Jump to content

Possible virus


Recommended Posts

I'm not sure what's going on here.

I turned on my computer tonight -- after a few days of being away -- and when I tried to link to workplace's web outlook account, I instead got redirected to lotame.com. I did some Google digging, and it appears that's been associated with malware in the past. When I tried to run Malwarebytes, it didn't automatically update virus definitions. I did it manually, and it didn't find anything. I rebooted my computer and everything went away. That's good but I'm kinda concerned that something may be lurking in the background. I've attached the logs. Can you see a problem here:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Mike (administrator) on DESKTOP-36966RJ (15-03-2016 23:35:11)
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike (Available Profiles: Mike)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\nacl64.exe
(Webroot) C:\ProgramData\WRData\PKG\npwebroot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-17] (Logitech Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2622432 2016-01-29] (Malwarebytes Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-1429111364-1358436674-1010729600-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-02-12]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{025a5f11-6f21-4265-9142-cf6afa6197cd}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-02-12] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2016-03-03] (Webroot)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-02-12] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2016-03-03] (Webroot)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-02-12] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-02-12] (Webroot)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-12]
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-12]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-12]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-12]
CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-12]
CHR Extension: (Google Play Music) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-03-10]
CHR Extension: (Google Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-12]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-12]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-03-10]
CHR Extension: (Webroot Password Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc [2016-02-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-12]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-12]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-08-18] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-17] (Logitech Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-10-24] (ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-02-12] (Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [45592 2016-03-03] (Webroot)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 23:35 - 2016-03-15 23:35 - 00016286 _____ C:\Users\Mike\Desktop\FRST.txt
2016-03-15 23:35 - 2016-03-15 23:35 - 00000000 ____D C:\FRST
2016-03-15 23:32 - 2016-03-15 23:35 - 02374144 _____ (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2016-03-15 23:32 - 2016-03-15 23:32 - 02374144 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2016-03-13 15:28 - 2016-03-13 15:28 - 00000000 ____D C:\ProgramData\LogiShrd
2016-03-13 15:27 - 2016-03-13 15:27 - 00000000 ____D C:\Users\Mike\AppData\Local\Logitech
2016-03-13 15:26 - 2016-03-13 15:26 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-03-13 15:26 - 2016-03-13 15:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Logitech
2016-03-13 15:26 - 2016-03-13 15:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Logishrd
2016-03-13 15:26 - 2016-03-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-03-13 15:26 - 2016-03-13 15:26 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-03-13 15:25 - 2016-03-13 15:26 - 111797776 _____ (Logitech Inc.) C:\Users\Mike\Downloads\LGS_8.81.15_x64_Logitech.exe
2016-03-13 08:26 - 2016-03-13 08:26 - 00000022 _____ C:\Windows\GPU-Z.INI
2016-03-13 08:21 - 2016-03-13 08:21 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-03-13 08:21 - 2016-03-13 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-13 08:21 - 2016-03-13 08:21 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-13 08:21 - 2016-03-08 01:05 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-13 08:21 - 2016-02-13 20:47 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-03-13 08:21 - 2016-02-13 20:46 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-03-13 08:21 - 2016-02-13 20:45 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-03-13 08:21 - 2016-02-13 20:45 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-03-13 08:20 - 2016-03-08 05:27 - 42968120 _____ C:\Windows\system32\nvcompiler.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 37609528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 22971960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 21322480 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 20863920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 18906048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 17732960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 17368424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 17325400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 17320280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 10547128 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 08657936 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 02613696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 02257344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00955328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00885184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00750016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00692160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00545632 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00346560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-13 08:20 - 2016-03-08 05:27 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-03-12 15:04 - 2016-03-12 16:33 - 01761049 _____ C:\Users\Mike\Documents\The Gender Wage Gap AI.pptx
