Jump to content

theories

Members
  • Posts

    21
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks Kevin! You're a great person. Thanks so much for taking your time to help me and everyone else who has issues. Props to you, - Ty
  2. Browser seems perfect. So far so good. Performance in all programs is back to what it used to be, OS navigates quickly again, framerate in games seem to be a bit better than they were before the infection, so really pleased with that. FRST Logs attached. Addition.txt FRST.txt
  3. Sorry for the late responses. Been a bit busy this week. Here's the fixlog. Fixlog_22-01-2018 16.54.01.txt
  4. I THINK it's this one, not 100% sure. All I know is that it seems to be gone and performance is great so I'm satisfied. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01 Ran by tysto (administrator) on DESKTOP-7VB8AM9 (20-01-2018 23:09:18) Running from F:\Downloads Loaded Profiles: tysto (Available Profiles: tysto) Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (TOSHIBA CORPORATION) C:\Windows\System32\svolrhbsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files\Everything\Everything.exe () C:\Program Files\JetBrains\PyCharm 2017.1.3\lserver-softhound\dvt-jb_licsrv.amd64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (PreSonus) C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe () C:\Windows\System32\PnkBstrA.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Guillemot Corporation) C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Thrustmaster®) C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe (PreSonus) C:\Program Files\PreSonus\Universal Control\Universal Control.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Corsair Components, Inc.) F:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe () C:\Users\tysto\AppData\Local\avaorlt\avaorlt.exe () C:\Users\tysto\AppData\Local\codwpnv\seizoag.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\Everything\Everything.exe () C:\Program Files\Everything\Everything.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Users\tysto\AppData\Local\avaorlt\wmnteal.exe () C:\Users\tysto\AppData\Local\avaorlt\wmnteal.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] () HKLM\...\Run: [iTunesHelper] => "C:\Program Files\iTunes\iTunesHelper.exe" HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor) HKLM\...\Run: [hardi] => "C:\Program Files (x86)\Caricatures\uninitiated.exe" HKLM\...\Run: [hardiniles] => "C:\Program Files (x86)\ghent\emigrates.exe" HKLM\...\Run: [hardihardi] => "C:\Program Files (x86)\Figuration\uninitiated.exe" HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [449280 2017-07-05] (Power Software Ltd) HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394144 2017-09-15] (KORG Inc.) HKLM-x32\...\Run: [Corsair Utility Engine] => F:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20763320 2017-11-03] (Corsair Components, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [multiply] => "C:\Program Files (x86)\Caricatures\uninitiated.exe" HKLM-x32\...\Run: [multiplyashamed] => "C:\Program Files (x86)\ghent\emigrates.exe" HKLM-x32\...\Run: [multiplymultiply] => "C:\Program Files (x86)\Figuration\uninitiated.exe" HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-20] (Valve Corporation) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Universal Control] => C:\Program Files\PreSonus\Universal Control\Universal Control.exe [12483072 2017-06-22] (PreSonus) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Spotify] => C:\Users\tysto\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-22] (Spotify Ltd) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2017-09-29] (Microsoft Corporation) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [Spotify Web Helper] => C:\Users\tysto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-22] (Spotify Ltd) HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [bguard] => rundll32.exe "C:\Users\tysto\AppData\Local\bguard.dll",bguard <==== ATTENTION HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [WGZSVRNSWE.exe] => C:\Program Files\Camel Audio\KWJIKEBZAL\WGZSVRNSWE.exe HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [dyitoLQu1.exe] => C:\Users\tysto\AppData\Local\ae84f0559f4346fe8e34d3bb4c370522\dyitoLQu1.exe HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [46aUVjGW.exe] => C:\Users\tysto\AppData\Local\Temp\6ef20c45b265414a8df736052685cbae\46aUVjGW.exe <==== ATTENTION HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [B9Vw4k5iF.exe] => C:\Users\tysto\AppData\Roaming\c3a522989b13498398f583cf76d15ae0\B9Vw4k5iF.exe HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\Run: [WinResSync] => C:\WINDOWS\system32\regsvr32.exe /s "C:\Users\tysto\AppData\Roaming\Microsoft\Protect\e65560-fe6ec1-fac14208-e2e3c0-d4f0.rs" <==== ATTENTION HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\MountPoints2: G - "G:\setup.exe" HKU\S-1-5-21-726553471-3273426182-1616091258-1001\...\MountPoints2: H - "H:\autorun.exe" Startup: C:\Users\tysto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2018-01-07] ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (VB-AUDIO Software) GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{55ab9539-8660-4c9e-b940-cc77cdf26558}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8ecc457c-8ba6-44b7-a88f-61693bcbe2cb}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131607955468067531&GUID=5A420E2C-4979-4958-AC2D-9B6827EC9334 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-04] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-04] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-13] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-13] (Oracle Corporation) FireFox: ======== FF DefaultProfile: oza1mh9l.default FF ProfilePath: C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default [2018-01-20] FF Homepage: Mozilla\Firefox\Profiles\oza1mh9l.default -> hxxps://www.google.com/ hxxps://www.youtube.com/ hxxps://soundcloud.com/stream hxxps://www.reddit.com/ hxxps://steamcommunity.com/ FF Extension: (Disconnect) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\2.0@disconnect.me.xpi [2018-01-18] FF Extension: (LessPass) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\contact@lesspass.com.xpi [2018-01-18] FF Extension: (Cookie AutoDelete) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-01-18] FF Extension: (HTTPS Everywhere) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\https-everywhere@eff.org.xpi [2018-01-18] FF Extension: (Decentraleyes) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2018-01-18] FF Extension: (Privacy Badger) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2018-01-18] FF Extension: (youtubedark) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\jid1-y4pUQrD6t1PJJa@jetpack.xpi [2018-01-20] FF Extension: (Playback speed) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\playbackSpeed@waldemar.b.xpi [2018-01-18] FF Extension: (uBlock Origin) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\uBlock0@raymondhill.net.xpi [2018-01-18] FF Extension: (Dark Mode) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2018-01-20] FF Extension: (NoScript) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-01-18] FF Extension: (Night Mode Pro) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\Extensions\{862f1187-5a4d-4b5c-b211-c5aea8a5c017}.xpi [2018-01-20] FF Extension: (Disable JavaScript Shared Memory) - C:\Users\tysto\AppData\Roaming\Mozilla\Firefox\Profiles\oza1mh9l.default\features\{46d7b35f-d604-4b46-b74d-f9b29d6023a4}\disable-js-shared-memory@mozilla.org.xpi [2018-01-18] [Legacy] FF Extension: (Adblocker for Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-01-18] [not signed] FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-04] (Oracle Corporation) FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-13] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Users\tysto\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-11-27] (Cisco WebEx LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.youtube.com/","hxxp://www.soundcloud.com/","hxxp://reddit.com/" CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\tysto\AppData\Local\Google\Chrome\User Data\Default [2018-01-18] CHR Extension: (Enhanced Steam) - C:\Users\tysto\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2017-12-09] CHR Extension: (Chrome Media Router) - C:\Users\tysto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKLM\SYSTEM\CurrentControlSet\Services\tldixp <==== ATTENTION (Rootkit!) S4 27a09f4cf3d2076f4d01b901f65804eb; C:\WINDOWS\27a09f4cf3d2076f4d01b901f65804eb.dll [1350144 2018-01-18] () [File not signed] S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-13] () S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-12-27] (EasyAntiCheat Ltd) R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] () R2 JetBrainsLicServerDVT; C:\Program Files\JetBrains\PyCharm 2017.1.3\lserver-softhound\dvt-jb_licsrv.amd64.exe [5762048 