe FirewallRules: [{7EC81193-CB19-4C5D-8FD8-CB77D583462C}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\PA.exe FirewallRules: [{87A1D1F7-F748-4711-A8B9-7D53A3886E4B}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\PA.exe FirewallRules: [{F8A1A03A-5CFB-4B26-ACDD-1223894FC87F}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\PA.exe FirewallRules: [{119AEA45-F114-404C-8091-D5300298BDC4}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe FirewallRules: [{793F3AC9-B2C9-4AC0-B365-055446D267F4}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe FirewallRules: [{924611BE-3948-4781-84EE-9C0D85CBEB7B}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{0B15B2D0-A21B-4591-9A69-1CA4C84F1CED}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe FirewallRules: [{755C7EEE-3E22-4D71-8E7F-32CA34002662}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe FirewallRules: [{2B8B28B0-9773-42D0-81F7-6735065601E7}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe FirewallRules: [{D3DA14C9-F403-4D49-AD10-EF6F1B3421A8}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{F26ABB2D-9CA5-47AF-B5AB-62DCBCB0A79C}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe FirewallRules: [{632D1E00-908E-44CC-A711-2B127183CDA2}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\server.exe FirewallRules: [{9915292A-9726-427D-859B-76C4C66F47A9}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\server.exe FirewallRules: [{3EEF11CF-FD98-4DD6-8AC4-7598A6132008}] => (Allow) D:\Steam-Apps\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A4E4EA51-E0B3-4075-BA6C-F7F0C63D3644}] => (Allow) D:\Steam-Apps\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{24E2F9D7-C9F3-4C65-AE66-F6B1E7BBAC4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{39796F68-328E-494A-ABCF-60E689FC4C20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{861866CF-9A80-47F1-A26A-A7724DC5DB2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BFA4DA97-9F77-4757-AAFF-99CF486CDD0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{A60151A1-E913-4D4C-9C54-AC592DBB4E8E}D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe] => (Allow) D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe FirewallRules: [UDP Query User{3A1E9D41-0B74-458E-B944-90B2E0257613}D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe] => (Allow) D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe FirewallRules: [{0428E04E-6DAF-4D2D-A9BE-51AC538A97CD}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\TrackmaniaTurbo.exe FirewallRules: [{AABA8A94-4645-4A90-9BB4-0B6FDC4E8778}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\TrackmaniaTurbo.exe FirewallRules: [{E53877A5-627C-4E91-99E4-5E5BAD1D7B02}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\Config.exe FirewallRules: [{690176E8-6514-4726-A2FD-6FA4ACC87016}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\Config.exe FirewallRules: [TCP Query User{924B7A66-0437-44C7-BE07-DEB3F9DD0BFF}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe FirewallRules: [UDP Query User{D3E8AC35-82E3-4D2A-B27C-9A104D7A8311}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe FirewallRules: [TCP Query User{9A477243-2C4B-42FF-84DD-EBF89324625F}D:\games\battleplans\client\battleplans.exe] => (Allow) D:\games\battleplans\client\battleplans.exe FirewallRules: [UDP Query User{B887D9C7-0A18-4E30-8F87-4435900AE82B}D:\games\battleplans\client\battleplans.exe] => (Allow) D:\games\battleplans\client\battleplans.exe ==================== Restore Points ========================= 07-04-2016 14:49:54 AA11 09-04-2016 01:12:49 Windows Update 09-04-2016 20:11:06 Installed Adblock Plus for IE (32-bit and 64-bit) 13-04-2016 16:49:49 Windows Update 13-04-2016 23:44:31 Windows Update 16-04-2016 11:54:45 Installed Battleplans 16-04-2016 18:34:48 Removed Battleplans 16-04-2016 18:36:18 Removed Adblock Plus for IE (32-bit and 64-bit) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/17/2016 01:26:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/17/2016 01:09:16 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/17/2016 12:11:47 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 11:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 10:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 09:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 08:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 07:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 05:58:39 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (04/16/2016 05:28:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (04/17/2016 01:41:18 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/17/2016 01:26:57 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/17/2016 01:12:36 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/17/2016 01:12:09 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/17/2016 01:11:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The League Screensaver service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (04/17/2016 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The League Screensaver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service. Error: (04/17/2016 01:10:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (04/17/2016 01:10:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The League Screensaver service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (04/17/2016 01:09:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The League Screensaver service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service. Error: (04/16/2016 05:58:39 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} CodeIntegrity: =================================== Date: 2016-04-17 01:12:09.171 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-17 01:12:09.153 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz Percentage of memory in use: 38% Total physical RAM: 8082.06 MB Available physical RAM: 4965.21 MB Total Virtual: 8280.25 MB Available Virtual: 5803.11 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:173.71 GB) NTFS Drive d: () (Fixed) (Total:465.76 GB) (Free:245.22 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: FFE72723) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E06A7B1C) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
- April 16, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