2016-03-12 15:03 - 2016-03-12 15:04 - 01800020 _____ C:\Users\Mike\Downloads\The Gender Wage Gap Job Market.pptx
2016-03-09 13:22 - 2016-03-09 13:53 - 00019722 _____ C:\Users\Mike\Documents\enrollrates1910.dta
2016-03-08 23:46 - 2016-03-03 07:16 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436447.dll
2016-03-08 23:46 - 2016-03-03 07:16 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436447.dll
2016-03-08 23:46 - 2016-03-03 07:16 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-08 23:46 - 2016-03-03 07:16 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-08 21:47 - 2016-03-09 13:24 - 00000827 _____ C:\Users\Mike\Documents\first stage enrollment.do
2016-03-08 21:46 - 2016-03-08 21:54 - 00015343 _____ C:\Users\Mike\Documents\enrollment1910.dta
2016-03-08 15:55 - 2016-03-01 00:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-03-08 15:55 - 2016-03-01 00:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-03-08 15:55 - 2016-02-24 04:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-08 15:55 - 2016-02-24 04:51 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 15:55 - 2016-02-24 04:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-08 15:55 - 2016-02-24 04:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-03-08 15:55 - 2016-02-24 04:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-08 15:55 - 2016-02-24 03:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-08 15:55 - 2016-02-24 03:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-03-08 15:55 - 2016-02-24 03:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-03-08 15:55 - 2016-02-24 03:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-03-08 15:55 - 2016-02-24 03:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-03-08 15:55 - 2016-02-24 03:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-03-08 15:55 - 2016-02-24 03:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-03-08 15:55 - 2016-02-24 03:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-03-08 15:55 - 2016-02-24 02:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-03-08 15:55 - 2016-02-24 01:44 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-03-08 15:55 - 2016-02-24 01:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-03-08 15:55 - 2016-02-24 01:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-03-08 15:55 - 2016-02-24 01:39 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-03-08 15:55 - 2016-02-24 01:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-03-08 15:55 - 2016-02-24 01:11 - 03593216 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-08 15:55 - 2016-02-24 01:09 - 01443328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-03-08 15:55 - 2016-02-24 01:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-03-08 15:55 - 2016-02-24 01:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-03-08 15:55 - 2016-02-24 01:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-08 15:55 - 2016-02-24 01:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-03-08 15:55 - 2016-02-24 01:01 - 01831936 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-08 15:55 - 2016-02-24 01:00 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-08 15:55 - 2016-02-24 01:00 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-03-08 15:55 - 2016-02-24 00:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-03-08 15:55 - 2016-02-24 00:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-03-08 15:55 - 2016-02-24 00:20 - 22376960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-08 15:55 - 2016-02-24 00:18 - 18677760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-08 15:55 - 2016-02-24 00:12 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-08 15:55 - 2016-02-24 00:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-08 15:55 - 2016-02-24 00:10 - 24600576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-08 15:55 - 2016-02-24 00:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-08 15:55 - 2016-02-24 00:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-08 15:55 - 2016-02-24 00:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-08 15:55 - 2016-02-23 23:59 - 05661696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-08 15:55 - 2016-02-23 23:55 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-08 15:54 - 2016-02-24 04:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-08 15:54 - 2016-02-24 04:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-08 15:54 - 2016-02-24 04:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-08 15:54 - 2016-02-24 03:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 15:54 - 2016-02-24 03:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 15:54 - 2016-02-24 03:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-03-08 15:54 - 2016-02-24 03:39 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-08 15:54 - 2016-02-24 03:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-03-08 