2016-10-05] () [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-05] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-05] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-22] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-22] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-12-02] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-12-02] () R2 PreSonus Hardware Access Service; C:\Program Files\PreSonus\Universal Control\PreSonusHardwareAccessService.exe [367616 2017-06-22] (PreSonus) [File not signed] R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [431616 2017-11-07] (Razer Inc.) [File not signed] R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [919200 2017-11-29] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation) R2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [46208 2017-09-18] (Thrustmaster®) R2 TmWinService; C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [315944 2016-10-31] (Guillemot Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation) S4 2f1f18d9d52577f4e17006735ddea345; "C:\Program Files\2f1f18d9d52577f4e17006735ddea345\8af96aa19408b95af324431e8ad25b1c.exe" [X] S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X] S2 NativeDesktopMediaService; "C:\Program Files\jetmedia\NativeDesktopMediaService\native_desktop_media_service.exe" --service [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3097560 2018-01-20] () R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-10-10] (Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-10-10] (Corsair) R3 DLKRT64; C:\WINDOWS\System32\drivers\DLKRT64.sys [550400 2011-07-26] (D-Link Corp. ) S3 gbxavs; C:\WINDOWS\System32\Drivers\gbxavs.sys [357968 2011-07-07] (Native Instruments GmbH) S3 gbxusb_svc; C:\WINDOWS\System32\Drivers\gbxusb.sys [68688 2011-07-07] (Native Instruments GmbH) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2018-01-20] () S3 KORGUMDS; C:\WINDOWS\System32\Drivers\KORGUM64.SYS [34184 2017-09-15] (KORG INC.) R3 npusbio; C:\WINDOWS\System32\Drivers\npusbio_x64.sys [38400 2015-12-11] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5601d21ccd639df9\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31032 2018-01-05] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2018-01-03] (NVIDIA Corporation) R3 paeusbaudio; C:\WINDOWS\System32\drivers\paeusbaudio_x64.sys [301656 2017-05-23] () R3 paeusbaudioks; C:\WINDOWS\system32\DRIVERS\paeusbaudioks_x64.sys [67672 2017-05-23] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [963056 2017-06-17] (Realtek ) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.) R3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2016-08-31] (Tobias Erichsen) R3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation) R3 TmBusEn; C:\Windows\SysWOW64\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation) S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation) S3 TmFilter; C:\Windows\SysWOW64\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation) S3 TmHid; C:\WINDOWS\system32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation) S3 TmHid; C:\Windows\SysWOW64\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation) R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2018-01-07] (Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2018-01-07] (Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation) S3 nnnqqu; system32\drivers\hhhkkk.sys [X] R3 osvybf; system32\drivers\vybfil.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-01-20 22:55 - 2018-01-20 23:09 - 000000000 ____D C:\FRST 2018-01-20 22:33 - 2018-01-20 22:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-01-20 22:31 - 2018-01-20 22:31 - 000142672 ____N C:\WINDOWS\system32\Drivers\wdhhkoru.sys 2018-01-20 12:46 - 2018-01-20 15:05 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-01-20 12:46 - 2018-01-20 13:15 - 000000000 ____D C:\Users\tysto\Desktop\mbar 2018-01-20 12:46 - 2018-01-20 13:02 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7653318C.sys 2018-01-20 12:46 - 2018-01-20 13:02 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2018-01-20 12:30 - 2018-01-20 12:43 - 000000598 _____ C:\WINDOWS\system32\.crusader 2018-01-20 12:24 - 2018-01-20 12:26 - 000000000 ____D C:\Program Files\HitmanPro 2018-01-20 12:24 - 2018-01-20 12:24 - 000001965 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2018-01-20 12:24 - 2018-01-20 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2018-01-20 12:11 - 2018-01-20 13:00 - 000054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2018-01-20 12:10 - 2018-01-20 12:29 - 000000000 ____D C:\ProgramData\HitmanPro 2018-01-19 23:23 - 2018-01-19 23:23 - 000000010 _____ C:\Users\tysto\Desktop\pass.txt 2018-01-18 23:42 - 2018-01-18 23:43 - 000000644 _____ C:\Users\tysto\Downloads\Turn_On_Windows_Defender_Antivirus.reg 2018-01-18 23:19 - 2018-01-20 12:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-01-18 23:19 - 2018-01-18 23:19 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-01-18 23:19 - 2018-01-18 23:19 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-01-18 23:19 - 2018-01-18 23:19 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-01-18 23:19 - 2018-01-18 23:19 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-01-18 23:19 - 2018-01-18 23:19 - 000001915 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-01-18 23:19 - 2018-01-18 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-01-18 23:19 - 2018-01-18 23:19 - 000000000 ____D C:\Program Files\Malwarebytes 2018-01-18 23:19 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2018-01-18 23:15 - 2018-01-18 23:15 - 082463440 _____ (Malwarebytes ) C:\Users\tysto\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3724.exe 2018-01-18 22:58 - 2018-01-18 22:58 - 000000000 ____D C:\Users\tysto\Desktop\Process Explorer 2018-01-18 22:39 - 2018-01-18 22:39 - 009932672 _____ C:\Users\tysto\Downloads\bitdefender_online.exe 2018-01-18 19:21 - 2018-01-18 19:21 - 000068288 _____ C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2018-01-18 19:20 - 2018-01-18 19:21 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntkrnlmp.exe 2018-01-18 19:20 - 2018-01-18 19:21 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\osloader.exe 2018-01-18 19:20 - 2018-01-18 19:20 - 000016846 _____ C:\WINDOWS\System32\Tasks\Keyspan Calculator 2018-01-18 19:03 - 2018-01-18 19:03 - 000016872 _____ C:\WINDOWS\System32\Tasks\SideZone German-Gantic 2018-01-18 18:51 - 2018-01-18 18:51 - 000000000 ____D C:\ProgramData\System Native 2018-01-18 18:48 - 2018-01-20 22:25 - 000014484 _____ C:\WINDOWS\System32\Tasks\100 Calculator 2018-01-18 18:48 - 2018-01-18 22:02 - 000000000 ____D C:\ProgramData\04a9afd3cb854241a6b776abdcbca547 2018-01-18 18:48 - 2018-01-18 18:48 - 000000000 ____D C:\Program Files (x86)\System Native 2018-01-18 18:43 - 2018-01-18 22:02 - 000000000 ____D C:\ProgramData\2a787113eb3f4b0dbaa5edb16a1dc14f 2018-01-18 18:42 - 2018-01-18 19:23 - 000000000 ____D C:\WINDOWS\Minidump 2018-01-18 18:40 - 2018-01-18 22:29 - 000000000 ___HD C:\WINDOWS\rss 2018-01-18 18:40 - 2018-01-18 19:02 - 000914920 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys.0000d447 2018-01-18 18:40 - 2018-01-18 18:48 - 000914920 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys.00013f75 2018-01-18 18:40 - 2018-01-18 18:46 - 000000258 __RSH C:\Users\tysto\ntuser.pol 2018-01-18 18:40 - 2018-01-18 18:43 - 000016816 _____ C:\WINDOWS\System32\Tasks\Adobe IW Scopo 2018-01-18 18:40 - 2018-01-18 18:40 - 000015360 _____ (Hewlett-Packard) C:\Users\tysto\AppData\Roaming\xtexCalculator.exe 2018-01-18 18:40 - 2018-01-18 18:40 - 000002128 _____ C:\Users\tysto\AppData\Roaming\Microsoft\Windows\Start Menu\xtexCalculator.lnk 2018-01-18 18:40 - 2018-01-18 18:40 - 000000000 ____D C:\WINDOWS\system32\sstmp 2018-01-18 18:40 - 2018-01-18 18:40 - 000000000 ____D C:\Users\tysto\AppData\Roaming\System Native 2018-01-18 18:40 - 2018-01-18 18:40 - 000000000 ____D C:\ProgramData\jetmedia 2018-01-18 18:39 - 2018-01-18 22:02 - 000000000 ____D C:\ProgramData\096e78e6b78d46248156a80a27ebe474 2018-01-18 18:39 - 2018-01-18 18:39 - 000140800 _____ C:\Users\tysto\AppData\Local\installer.dat 2018-01-18 18:36 - 2018-01-20 23:07 - 000000000 ____D C:\Users\tysto\AppData\Local\spedrlg 2018-01-18 18:33 - 2018-01-20 23:09 - 000000000 ____D C:\Users\tysto\AppData\Local\avaorlt 2018-01-18 18:33 - 2018-01-18 22:36 - 000000000 ____D C:\Users\tysto\AppData\Local\codwpnv 2018-01-18 18:32 - 2018-01-20 22:33 - 002888192 _____ (TOSHIBA CORPORATION) C:\WINDOWS\system32\svolrhbsvc.exe 2018-01-18 18:32 - 2018-01-18 18:32 - 000016884 _____ C:\WINDOWS\System32\Tasks\FarTister for SketchUtile 2018-01-18 18:31 - 2018-01-18 23:33 - 000000000 ___HD C:\Program Files (x86)\undermanned 2018-01-18 18:31 - 2018-01-18 22:41 - 000000000 ___HD C:\Program Files (x86)\Figuration 2018-01-18 18:31 - 2018-01-18 22:02 - 000000000 ____D C:\ProgramData\4a48fe8d70364b3eaf657c36907c7f6d 2018-01-18 18:31 - 2018-01-18 22:01 - 000000000 ____D C:\ProgramData\e287d870a6e44daebe9faf1d5e02d955 2018-01-18 18:31 - 2018-01-18 19:20 - 000003836 _____ C:\WINDOWS\System32\Tasks\NativeDisplayMediaServiceUpdater 2018-01-18 18:31 - 2018-01-18 19:20 - 000003596 _____ C:\WINDOWS\System32\Tasks\Checker64 2018-01-18 18:31 - 2018-01-18 18:31 - 000000000 ____D C:\WINDOWS\SysWOW64\widtxzc 