roguekiller report: RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Penne [Administrator] Started from : D:\Desktop\RogueKiller.exe Mode : Scan -- Date : 04/17/2016 01:31:55 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 8 ¤¤¤ [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found ¤¤¤ Tasks : 1 ¤¤¤ [Suspicious.Path] \GNU_635940224620902278 -- C:\Users\Penne\AppData\Roaming\SafeWeb\atg.exe -> Found ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ATA Samsung SSD 840 SCSI Disk Device +++++ --- User --- [MBR] dfb6124089ecce3332245490cb1dbf36 [BSP] 3c9a785f714dcb3815571ac78cf1ce31 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ATA WDC WD5000AAKX-2 SCSI Disk Device +++++ --- User --- [MBR] 5915bd48c71eb516b29497979b8ebc11 [BSP] fa3c82ac89ea70f72bbbcba3d9215287 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
- April 16, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

That is the log I received: ComboFix 16-04-13.01 - Penne 17-Apr-16 1:09.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1255.972.1033.18.8082.6156 [GMT 3:00] Running from: d:\desktop\ComboFix.exe AV: ESET NOD32 Antivirus 9.0.318.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} SP: ESET NOD32 Antivirus 9.0.375.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ar\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\bg\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ca\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\cs\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\da\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\de\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\el\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\en\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\es\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\fi\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\fr\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\gu\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\he\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\hr\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\hu\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\id\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\it\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ja\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ko\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\nb\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\nl\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pl\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pt_BR\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pt_PT\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ro\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ru\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sk\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sl\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sr\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sv\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\tr\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\uk\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\vi\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\zh_CN\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\zh_TW\messages.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_metadata\computed_hashes.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_metadata\verified_contents.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_safari_beforeload.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_safari_contentblocking.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_start_chrome.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_start_common.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\background.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\bandaids.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\CHANGELOG.txt c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\checkupdates.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\datacollection.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\declarativewebrequest.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\domainset.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filternormalizer.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filteroptions.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filterset.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filtertypes.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\myfilters.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\functions.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\gab_question.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\idlehandler.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\delete.gif c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox1.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox2.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox3.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\facebook-sprite.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\gplus-sprite.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon128.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16_grayscale.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16_grayscale@2x.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19-grayscale.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19-whitelisted.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon24.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon32.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38-grayscale.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38-whitelisted.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon48.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\loader.gif c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\logo.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\check.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\magnifying_glass.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-engine-card_no-shadow.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-engine-icons.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-omnibox-card_no-shadow.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search_engine_select_arrow.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\twitter-sprite.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-icons_056b93_256x240.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-icons_d8e7f3_256x240.png c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\jquery-ui.custom.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\override-page.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery-ui.custom.min.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery.cookie.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery.min.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\LICENSE c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\manifest.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\notificationoverlay.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\bug-report.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\bug-report.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\customize.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\customize.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\filters.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\filters.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\general.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\general.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\index.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\index.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\options.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\support.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\support.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\adreport.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\adreport.