15:54 - 2016-02-24 03:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 15:54 - 2016-02-24 03:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-03-08 15:54 - 2016-02-24 03:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-08 15:54 - 2016-02-24 03:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-03-08 15:54 - 2016-02-24 03:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-08 15:54 - 2016-02-24 03:10 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-08 15:54 - 2016-02-24 03:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-08 15:54 - 2016-02-24 03:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-08 15:54 - 2016-02-24 02:59 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-08 15:54 - 2016-02-24 02:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-03-08 15:54 - 2016-02-24 02:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-03-08 15:54 - 2016-02-24 02:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-03-08 15:54 - 2016-02-24 02:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-03-08 15:54 - 2016-02-24 02:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-03-08 15:54 - 2016-02-24 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-03-08 15:54 - 2016-02-24 02:35 - 00540752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-08 15:54 - 2016-02-24 02:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-08 15:54 - 2016-02-24 02:35 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 15:54 - 2016-02-24 02:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-08 15:54 - 2016-02-24 02:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-08 15:54 - 2016-02-24 02:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-08 15:54 - 2016-02-24 02:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-03-08 15:54 - 2016-02-24 02:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-03-08 15:54 - 2016-02-24 02:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 15:54 - 2016-02-24 02:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-03-08 15:54 - 2016-02-24 02:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-03-08 15:54 - 2016-02-24 02:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-03-08 15:54 - 2016-02-24 02:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-03-08 15:54 - 2016-02-24 02:20 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-08 15:54 - 2016-02-24 02:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-03-08 15:54 - 2016-02-24 02:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 15:54 - 2016-02-24 02:15 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 15:54 - 2016-02-24 02:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-03-08 15:54 - 2016-02-24 02:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2016-03-08 15:54 - 2016-02-24 02:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-03-08 15:54 - 2016-02-24 02:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-03-08 15:54 - 2016-02-24 02:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-03-08 15:54 - 2016-02-24 02:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-03-08 15:54 - 2016-02-24 02:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-03-08 15:54 - 2016-02-24 02:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-03-08 15:54 - 2016-02-24 02:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-03-08 15:54 - 2016-02-24 02:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-08 15:54 - 2016-02-24 02:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-03-08 15:54 - 2016-02-24 02:01 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-08 15:54 - 2016-02-24 02:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-03-08 15:54 - 2016-02-24 02:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-03-08 15:54 - 2016-02-24 02:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-03-08 15:54 - 2016-02-24 01:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-03-08 15:54 - 2016-02-24 01:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-03-08 15:54 - 2016-02-24 01:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-03-08 15:54 - 2016-02-24 01:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-08 15:54 - 2016-02-24 01:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-03-08 15:54 - 2016-02-24 01:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-03-08 15:54 - 2016-02-24 01:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-03-08 15:54 - 2016-02-24 01:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-03-08 15:54 - 2016-02-24 01:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-03-08 15:54 - 2016-02-24 01:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-08 15:54 - 2016-02-24 01:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-08 15:54 - 2016-02-24 01:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-03-08 15:54 - 2016-02-24 01:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-03-08 15:54 - 2016-02-24 01:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-08 15:54 - 2016-02-24 01:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-08 15:54 - 2016-02-24 01:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 15:54 - 2016-02-24 01:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-03-08 15:54 - 2016-02-24 01:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-08 15:54 - 2016-02-24 01:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-03-08 15:54 - 2016-02-24 01:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-08 15:54 - 2016-02-24 01:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-03-08 15:54 - 2016-02-24 01:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-03-08 