2018-01-18 18:31 - 2018-01-18 18:31 - 000000000 ____D C:\WINDOWS\system32\widtxzc 2018-01-18 18:31 - 2018-01-18 18:31 - 000000000 ____D C:\Users\tysto\AppData\Roaming\jetmedia 2018-01-18 18:31 - 2018-01-18 18:31 - 000000000 ____D C:\Users\tysto\AppData\Roaming\et 2018-01-18 18:28 - 2018-01-18 18:28 - 001350144 _____ C:\WINDOWS\27a09f4cf3d2076f4d01b901f65804eb.dll 2018-01-18 18:28 - 2018-01-18 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL 2018-01-18 01:59 - 2018-01-18 01:59 - 000051633 _____ C:\WINDOWS\uninstaller.dat 2018-01-18 01:59 - 2018-01-18 01:59 - 000014040 _____ C:\WINDOWS\system32\Drivers\0e992d9b571c7ac7b3fa631e47648101.sys 2018-01-14 22:05 - 2018-01-14 22:05 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-01-14 22:05 - 2018-01-03 18:01 - 000137528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2018-01-14 22:05 - 2017-11-02 14:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll 2018-01-14 22:05 - 2017-11-02 14:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2018-01-14 22:05 - 2017-11-02 14:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2018-01-14 22:05 - 2017-11-02 14:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe 2018-01-14 22:04 - 2018-01-14 22:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2018-01-14 22:01 - 2018-01-03 19:44 - 040269624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 035179080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 019796520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 013430632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 011015584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 010900432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 004306736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 003707888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001975184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439065.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439065.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001334624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001134952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001125960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001053768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001049296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000988656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000616248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2018-01-14 22:01 - 2018-01-03 19:44 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2018-01-14 21:56 - 2018-01-15 21:54 - 000000000 ____D C:\Users\tysto\ansel 2018-01-14 21:56 - 2018-01-14 21:56 - 000001488 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2018-01-11 16:57 - 2018-01-11 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2018-01-11 16:57 - 2018-01-11 16:57 - 000000000 ____D C:\Fraps 2018-01-11 16:43 - 2018-01-11 16:43 - 000000952 _____ C:\Users\Public\Desktop\EFASS NG.lnk 2018-01-11 16:43 - 2018-01-11 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EFASS 2018-01-11 16:41 - 2018-01-11 16:41 - 000000000 ____D C:\Users\tysto\Documents\Froom 2018-01-10 20:38 - 2018-01-09 18:36 - 000000234 ___SH C:\Users\Public\Libraries.ini 2018-01-09 22:23 - 2018-01-09 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2018-01-09 21:44 - 2018-01-09 21:46 - 026485308 _____ C:\Users\tysto\Documents\Caleb prone clip.mp4 2018-01-07 21:06 - 2018-01-07 21:06 - 000000000 ____D C:\ProgramData\Unknown Worlds 2018-01-07 21:05 - 2018-01-07 21:05 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Steam 2018-01-07 21:05 - 2018-01-07 21:05 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\Unknown Worlds 2018-01-07 20:50 - 2018-01-07 20:50 - 000000000 ____D C:\Users\tysto\Documents\Stranded Deep 2018-01-07 20:50 - 2018-01-07 20:50 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\Beam Team Games 2018-01-07 15:37 - 2018-01-07 15:37 - 000000059 _____ C:\Users\tysto\AppData\Local\x-plane_install_11.txt 2018-01-07 14:33 - 2018-01-07 14:33 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-01-07 14:33 - 2018-01-07 14:33 - 000000000 ____D C:\Program Files\Realtek 2018-01-07 14:32 - 2017-06-29 18:55 - 013122576 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 012988336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 006410088 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 005938904 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 005593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 003092336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 002190976 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000923736 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000677664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000525768 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000088312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2018-01-07 14:32 - 2017-06-29 18:55 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 010536152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 004059960 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 002291304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001422920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001334376 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001213656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 001166152 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000999848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000514520 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000500552 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000428224 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000330552 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll 2018-01-07 14:32 - 2017-06-29 18:54 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2018-01-07 14:32 - 2017-06-29 18:53 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2018-01-07 14:32 - 2017-06-29 18:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2018-01-07 14:32 - 2017-06-29 18:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2018-01-07 14:32 - 2017-06-29 18:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2018-01-07 14:32 - 2017-06-29 18:52 - 002110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll 2018-01-07 14:32 - 2017-06-29 18:52 - 000574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2018-01-07 14:32 - 2017-06-29 18:52 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2018-01-07 14:32 - 2017-06-29 18:52 - 000118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2018-01-07 14:32 - 2017-06-29 18:51 - 014057248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 002050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 001186832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 001133064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 001003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 000931616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 000378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll 2018-01-07 14:32 - 2017-06-29 18:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2018-01-07 14:32 - 2017-06-29 18:50 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2018-01-07 14:32 - 2017-06-29 18:50 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2018-01-07 14:32 - 2017-06-29 18:50 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll 2018-01-07 14:32 - 2017-06-29 03:05 - 012334923 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2018-01-07 14:32 - 2017-06-29 03:05 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat 2018-01-07 14:32 - 2017-06-29 03:05 - 001920870 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat 2018-01-07 14:30 - 2018-01-07 14:30 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-01-07 11:13 - 2018-01-07 11:13 - 000000000 ____D C:\Users\tysto\Desktop\vbc 2018-01-07 11:13 - 2014-09-02 17:01 - 000041192 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_cable64_win7.sys 2018-01-07 11:07 - 2018-01-07 11:07 - 000041192 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_vmauxvaio64_win7.sys 2018-01-07 11:01 - 2018-01-20 15:06 - 000034116 _____ C:\Users\tysto\AppData\Roaming\VoiceMeeterDefault.xml 2018-01-07 10:48 - 2018-01-07 11:07 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2018-01-07 10:48 - 2018-01-07 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2018-01-07 10:48 - 2018-01-07 10:48 - 000041192 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_vmvaio64_win7.sys 2018-01-07 10:36 - 2018-01-07 10:36 - 000001464 _____ C:\Users\tysto\Desktop\JSGME.exe - Shortcut.lnk 2018-01-07 10:35 - 2018-01-07 10:35 - 000000000 ____D C:\Program Files (x86)\JSGME 2018-01-07 09:36 - 2018-01-07 09:37 - 000000000 ____D C:\Users\tysto\AppData\Roaming\JetBrains 2018-01-07 09:36 - 2018-01-07 09:36 - 000000000 ____D C:\Users\tysto\.PyCharm2017.1 2018-01-07 09:32 - 2018-01-07 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2018-01-07 09:32 - 2018-01-07 09:32 - 000000000 ____D C:\Program Files\JetBrains 2018-01-07 09:24 - 2018-01-07 09:38 - 000000000 ____D C:\Users\tysto\Desktop\Python 2018-01-07 09:10 - 2018-01-07 09:10 - 000000000 ____D