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.css c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.html c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\port.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\punycode.min.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\README.markdown c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\stats.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\survey.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\translators.json c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\blacklistui.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\clickwatcher.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\elementchain.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\overlay.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\rightclick_hook.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\load_jquery_ui.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\send_content_to_back.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\top_open_blacklist_ui.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\top_open_whitelist_ui.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\ytchannel.js c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\Penne\AppData\Roaming\Launcher.dat c:\windows\Temp\log.txt . . ((((((((((((((((((((((((( Files Created from 2016-03-16 to 2016-04-16 ))))))))))))))))))))))))))))))) . . 2016-04-16 22:12 . 2016-04-16 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2016-04-16 15:36 . 2016-04-16 15:36 -------- d-----w- c:\windows\system32\appmgmt 2016-04-16 15:29 . 2016-04-16 15:29 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{74478CE7-E1FE-456D-A1CB-348DAA43BDE6}\offreg.3760.dll 2016-04-16 14:21 . 2016-04-16 14:28 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2016-04-16 14:21 . 2016-04-16 14:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2016-04-16 14:21 . 2016-03-10 11:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys 2016-04-16 14:21 . 2016-03-10 11:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2016-04-16 14:21 . 2016-03-10 11:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys 2016-04-16 14:16 . 2016-04-16 15:29 -------- d-----w- c:\programdata\boost_interprocess 2016-04-15 16:32 . 2016-03-17 01:45 11686560 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{74478CE7-E1FE-456D-A1CB-348DAA43BDE6}\mpengine.dll 2016-04-15 11:18 . 2016-04-15 11:20 -------- d-----w- C:\Flashtool 2016-04-13 20:24 . 2016-04-13 20:25 -------- d-----w- c:\program files (x86)\BSplayerPro 2016-04-13 14:11 . 2016-03-06 18:53 1885696 ----a-w- c:\windows\system32\msxml3.dll 2016-04-13 14:11 . 2016-03-06 18:53 2048 ----a-w- c:\windows\system32\msxml3r.dll 2016-04-13 14:11 . 2016-03-06 18:38 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2016-04-13 14:11 . 2016-03-06 18:38 1240576 ----a-w- c:\windows\SysWow64\msxml3.dll 2016-04-13 14:11 . 2016-03-29 17:53 3216896 ----a-w- c:\windows\system32\win32k.sys 2016-04-08 22:12 . 2016-04-04 18:02 1169408 ----a-w- c:\windows\system32\aeinv.dll 2016-04-07 11:43 . 2016-04-16 07:07 -------- d-----w- C:\AdwCleaner 2016-04-07 11:18 . 2016-03-23 14:02 215040 ----a-w- c:\windows\system32\aepic.dll 2016-04-07 11:18 . 2016-03-17 18:04 698368 ----a-w- c:\windows\system32\generaltel.dll 2016-04-07 11:18 . 2016-03-17 18:04 499200 ----a-w- c:\windows\system32\devinv.dll 2016-04-07 11:18 . 2016-03-17 18:04 279040 ----a-w- c:\windows\system32\invagent.dll 2016-04-07 11:18 . 2016-03-17 18:04 76800 ----a-w- c:\windows\system32\acmigration.dll 2016-04-02 21:57 . 2016-04-02 21:57 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET 2016-04-02 11:15 . 2016-03-22 02:10 112184 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2016-04-02 11:10 . 2016-03-21 20:01 56384 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2016-04-02 11:10 . 2016-03-21 20:01 109632 ----a-w- c:\windows\system32\nvaudcap64v.dll 2016-04-02 11:10 . 2016-03-21 20:01 100416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2016-04-01 20:50 . 2016-04-01 20:50 -------- d-----w- c:\programdata\Steam 2016-03-31 18:05 . 2016-03-31 18:05 -------- d-----w- C:\Riot Games 2016-03-31 12:17 . 2016-03-31 12:26 -------- d-----w- c:\programdata\TrackmaniaTurbo 2016-03-31 12:07 . 2016-03-31 12:07 -------- d-----w- c:\program files (x86)\Ubisoft 2016-03-31 11:30 . 2016-03-31 11:32 -------- d-----w- c:\programdata\Glyph 2016-03-30 18:25 . 2016-03-30 18:25 3721216 ----a-w- c:\windows\SysWow64\lol.scr 2016-03-25 17:27 . 2016-03-25 17:27 -------- d-----w- c:\programdata\Malwarebytes 2016-03-25 16:04 . 2016-03-25 16:04 -------- d-----w- c:\program files\USB Drivers 2016-03-25 14:33 . 2016-03-25 14:33 -------- d-----w- c:\program files (x86)\Bacon Root Toolkit 2016-03-25 13:36 . 2016-03-25 13:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2016-03-25 11:07 . 2016-03-25 11:07 -------- d-----w- c:\program files (x86)\MusicBee 2016-03-24 13:48 . 2016-03-24 13:48 -------- d-----w- c:\program files (x86)\TeamViewer 2016-03-21 08:10 . 2015-12-20 18:50 3180544 ----a-w- c:\windows\system32\rdpcorets.dll 2016-03-21 08:10 . 2015-12-20 18:50 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2016-03-21 08:10 . 2015-12-20 14:08 243200 ----a-w- c:\windows\system32\rdpudd.dll 2016-03-21 08:04 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe 2016-03-21 00:11 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll 2016-03-21 00:11 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe 2016-03-21 00:11 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll 2016-03-21 00:11 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll 2016-03-21 00:11 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll 2016-03-21 00:11 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll 2016-03-21 00:11 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll 2016-03-20 22:04 . 2016-03-20 22:04 -------- d-----w- c:\program files (x86)\Skillbrains 2016-03-20 19:22 . 2013-10-02 04:38 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui 2016-03-20 19:22 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll 2016-03-20 19:22 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2016-03-20 19:22 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-03-20 19:22 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-03-20 19:22 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll 2016-03-20 19:22 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll 2016-03-20 19:22 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll 2016-03-20 19:22 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll 2016-03-20 19:22 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe 2016-03-20 19:22 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe 2016-03-20 19:21 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2016-03-20 19:21 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys 2016-03-20 19:21 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll 2016-03-20 19:21 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll 2016-03-20 12:08 . 2016-03-20 12:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2016-03-20 00:15 . 2016-03-20 12:09 -------- d-----w- c:\program files (x86)\Microsoft Works 2016-03-20 00:15 . 2016-03-25 17:45 -------- d-----w- c:\windows\PCHEALTH 2016-03-20 00:14 . 2016-03-20 00:14 -------- d-----w- c:\program files\Microsoft Office 2016-03-20 00:14 . 2016-03-20 00:14 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2016-03-20 00:14 . 2016-04-13 20:48 -------- d-----w- c:\programdata\Microsoft Help 2016-03-20 00:13 . 2016-03-20 00:13 -------- d-----r- C:\MSOCache 2016-03-20 00:05 . 2016-03-20 00:05 -------- d-----w- c:\program files (x86)\DAMN NFO Viewer 2016-03-20 00:02 . 2016-03-20 00:03 -------- d-----w- c:\program files (x86)\NFOlux 2016-03-19 23:43 . 2016-03-19 23:43 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys 2016-03-19 23:42 . 2016-03-19 23:43 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys 2016-03-19 23:42 . 2016-03-19 23:43 -------- d-----w- c:\program files\DAEMON Tools Lite 2016-03-19 23:42 . 2016-03-19 23:42 -------- d-----w- c:\programdata\DAEMON Tools Lite 2016-03-19 23:21 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2016-03-19 23:21 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll 2016-03-19 23:04 . 2016-03-19 23:04 49584 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys 2016-03-19 22:14 . 2016-03-19 22:14 -------- d-----w- c:\users\Public\Thunder Network 2016-03-19 22:14 . 2016-03-19 22:14 -------- d-----w- c:\programdata\Thunder Network 2016-03-19 16:46 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2016-03-19 16:46 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2016-03-19 15:41 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2016-03-19 15:41 . 2015-12-08 19:07 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2016-03-19 15:41 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll 2016-03-19 15:41 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll 2016-03-19 15:41 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll 2016-03-19 15:41 . 2015-11-10 18:55 1180160 ----a-w- c:\windows\system32\FntCache.dll 2016-03-19 15:41 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll 2016-03-19 15:30 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2016-03-19 15:30 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2016-03-19 15:00 . 2016-04-08 22:12 -------- d-----w- c:\windows\system32\appraiser 2016-03-19 15:00 . 2016-03-19 15:00 -------- d-s---w- c:\windows\system32\CompatTel 2016-03-19 14:53 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2016-03-19 14:53 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-03-19 14:52 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE 2016-03-19 14:50 . 2016-03-19 14:50 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2016-03-19 10:41 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL 2016-03-19 10:41 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL 2016-03-19 10:41 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL 2016-03-19 10:41 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL 2016-03-19 10:41 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL 2016-03-19 10:41 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL 2016-03-19 10:41 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL 2016-03-19 10:39 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys 2016-03-19 10:39 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys 2016-03-19 10:39 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2016-03-19 10:39 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys 2016-03-19 10:39 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys 2016-03-19 10:39 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll 2016-03-19 10:39 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe 2016-03-19 10:39 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll 2016-03-19 10:39 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe 2016-03-19 10:38 . 2015-06-03 20:16 1239720 ----a-w- c:\windows\system32\aitstatic.exe 2016-03-19 01:16 . 2016-03-24 15:13 -------- d-s---w- c:\windows\SysWow64\GWX 2016-03-19 01:16 . 2016-03-24 15:13 -------- d-s---w- c:\windows\system32\GWX 2016-03-18 16:16 . 2016-03-18 16:16 -------- d-----w- c:\windows\Migration 2016-03-18 16:05 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2016-03-18 15:37 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2016-04-06 07:18 . 2010-11-21 03:27 453280 ------w- c:\windows\system32\MpSigStub.exe 2016-03-18 09:10 . 2015-07-30 19:41 264552 ----a-w- c:\windows\system32\drivers\eamonm.sys 2016-03-18 09:10 . 2015-07-30 19:41 186784 ----a-w- c:\windows\system32\drivers\ehdrv.sys 2016-03-18 09:10 . 2015-07-30 19:41 170792 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys 2016-03-18 08:54 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll 2016-03-18 08:54 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll 2016-03-18 08:54 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll 2016-03-17 22:24 . 2016-04-13 13:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2016-03-16 21:30 . 2016-03-16 21:30 128792 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-5-1.dll 2016-03-16 21:29 . 2016-03-16 21:29 41752 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-5-1.exe 2016-03-16 21:29 . 2016-03-16 21:29 127768 ----a-w- c:\windows\system32\vulkan-1-1-0-5-1.dll 2016-03-16 21:28 . 2016-03-16 21:28 45848 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-5-1.exe 2016-02-14 01:47 . 2016-02-14 01:47 125720 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-3-0.dll 2016-02-14 01:46 . 2016-02-14 01:46 126232 ----a-w- c:\windows\system32\vulkan-1-1-0-3-0.dll 2016-02-14 01:45 . 2016-02-14 01:45 42264 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe 2016-02-14 01:45 . 2016-02-14 01:45 45848 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-3-0.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-10 50599552] "DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-03-01 4290240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "Lightshot"="c:\program files (x86)\Skillbrains\lightshot\Lightshot.exe" [2014-10-16 226560] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "EasyTune"="c:\program files (x86)\GIGABYTE\EasyTune\etro.exe" [2014-08-19 5632] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Ryos TKL Driver.lnk - c:\program files (x86)\ROCCAT\Ryos TKL Keyboard\Ryos TKL Monitor.exe [2014-7-23 4805120] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 LolScreenSaverService;League Screensaver;c:\riot games\LolScreenSaver\service\service.exe;c:\riot games\LolScreenSaver\service\service.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x] S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x] S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x] S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x] S3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x] S3 etocdrv;etocdrv;c:\windows\etocdrv.sys;c:\windows\etocdrv.sys [x] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 ROCCATKV;Roccat KAVE XTD USB Mult-channel Headphone Device Driver;c:\windows\system32\DRIVERS\ROCCATKV.SYS;c:\windows\SYSNATIVE\DRIVERS\ROCCATKV.SYS [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2016-03-18 05:56 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2016-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18 05:55] . 2016-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18 05:55] . 2016-04-16 c:\windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job - c:\program files (x86)\Skillbrains\Updater\Updater.exe [2016-03-20 11:29] . 2016-04-16 c:\windows\Tasks\update-sys.job - c:\program files (x86)\Skillbrains\Updater\Updater.exe [2016-03-20 11:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2016-02-25 05:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2016-02-25 05:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2016-02-25 05:39 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-03-30 2396096] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-03-30 1767248] "Cm106Sound"="c:\program files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe" [2014-01-14 2196992] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2\RPMKickstartEx.exe" [2014-04-01 2320384] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: eset.com\help TCP: DhcpNameServer = 10.0.0.138 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-ic-0.055170ed78988.exe -start - c:\users\Penne\AppData\Local\Temp\25993338\ic-0.055170ed78988.exe ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file) AddRemove-SafeWeb - c:\users\Penne\AppData\Roaming\SafeWeb\Uninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2016-04-17 01:13:47 ComboFix-quarantined-files.txt 2016-04-16 22:13 . Pre-Run: 186,271,961,088 bytes free Post-Run: 186,572,087,296 bytes free . - - End Of File - - D85A7FE9D540ACA8C8FD3E03AA7A4554 A36C5E4F47E84449FF07ED3517B43A31
- April 16, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne replied to Penne's topic in Resolved Malware Removal Logs