C:\Python 2018-01-07 09:10 - 2018-01-07 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.6 2018-01-07 09:09 - 2018-01-07 09:09 - 000000000 ____D C:\Users\tysto\.idlerc 2018-01-07 09:03 - 2018-01-07 09:03 - 000000000 ____D C:\Users\tysto\AppData\Local\Package Cache 2018-01-04 12:17 - 2018-01-04 12:17 - 000000000 ____D C:\WINDOWS\Panther 2018-01-03 14:16 - 2018-01-03 14:24 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\VRChat 2018-01-03 14:16 - 2018-01-03 14:16 - 000000000 ____D C:\ProgramData\.mono 2018-01-02 22:31 - 2018-01-02 22:31 - 000000000 ____D C:\Users\tysto\.TeamSpeak 3 2018-01-02 22:09 - 2018-01-02 22:09 - 000000000 ____D C:\WINDOWS\ShellNew 2018-01-02 22:09 - 2018-01-02 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2018-01-02 21:59 - 2018-01-02 21:59 - 000000000 ____D C:\Users\tysto\Naturalsoft 2018-01-02 21:53 - 2018-01-17 09:59 - 000000000 ____D C:\Users\tysto\AppData\Local\ElevatedDiagnostics 2018-01-02 21:32 - 2018-01-02 21:32 - 000001566 _____ C:\Users\tysto\Desktop\VoiceAttack.lnk 2018-01-02 15:48 - 2018-01-02 15:48 - 000000000 ____D C:\Users\tysto\AppData\Roaming\NaturalPoint 2018-01-02 15:24 - 2018-01-02 15:24 - 000002192 _____ C:\Users\Public\Desktop\TrackIR v5.lnk 2018-01-02 15:24 - 2018-01-02 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackIR v5 2018-01-02 15:24 - 2018-01-02 15:24 - 000000000 ____D C:\Program Files (x86)\NaturalPoint 2018-01-01 19:53 - 2018-01-01 19:53 - 000000044 _____ C:\Users\tysto\Documents\ts reckey.txt 2018-01-01 19:51 - 2018-01-20 12:16 - 000000000 ____D C:\Users\tysto\AppData\Roaming\TS3Client 2018-01-01 02:57 - 2018-01-01 02:58 - 000000000 ____D C:\Users\tysto\Desktop\HourBoostr 2017-12-29 17:07 - 2017-12-29 17:07 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\82 Apps 2017-12-28 17:41 - 2018-01-11 16:41 - 000000000 ____D C:\Users\tysto\AppData\Roaming\VoiceAttack 2017-12-28 17:31 - 2017-12-29 12:30 - 000000000 ____D C:\Users\tysto\AppData\Local\VoiceAttack.com 2017-12-28 15:49 - 2017-12-27 20:24 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe 2017-12-28 13:17 - 2018-01-02 16:47 - 000000000 ____D C:\Users\tysto\AppData\Local\Arma 3 2017-12-28 13:17 - 2017-12-28 14:40 - 000000000 ____D C:\Users\tysto\Documents\Arma 3 2017-12-28 13:17 - 2017-12-28 13:17 - 000000000 ____D C:\ProgramData\Bohemia Interactive 2017-12-28 08:42 - 2018-01-02 17:22 - 000000000 ____D C:\Users\tysto\AppData\Local\Arma 3 Launcher 2017-12-28 08:42 - 2017-12-28 08:42 - 000000000 ____D C:\Users\tysto\AppData\Local\Bohemia_Interactive 2017-12-27 22:40 - 2017-12-27 22:41 - 000002041 _____ C:\Users\Public\Desktop\DCS World.lnk 2017-12-27 21:08 - 2017-12-27 21:08 - 000000000 ____D C:\Users\tysto\AppData\Local\DCS.openalpha 2017-12-27 19:21 - 2017-12-27 22:41 - 000000000 ____D C:\Program Files\Eagle Dynamics 2017-12-27 19:18 - 2017-12-27 19:19 - 000000124 _____ C:\Users\tysto\Desktop\keys.txt 2017-12-26 22:30 - 2017-12-26 22:30 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Thrustmaster 2017-12-26 22:27 - 2017-12-26 22:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TmHid_01009.Wdf 2017-12-26 22:27 - 2011-01-26 16:04 - 000055296 _____ (Guillemot Corporation) C:\WINDOWS\SysWOW64\TmClass.dll 2017-12-26 22:27 - 2011-01-26 16:04 - 000055296 _____ (Guillemot Corporation) C:\WINDOWS\system32\TmClass.dll 2017-12-26 22:27 - 2011-01-26 16:04 - 000030208 _____ (Guillemot Corporation) C:\WINDOWS\SysWOW64\Drivers\TmBusEn.sys 2017-12-26 22:27 - 2011-01-26 16:04 - 000030208 _____ (Guillemot Corporation) C:\WINDOWS\system32\Drivers\TmBusEn.sys 2017-12-26 22:27 - 2011-01-26 16:04 - 000024704 _____ (Guillemot Corporation) C:\WINDOWS\SysWOW64\Drivers\TmHid.sys 2017-12-26 22:27 - 2011-01-26 16:04 - 000024704 _____ (Guillemot Corporation) C:\WINDOWS\system32\Drivers\TmHid.sys 2017-12-26 22:27 - 2011-01-26 16:04 - 000024576 _____ (Guillemot Corporation) C:\WINDOWS\SysWOW64\Drivers\TmFilter.sys 2017-12-26 22:27 - 2011-01-26 16:04 - 000024576 _____ (Guillemot Corporation) C:\WINDOWS\system32\Drivers\TmFilter.sys 2017-12-26 22:27 - 2009-07-14 13:21 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2017-12-26 22:26 - 2017-12-26 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster 2017-12-26 22:26 - 2017-12-26 22:27 - 000000000 ____D C:\Program Files (x86)\Thrustmaster 2017-12-26 22:26 - 2017-09-07 15:05 - 000258560 _____ (Thrustmaster) C:\WINDOWS\SysWOW64\tmffbcpl.dll 2017-12-26 22:26 - 2017-09-07 14:44 - 000300032 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbcpl.dll 2017-12-26 22:26 - 2015-07-16 16:38 - 000041472 _____ (Thrustmaster) C:\WINDOWS\system32\tmffbdrv.dll 2017-12-26 22:26 - 2015-07-16 16:38 - 000035840 _____ (Thrustmaster) C:\WINDOWS\SysWOW64\tmffbdrv.dll 2017-12-26 01:19 - 2017-12-26 01:19 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Apple Computer 2017-12-26 01:09 - 2017-12-26 01:09 - 000000334 _____ C:\hiberfil.sys - Shortcut.lnk 2017-12-24 10:36 - 2017-12-24 10:36 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\Hinterland 2017-12-24 10:36 - 2017-12-24 10:36 - 000000000 ____D C:\Users\tysto\AppData\Local\Hinterland 2017-12-24 10:36 - 2017-12-24 10:36 - 000000000 ____D C:\ProgramData\Steam 2017-12-24 10:34 - 2017-12-24 15:44 - 000000000 ____D C:\Users\tysto\AppData\Local\Warframe 2017-12-23 19:37 - 2017-12-23 19:37 - 000000000 ____D C:\Users\tysto\AppData\Local\Stefan_Jones 2017-12-23 19:33 - 2017-12-23 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteamTool 2017-12-23 16:23 - 2017-12-23 16:23 - 000000072 ___SH C:\bootTel.dat 2017-12-23 09:26 - 2017-12-23 09:26 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Seeing Machines 2017-12-23 09:26 - 2017-12-23 09:26 - 000000000 ____D C:\ProgramData\Seeing Machines 2017-12-23 09:19 - 2017-12-23 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VJoy Virtual Joystick Driver 2017-12-23 09:19 - 2017-12-23 09:19 - 000000000 ____D C:\Program Files (x86)\VJoy Virtual Joystick Driver 2017-12-23 09:19 - 2017-12-23 09:19 - 000000000 ____D C:\Program Files (x86)\Abbequerque Inc 2017-12-22 18:10 - 2017-07-19 11:16 - 000045752 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys 2017-12-22 17:00 - 2017-12-28 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoiceAttack 2017-12-22 17:00 - 2017-12-22 17:00 - 000000000 ____D C:\Program Files (x86)\VoiceAttack 2017-12-22 16:34 - 2017-12-08 00:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2017-12-22 16:34 - 2017-12-07 17:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-12-22 16:34 - 2017-12-07 17:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-12-22 16:34 - 2017-12-07 17:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-12-22 16:34 - 2017-12-07 17:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-12-22 16:34 - 2017-12-07 16:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-12-22 16:34 - 2017-12-07 16:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-12-22 16:34 - 2017-12-07 16:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-12-22 16:34 - 2017-12-07 16:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-12-22 16:34 - 2017-12-07 16:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-12-22 16:34 - 2017-12-07 16:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-12-22 16:34 - 2017-12-07 16:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-12-22 16:34 - 2017-12-07 16:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-12-22 16:34 - 2017-12-07 16:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-12-22 16:34 - 2017-12-07 16:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-12-22 16:34 - 2017-12-07 16:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-12-22 16:34 - 2017-12-07 16:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-12-22 16:34 - 2017-12-07 16:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-12-22 16:34 - 2017-12-07 16:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-12-22 16:34 - 2017-12-07 16:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-12-22 16:34 - 2017-12-07 16:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-12-22 16:34 - 2017-12-07 16:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-12-22 16:34 - 2017-12-07 16:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-12-22 16:34 - 2017-12-07 16:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-12-22 16:34 - 2017-12-07 16:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-12-22 16:34 - 2017-12-07 16:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-12-22 16:34 - 2017-12-07 15:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-12-22 16:34 - 2017-12-07 15:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-12-22 16:34 - 2017-12-07 15:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-12-22 16:34 - 2017-12-07 15:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-12-22 16:34 - 2017-12-07 15:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-12-22 16:34 - 2017-12-07 15:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-12-22 16:34 - 2017-12-07 15:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-12-22 16:34 - 2017-11-26 14:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2017-12-22 16:34 - 2017-11-26 10:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2017-12-22 16:34 - 2017-11-26 07:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-12-22 16:34 - 2017-11-26 07:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-12-22 16:34 - 2017-11-26 07:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-12-22 16:34 - 2017-11-26 07:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-12-22 16:34 - 2017-11-26 07:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-12-22 16:34 - 2017-11-26 07:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-12-22 16:34 - 2017-11-26 07:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-12-22 16:34 - 2017-11-26 07:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-12-22 16:34 - 2017-11-26 07:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-12-22 16:34 - 2017-11-26 07:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-12-22 16:34 - 2017-11-26 07:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-12-22 16:34 - 2017-11-26 06:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2017-12-22 16:34 - 2017-11-26 06:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-12-22 16:34 - 2017-11-26 06:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-12-22 16:34 - 2017-11-26 06:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-12-22 16:34 - 2017-11-26 06:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-12-22 16:34 - 2017-11-26 06:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-12-22 16:34 - 2017-11-26 05:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-12-22 16:34 - 2017-11-26 05:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-12-22 16:34 - 2017-11-26 05:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-12-22 16:34 - 2017-11-26 05:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-12-22 16:34 - 2017-11-26 05:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-12-22 16:34 - 2017-11-26 04:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-12-22 16:33 - 2017-12-07 17:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-12-22 16:33 - 2017-12-07 17:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-12-22 16:33 - 2017-12-07 17:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2017-12-22 16:33 - 2017-12-07 17:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-12-22 16:33 - 2017-12-07 17:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-12-22 16:33 - 2017-12-07 17:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll 2017-12-22 16:33 - 2017-12-07 17:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2017-12-22 16:33 - 2017-12-07 17:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-12-22 16:33 - 2017-12-07 17:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-12-22 16:33 - 2017-12-07 17:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-12-22 16:33 - 2017-12-07 17:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-12-22 16:33 - 2017-12-07 17:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2017-12-22 16:33 - 2017-12-07 17:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2017-12-22 16:33 - 2017-12-07 17:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2017-12-22 16:33 - 2017-12-07 17:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-12-22 16:33 - 2017-12-07 17:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-12-22 16:33 - 2017-12-07 17:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-12-22 16:33 - 2017-12-07 17:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-12-22 16:33 - 2017-12-07 17:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-12-22 16:33 - 2017-12-07 17:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-12-22 16:33 - 2017-12-07 17:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-12-22 16:33 - 2017-12-07 17:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2017-12-22 16:33 - 2017-12-07 17:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-12-22 16:33 - 2017-12-07 17:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-12-22 16:33 - 2017-12-07 17:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-12-22 16:33 - 2017-12-07 17:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-12-22 16:33 - 2017-12-07 17:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2017-12-22 16:33 - 2017-12-07 17:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-12-22 16:33 - 2017-12-07 17:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2017-12-22 16:33 - 2017-12-07 17:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-12-22 16:33 - 2017-12-07 16:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-12-22 16:33 - 2017-12-07 16:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-12-22 16:33 - 2017-12-07 16:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-12-22 16:33 - 2017-12-07 16:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-12-22 16:33 - 2017-12-07 16:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-12-22 16:33 - 2017-12-07 16:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-12-22 16:33 - 2017-12-07 16:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll 2017-12-22 16:33 - 2017-12-07 16:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-12-22 16:33 - 2017-12-07 16:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-12-22 16:33 - 2017-12-07 16:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-12-22 16:33 - 2017-12-07 16:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2017-12-22 16:33 - 2017-12-07 16:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-12-22 16:33 - 2017-12-07 16:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-12-22 16:33 - 2017-12-07 16:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-12-22 16:33 - 2017-12-07 16:29 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterShim.dll 2017-12-22 16:33 - 2017-12-07 16:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-12-22 16:33 - 2017-12-07 16:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2017-12-22 16:33 - 2017-12-07 16:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2017-12-22 16:33 - 2017-12-07 16:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-12-22 16:33 - 2017-12-07 16:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx 2017-12-22 16:33 - 2017-12-07 16:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-12-22 16:33 - 2017-12-07 16:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-12-22 16:33 - 2017-12-07 16:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll 2017-12-22 16:33 - 2017-12-07 16:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2017-12-22 16:33 - 2017-12-07 16:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe 2017-12-22 16:33 - 2017-12-07 16:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe 2017-12-22 16:33 - 2017-12-07 16:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll 2017-12-22 16:33 - 2017-12-07 16:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-12-22 16:33 - 2017-12-07 16:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2017-12-22 16:33 - 2017-12-07 16:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-12-22 16:33 - 2017-12-07 16:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll 2017-12-22 16:33 - 2017-12-07 16:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-12-22 16:33 - 2017-12-07 16:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-12-22 16:33 - 2017-12-07 16:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll 2017-12-22 16:33 - 2017-12-07 16:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-22 16:33 - 2017-12-07 16:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2017-12-22 16:33 - 2017-12-07 16:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2017-12-22 16:33 - 2017-12-07 16:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-12-22 16:33 - 2017-12-07 16:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-12-22 16:33 - 2017-12-07 16:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-12-22 16:33 - 2017-12-07 16:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll 2017-12-22 16:33 - 2017-12-07 16:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe 2017-12-22 16:33 - 2017-12-07 16:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2017-12-22 16:33 - 2017-12-07 16:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2017-12-22 16:33 - 2017-12-07 16:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2017-12-22 16:33 - 2017-12-07 16:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2017-12-22 16:33 - 2017-12-07 16:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-12-22 16:33 - 2017-12-07 16:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll 2017-12-22 16:33 - 2017-12-07 16:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-12-22 16:33 - 2017-12-07 16:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-12-22 16:33 - 2017-12-07 16:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-12-22 16:33 - 2017-12-07 16:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-12-22 16:33 - 2017-12-07 16:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2017-12-22 16:33 - 2017-12-07 16:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-12-22 16:33 - 2017-12-07 16:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-12-22 16:33 - 2017-12-07 16:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-12-22 16:33 - 2017-12-07 16:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2017-12-22 16:33 - 2017-12-07 16:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-12-22 16:33 - 2017-12-07 15:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-12-22 16:33 - 2017-12-07 15:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-12-22 16:33 - 2017-12-07 15:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2017-12-22 16:33 - 2017-12-07 15:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-12-22 16:33 - 2017-12-07 15:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-12-22 16:33 - 2017-12-07 15:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-12-22 16:33 - 2017-12-07 15:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-12-22 16:33 - 2017-12-07 15:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-12-22 16:33 - 2017-12-07 15:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-12-22 16:33 - 2017-12-07 15:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-12-22 16:33 - 2017-12-07 15:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-12-22 16:33 - 2017-11-26 14:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2017-12-22 16:33 - 2017-11-26 14:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2017-12-22 16:33 - 2017-11-26 07:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2017-12-22 16:33 - 2017-11-26 07:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-12-22 16:33 - 2017-11-26 07:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-12-22 16:33 - 2017-11-26 07:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-12-22 16:33 - 2017-11-26 07:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-12-22 16:33 - 2017-11-26 07:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-12-22 16:33 - 2017-11-26 07:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-12-22 16:33 - 2017-11-26 07:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-12-22 16:33 - 2017-11-26 07:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-12-22 16:33 - 2017-11-26 07:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2017-12-22 16:33 - 2017-11-26 07:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2017-12-22 16:33 - 2017-11-26 07:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-12-22 16:33 - 2017-11-26 07:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-12-22 16:33 - 2017-11-26 07:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-12-22 16:33 - 2017-11-26 07:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-12-22 16:33 - 2017-11-26 07:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-12-22 16:33 - 2017-11-26 07:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-12-22 16:33 - 2017-11-26 07:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2017-12-22 16:33 - 2017-11-26 07:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-12-22 16:33 - 2017-11-26 07:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-12-22 16:33 - 2017-11-26 07:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-12-22 16:33 - 2017-11-26 07:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-12-22 16:33 - 2017-11-26 07:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-12-22 16:33 - 2017-11-26 07:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-12-22 16:33 - 2017-11-26 07:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-12-22 16:33 - 2017-11-26 07:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-12-22 16:33 - 2017-11-26 07:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-12-22 16:33 - 2017-11-26 07:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-12-22 16:33 - 2017-11-26 07:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-12-22 16:33 - 2017-11-26 07:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-12-22 16:33 - 2017-11-26 07:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-12-22 16:33 - 2017-11-26 07:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-12-22 16:33 - 2017-11-26 07:21 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000669592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-12-22 16:33 - 2017-11-26 07:21 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-12-22 16:33 - 2017-11-26 07:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-12-22 16:33 - 2017-11-26 07:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-12-22 16:33 - 2017-11-26 06:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-12-22 16:33 - 2017-11-26 06:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-12-22 16:33 - 2017-11-26 06:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2017-12-22 16:33 - 2017-11-26 06:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-12-22 16:33 - 2017-11-26 06:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-12-22 16:33 - 2017-11-26 06:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll 2017-12-22 16:33 - 2017-11-26 06:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-12-22 16:33 - 2017-11-26 06:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-12-22 16:33 - 2017-11-26 06:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-12-22 16:33 - 2017-11-26 06:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-12-22 16:33 - 2017-11-26 06:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-12-22 16:33 - 2017-11-26 06:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2017-12-22 16:33 - 2017-11-26 06:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-12-22 16:33 - 2017-11-26 06:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll 2017-12-22 16:33 - 2017-11-26 06:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-12-22 16:33 - 2017-11-26 06:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll 2017-12-22 16:33 - 2017-11-26 06:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-12-22 16:33 - 2017-11-26 06:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2017-12-22 16:33 - 2017-11-26 06:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll 2017-12-22 16:33 - 2017-11-26 06:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-12-22 16:33 - 2017-11-26 06:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-12-22 16:33 - 2017-11-26 06:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2017-12-22 16:33 - 2017-11-26 06:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll 2017-12-22 16:33 - 2017-11-26 06:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-12-22 16:33 - 2017-11-26 06:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2017-12-22 16:33 - 2017-11-26 06:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll 2017-12-22 16:33 - 2017-11-26 06:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2017-12-22 16:33 - 2017-11-26 06:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll 2017-12-22 16:33 - 2017-11-26 06:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-12-22 16:33 - 2017-11-26 06:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-12-22 16:33 - 2017-11-26 06:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-12-22 16:33 - 2017-11-26 06:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-12-22 16:33 - 2017-11-26 06:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-12-22 16:33 - 2017-11-26 06:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll 2017-12-22 16:33 - 2017-11-26 06:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-12-22 16:33 - 2017-11-26 06:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-12-22 16:33 - 2017-11-26 06:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-12-22 16:33 - 2017-11-26 06:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-12-22 16:33 - 2017-11-26 06:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll 2017-12-22 16:33 - 2017-11-26 06:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-12-22 16:33 - 2017-11-26 06:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-12-22 16:33 - 2017-11-26 06:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-12-22 16:33 - 2017-11-26 06:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-12-22 16:33 - 2017-11-26 06:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-12-22 16:33 - 2017-11-26 06:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-12-22 16:33 - 2017-11-26 06:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-12-22 16:33 - 2017-11-26 06:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-12-22 16:33 - 2017-11-26 06:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-12-22 16:33 - 2017-11-26 06:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-12-22 16:33 - 2017-11-26 06:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-12-22 16:33 - 2017-11-26 05:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-12-22 16:33 - 2017-11-26 05:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-12-22 16:33 - 2017-11-26 05:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2017-12-22 16:33 - 2017-11-26 05:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2017-12-22 16:33 - 2017-11-26 05:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll 2017-12-22 16:33 - 2017-11-26 05:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2017-12-22 16:33 - 2017-11-26 05:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2017-12-22 16:33 - 2017-11-26 05:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-12-22 16:33 - 2017-11-26 05:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-12-22 16:33 - 2017-11-26 05:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll 2017-12-22 16:33 - 2017-11-26 05:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-12-22 16:33 - 2017-11-26 05:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-12-22 16:33 - 2017-11-26 05:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-12-22 16:33 - 2017-11-26 04:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-12-22 16:33 - 2017-11-26 04:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-12-22 16:33 - 2017-11-26 04:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-12-22 16:33 - 2017-11-26 04:57 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-12-22 16:33 - 2017-11-26 04:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-12-22 16:33 - 2017-11-26 04:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-12-22 16:33 - 2017-11-26 04:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2017-12-22 16:33 - 2017-11-26 04:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-12-22 16:33 - 2017-11-26 04:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2017-12-22 16:33 - 2017-11-26 04:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-12-22 16:33 - 2017-11-26 04:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-12-22 16:33 - 2017-11-26 04:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-12-22 16:33 - 2017-11-26 04:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll 2017-12-22 16:33 - 2017-11-26 04:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-12-22 16:33 - 2017-11-26 04:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-12-22 16:33 - 2017-11-26 04:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-12-22 16:33 - 2017-11-26 04:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll 2017-12-22 16:33 - 2017-11-26 04:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-12-22 16:33 - 2017-11-26 04:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll 2017-12-22 16:33 - 2017-11-26 04:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-12-22 16:33 - 2017-11-26 04:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-12-22 16:33 - 2017-11-26 04:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll 2017-12-22 16:33 - 2017-11-26 04:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-12-22 16:33 - 2017-11-26 04:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-12-22 16:33 - 2017-11-26 04:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2017-12-22 16:33 - 2017-11-26 04:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-12-22 16:33 - 2017-11-26 04:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-12-22 16:33 - 2017-11-26 04:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-12-22 16:33 - 2017-11-26 04:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-12-22 16:33 - 2017-11-26 04:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-12-22 16:33 - 2017-11-26 04:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll 2017-12-22 16:33 - 2017-11-19 01:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll 2017-12-22 16:33 - 2017-11-18 20:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2017-12-21 21:39 - 2017-12-21 21:39 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Corsair 2017-12-21 21:39 - 2017-12-21 21:39 - 000000000 ____D C:\Users\tysto\AppData\Local\Corsair 2017-12-21 21:38 - 2017-12-21 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2017-12-21 17:59 - 2017-12-21 17:59 - 000105984 _____ (Beepa P/L) C:\WINDOWS\system32\frapsv64.dll 2017-12-21 17:59 - 2017-12-21 17:59 - 000094208 _____ (Beepa P/L) C:\WINDOWS\SysWOW64\frapsvid.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-01-20 22:53 - 2017-09-10 09:22 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Everything 2018-01-20 22:39 - 2017-12-01 16:43 - 002237532 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-20 22:33 - 2017-12-01 16:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-20 22:33 - 2017-12-01 16:34 - 000000000 ____D C:\Users\tysto 2018-01-20 22:33 - 2017-12-01 16:32 - 004924176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-20 22:33 - 2017-07-26 15:50 - 000000000 ____D C:\ProgramData\NVIDIA 2018-01-20 22:31 - 2017-11-27 22:08 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Origin 2018-01-20 22:31 - 2017-09-29 02:45 - 019398656 _____ C:\WINDOWS\system32\config\HARDWARE 2018-01-20 22:31 - 2017-09-29 02:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-01-20 22:31 - 2017-09-21 22:18 - 000000000 ____D C:\ProgramData\Origin 2018-01-20 22:31 - 2017-09-10 20:28 - 000000000 ____D C:\Users\tysto\AppData\Local\Everything 2018-01-20 22:31 - 2017-07-26 16:10 - 000000000 ____D C:\Program Files (x86)\Steam 2018-01-20 22:25 - 2017-12-01 16:38 - 000002862 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-tystoutme@gmail.com 2018-01-20 22:24 - 2017-12-01 16:35 - 000000000 ____D C:\Users\tysto\AppData\Local\Packages 2018-01-20 22:24 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-01-20 22:24 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-01-20 22:21 - 2017-12-01 16:38 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-01-20 21:34 - 2017-11-15 19:55 - 000000015 _____ C:\Users\tysto\AppData\Local\X-Plane_drm_11.prf 2018-01-20 20:52 - 2017-07-27 17:05 - 000000000 ____D C:\Users\tysto\AppData\Roaming\vlc 2018-01-20 18:53 - 2017-07-29 21:17 - 000000000 ____D C:\Users\tysto\AppData\Roaming\qBittorrent 2018-01-20 13:00 - 2017-12-01 16:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-01-20 12:46 - 2017-07-26 16:42 - 000000000 ____D C:\Users\tysto\AppData\Local\CrashDumps 2018-01-20 12:38 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-01-20 12:16 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF 2018-01-20 10:05 - 2017-11-16 18:43 - 000000000 ____D C:\Users\tysto\AppData\Local\Adobe 2018-01-19 23:02 - 2017-11-20 00:23 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-01-19 23:02 - 2017-11-20 00:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-01-18 23:38 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-18 23:04 - 2017-07-26 15:53 - 000000000 ____D C:\Users\tysto\AppData\Local\Google 2018-01-18 23:03 - 2017-07-26 15:54 - 000000000 ____D C:\Program Files (x86)\Google 2018-01-18 23:00 - 2017-12-01 16:38 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-01-18 23:00 - 2017-12-01 16:38 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-01-18 22:40 - 2017-07-26 16:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-18 22:36 - 2017-10-11 15:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-18 22:36 - 2017-07-26 16:56 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-01-18 22:03 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Adobe IW Scopo 2018-01-18 18:48 - 2017-12-02 21:09 - 000003848 __RSH C:\ProgramData\ntuser.pol 2018-01-18 18:40 - 2017-03-18 15:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-01-18 18:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-01-18 18:31 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Windows Portable Devices 2018-01-15 21:13 - 2017-07-28 15:40 - 000000000 ____D C:\Users\tysto\AppData\Local\Spotify 2018-01-15 21:13 - 2017-07-28 15:37 - 000000000 ____D C:\Users\tysto\AppData\Roaming\Spotify 2018-01-15 13:20 - 2017-07-26 15:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-01-14 22:16 - 2017-07-26 16:21 - 000000000 ____D C:\Users\tysto\AppData\Local\NVIDIA 2018-01-14 22:05 - 2017-07-26 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-01-14 22:05 - 2017-07-26 15:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-01-14 22:05 - 2017-07-26 15:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-01-14 21:56 - 2017-12-01 16:38 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-14 21:56 - 2017-12-01 16:38 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-01-10 22:28 - 2017-12-06 17:18 - 000000000 ____D C:\ProgramData\boost_interprocess 2018-01-09 22:22 - 2017-07-26 16:56 - 000000000 ____D C:\Users\tysto\AppData\Roaming\discord 2018-01-09 21:44 - 2017-12-03 10:29 - 000000000 ____D C:\Users\tysto\AppData\Roaming\VEGAS 2018-01-07 14:34 - 2017-08-17 11:48 - 000000000 ___HD C:\Program Files (x86)\Temp 2018-01-07 14:33 - 2017-08-17 11:52 - 000000000 ____D C:\WINDOWS\system32\DAX3 2018-01-07 14:33 - 2017-08-17 11:52 - 000000000 ____D C:\WINDOWS\system32\DAX2 2018-01-07 14:32 - 2017-01-08 15:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-01-07 14:09 - 2017-07-26 16:31 - 000000000 ____D C:\Users\tysto\AppData\Roaming\obs-studio 2018-01-07 13:12 - 2017-11-20 00:23 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\Mozilla 2018-01-07 11:07 - 2017-05-13 14:44 - 000000000 ____D C:\Program Files\VB 2018-01-07 09:03 - 2017-07-26 16:03 - 000000000 ____D C:\ProgramData\Package Cache 2018-01-05 15:24 - 2017-10-13 16:39 - 002425656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2018-01-05 15:24 - 2017-10-13 16:39 - 002090808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2018-01-05 15:24 - 2017-10-13 16:39 - 001310000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2018-01-05 