Hey there Kevin, I did another scan after changing the settings as you suggested before. But MBAM still didn't found anything. Here is the scan log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 16-Apr-16 Scan Time: 17:28 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.04.16.03 Rootkit Database: v2016.04.09.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Penne Scan Type: Threat Scan Result: Completed Objects Scanned: 381031 Time Elapsed: 5 min, 38 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Then, I tried to install Farbar Recovery Scan Tool without a success. (and I'm sure about my 64 bit system) Here is the error message: Thank you for your time. Penne. P.S. I am familiar with computers, so you can explain and work with me on complicated terms.
- April 16, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm
A pop up ad that shows up every day.

Penne posted a topic in Resolved Malware Removal Logs

Hello, Every day, exactly at 2:00 pm, on my computer an add pop up. Even if my browser isnt active, it's shows up. I tried many software to detect the ("what i think of as a") virus, with out any success... Ty for help. Penne.
- April 15, 2016
- 15 replies
- - pop up ad
  - pop up
  - (and 3 more)
    Tagged with:
    
    pop up ad
    
    pop up
    
    ad
    
    every day
    
    2pm

Sign In

Penne

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by Penne

A pop up ad that shows up every day.

A pop up ad that shows up every day.

A pop up ad that shows up every day.

A pop up ad that shows up every day.

A pop up ad that shows up every day.

A pop up ad that shows up every day.

A pop up ad that shows up every day.

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information