10:00 - 2017-07-26 16:20 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2018-01-03 19:44 - 2017-12-16 14:42 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2018-01-03 19:44 - 2017-12-16 14:42 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2018-01-03 19:44 - 2017-11-30 19:09 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2018-01-03 19:44 - 2017-11-09 04:38 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2018-01-03 19:44 - 2017-11-09 04:38 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2018-01-03 19:44 - 2017-11-09 04:25 - 004580320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2018-01-03 19:44 - 2017-11-09 04:25 - 003893792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2018-01-03 19:44 - 2017-11-09 03:57 - 000048282 _____ C:\WINDOWS\system32\nvinfo.pb 2018-01-03 18:33 - 2017-10-13 16:39 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2018-01-03 17:50 - 2017-07-26 15:50 - 005951336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 002588232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 001768480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 000631880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2018-01-03 17:50 - 2017-07-26 15:50 - 000081992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2018-01-03 16:41 - 2017-08-13 17:11 - 000000000 ____D C:\Users\tysto\AppData\Roaming\.minecraft 2018-01-02 09:29 - 2017-09-03 07:11 - 000826608 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys 2018-01-01 19:26 - 2017-10-01 17:32 - 000002611 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2017-12-29 16:03 - 2017-11-27 16:59 - 000000000 ____D C:\Users\tysto\AppData\LocalLow\WebEx 2017-12-29 15:28 - 2017-11-27 17:00 - 000000000 ____D C:\Users\tysto\AppData\Roaming\webex 2017-12-28 15:18 - 2017-08-25 06:36 - 000000000 ____D C:\Users\tysto\AppData\Local\Ubisoft Game Launcher 2017-12-28 15:18 - 2017-07-26 16:30 - 000000000 ____D C:\Users\tysto\Documents\My Games 2017-12-27 22:35 - 2017-12-17 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eagle Dynamics 2017-12-26 13:43 - 2017-12-01 16:38 - 000003544 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily 2017-12-26 13:43 - 2017-12-01 16:38 - 000003408 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine 2017-12-26 13:43 - 2016-12-19 17:25 - 000000000 ____D C:\Program Files (x86)\Gyazo 2017-12-26 01:49 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\rescache 2017-12-26 01:14 - 2017-11-27 22:10 - 000000000 ____D C:\Program Files (x86)\Origin Games 2017-12-24 13:07 - 2017-07-26 15:50 - 007928821 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-12-24 02:21 - 2017-07-29 21:16 - 000000000 ____D C:\Users\tysto\AppData\Local\qBittorrent 2017-12-23 16:30 - 2017-12-02 21:11 - 000000000 ____D C:\Users\tysto\AppData\Local\PlaceholderTileLogoFolder 2017-12-23 13:04 - 2017-12-01 16:41 - 000000000 ___RD C:\Users\tysto\3D Objects 2017-12-23 13:04 - 2017-07-26 15:47 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-12-23 12:33 - 2017-09-29 08:42 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\TextInput 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Provisioning 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Windows Defender 2017-12-23 12:33 - 2017-09-29 07:46 - 000000000 ____D C:\PerfLogs 2017-12-23 12:33 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2017-12-23 09:26 - 2017-03-18 15:03 - 000000254 _____ C:\WINDOWS\win.ini 2017-12-22 16:35 - 2017-09-29 07:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-12-22 16:35 - 2017-09-29 07:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-12-22 16:35 - 2017-09-29 07:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-12-22 16:35 - 2017-09-29 07:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-12-22 15:12 - 2016-12-18 17:15 - 000000000 ____D C:\Program Files (x86)\Origin 2017-12-22 07:45 - 2017-09-29 07:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-12-22 07:45 - 2017-09-29 07:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2016-12-19 17:40 - 2009-10-23 23:00 - 005811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll 2017-11-23 09:59 - 2017-11-23 09:59 - 000000304 _____ () C:\Users\tysto\AppData\Roaming\OpenSceneryX Installer.plist 2018-01-07 11:01 - 2018-01-20 15:06 - 000034116 _____ () C:\Users\tysto\AppData\Roaming\VoiceMeeterDefault.xml 2018-01-18 18:40 - 2018-01-18 18:40 - 000015360 _____ (Hewlett-Packard) C:\Users\tysto\AppData\Roaming\xtexCalculator.exe 2018-01-18 18:39 - 2018-01-18 18:39 - 000140800 _____ () C:\Users\tysto\AppData\Local\installer.dat 2017-11-15 19:55 - 2018-01-20 21:34 - 000000015 _____ () C:\Users\tysto\AppData\Local\X-Plane_drm_11.prf 2018-01-07 15:37 - 2018-01-07 15:37 - 000000059 _____ () C:\Users\tysto\AppData\Local\x-plane_install_11.txt Some files in TEMP: ==================== 2018-01-20 22:14 - 2017-12-03 07:52 - 000389750 _____ () C:\Users\tysto\AppData\Local\Temp\WinRAR Patch Uninstaller.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed C:\WINDOWS\system32\drivers\wdhhkoru.sys -> Access Denied <======= ATTENTION LastRegBack: 2018-01-14 13:53 ==================== End of FRST.txt ============================
  5. Windows Log --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.56, January 2018 (build 5.56.14443.1) Started On Mon Jan 22 18:08:37 2018 Engine: 1.1.14405.2 Signatures: 1.259.631.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Jan 22 18:10:44 2018 Return code: 0 (0x0)
  6. Here's adwcleaner clean log # AdwCleaner 7.0.7.0 - Logfile created on Tue Jan 23 00:02:34 2018 # Updated on 2018/18/01 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\\rss ***** [ Files ] ***** Deleted: C:\Users\tysto\AppData\Roaming\\xtexCalculator.exe Deleted: C:\Users\tysto\AppData\Roaming\Microsoft\Windows\Start Menu\xtexCalculator.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\xs Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154} Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnonymizerGadget Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnonymizerGadget Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\FastDataX Deleted: [Key] - HKCU\Software\FastDataX Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameAsist 3.91 Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\APreSam Deleted: [Key] - HKCU\Software\Microsoft\APreSam Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\NSaveA Deleted: [Key] - HKCU\Software\Microsoft\NSaveA Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\PrAmNP Deleted: [Key] - HKCU\Software\Microsoft\PrAmNP Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\PrIncub Deleted: [Key] - HKCU\Software\Microsoft\PrIncub Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} Deleted: [Key] - HKU\S-1-5-21-726553471-3273426182-1616091258-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [3576 B] - [2018/1/23 0:2:5] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
  7. Here's Malwarebytes log Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/22/18 Scan Time: 5:49 PM Log File: ec5366ba-ffce-11e7-9c79-9c5c8e887b35.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3757 License: Trial -System Information- OS: Windows 10 (Build 16299.192) CPU: x64 File System: NTFS User: DESKTOP-7VB8AM9\tysto -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 319986 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 4 min, 52 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 1 PUP.Optional.MainServices, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7C10D314-58A5-4CB6-9E3C-1ADDA652ED0C}, Quarantined, [7546], [480929],1.0.3757 Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  8. Get some sleep! Your life is a priortity over this, don't worry. The original logs have C:\ as the SSD, but in the new logs, G:\ is the SSD. I need to scan G:\ now, which I originally thought was a whole different drive. Not sure why the letters switched, but oh well. Will get back to you.
  9. I'm not sure, then. Smartservice is definitely still there. Task Manager picture attached.
  10. FRST scanned F:\. Reformatted and tried to scan C:\. It offered to scan F:\, I said no. Then it offered to scan G:\, my external HDD, so I said no. It then took me straight to FRST which I'm assuming means it was on C:\, so I scanned it. 2 files attached. FRST (F).txt FRST(Maybe C).txt
  11. Quick question. Whenever I boot from C:\, my primary SSD and OS, my internal HDD is named F:\. When I boot from F:\, it is an OS from before I got an SSD, and the SSD is named F:\ with the HDD being C:\. I used some third party software to basically copy and move my files and OS to my SSD. If I boot from C:\ and use FRST, would the drive letters remain the same? FRST states that I have multiple OS and offers to scan C:\ or F:\. I can't tell which is which so I'm worried I just gave you two F:\ logs, which won't have the infection. That probably makes no sense and is hard to understand so I'm sorry for the confusion.
  12. Two OSs. That's very strange. The infection seemed to be gone but is now back. I will run it one more time and see.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.