15:54 - 2016-02-24 01:43 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-03-08 15:54 - 2016-02-24 01:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-03-08 15:54 - 2016-02-24 01:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-03-08 15:54 - 2016-02-24 01:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 15:54 - 2016-02-24 01:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-08 15:54 - 2016-02-24 01:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-03-08 15:54 - 2016-02-24 01:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-03-08 15:54 - 2016-02-24 01:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-08 15:54 - 2016-02-24 01:34 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-08 15:54 - 2016-02-24 01:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-03-08 15:54 - 2016-02-24 01:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2016-03-08 15:54 - 2016-02-24 01:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-03-08 15:54 - 2016-02-24 01:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-03-08 15:54 - 2016-02-24 01:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-03-08 15:54 - 2016-02-24 01:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-03-08 15:54 - 2016-02-24 01:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-03-08 15:54 - 2016-02-24 01:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-08 15:54 - 2016-02-24 01:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-03-08 15:54 - 2016-02-24 01:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-03-08 15:54 - 2016-02-24 01:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-08 15:54 - 2016-02-24 01:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-03-08 15:54 - 2016-02-24 01:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-03-08 15:54 - 2016-02-24 01:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-03-08 15:54 - 2016-02-24 01:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-03-08 15:54 - 2016-02-24 01:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-03-08 15:54 - 2016-02-24 01:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-08 15:54 - 2016-02-24 01:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-03-08 15:54 - 2016-02-24 01:09 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-03-08 15:54 - 2016-02-24 01:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-03-08 15:54 - 2016-02-24 01:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-03-08 15:54 - 2016-02-24 01:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-03-08 15:54 - 2016-02-24 00:57 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-08 15:54 - 2016-02-24 00:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-03-08 15:54 - 2016-02-24 00:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-03-08 00:11 - 2016-03-08 00:12 - 00004963 _____ C:\Users\Mike\Documents\law rural skilled farmer same base dropped obs occ_controls quadratic.do
2016-03-08 00:02 - 2016-03-08 00:02 - 00004920 _____ C:\Users\Mike\Documents\law rural skilled farmer same base dropped obs occ_controls.do
2016-03-07 23:58 - 2016-03-08 00:18 - 00036512 _____ C:\Users\Mike\Documents\SchoolAccess_Tables_Controls 2.xlsx
2016-03-07 20:07 - 2016-03-09 13:53 - 00038116 _____ C:\Users\Mike\Documents\enroll rates fixed.xlsx
2016-03-05 19:40 - 2016-03-05 19:40 - 00000222 _____ C:\Users\Mike\Desktop\Grim Dawn.url
2016-03-05 17:49 - 2016-03-10 01:11 - 00027916 _____ C:\Users\Mike\Documents\SchoolAccess_chart_fixed.xlsx
2016-03-05 17:38 - 2016-03-05 17:38 - 00000294 _____ C:\Users\Mike\Documents\first stage test.do
2016-03-05 17:11 - 2016-03-05 17:13 - 00004920 _____ C:\Users\Mike\Documents\law rural skilled farmer same base dropped obs occ_countrols.do
2016-03-05 17:03 - 2016-03-06 23:02 - 00003719 _____ C:\Users\Mike\Documents\access compare individual groups dropped obs.do
2016-03-05 16:20 - 2016-03-05 21:45 - 00015968 _____ C:\Users\Mike\Downloads\tax rates fixed.xlsx
2016-03-04 20:30 - 2016-03-08 00:14 - 00003311 _____ C:\Users\Mike\Documents\access compare groups dropped obs.do
2016-03-04 20:12 - 2016-03-05 17:20 - 00003673 _____ C:\Users\Mike\Documents\access county chart dropped obs.do
2016-03-04 19:46 - 2016-03-04 19:46 - 00012258 _____ C:\Users\Mike\Documents\tax rates.xlsx
2016-03-04 19:22 - 2016-03-05 16:55 - 00004487 _____ C:\Users\Mike\Documents\law rural skilled farmer same base dropped obs.do
2016-03-04 19:21 - 2016-03-09 13:53 - 00006770 _____ C:\Users\Mike\Documents\taxratesstarted.dta
2016-03-04 18:54 - 2016-03-05 16:25 - 00000704 _____ C:\Users\Mike\Documents\taxratesetup.do
2016-03-04 18:45 - 2016-03-05 16:24 - 00005033 _____ C:\Users\Mike\Documents\taxrates.dta
2016-03-04 18:37 - 2016-03-04 19:45 - 00012262 _____ C:\Users\Mike\Downloads\tax rates.xlsx
2016-03-03 22:47 - 2016-03-07 01:07 - 00012708 _____ C:\Users\Mike\Documents\comparing DD groupings.xlsx
2016-03-03 15:14 - 2016-03-03 15:14 - 00005694 _____ C:\Users\Mike\Documents\law revenue rural RPC skilled farmer restricted.do
2016-03-03 15:10 - 2016-03-03 15:12 - 00004440 _____ C:\Users\Mike\Documents\law rural skilled farmer same base.do
2016-03-02 22:50 - 2016-03-05 17:39 - 00001722 _____ C:\Users\Mike\Documents\Trends schoolaccess compare.do
2016-03-02 20:48 - 2016-03-03 23:25 - 00002069 _____ C:\Users\Mike\Documents\access county chart.do
2016-03-02 20:16 - 2016-03-03 04:15 - 00004383 _____ C:\Users\Mike\Documents\law rural skilled farmer quadratic.do
2016-03-02 19:59 - 2016-03-03 04:15 - 00001235 _____ C:\Users\Mike\Documents\attendance first stage.do
2016-03-02 17:52 - 2016-03-02 21:38 - 00002751 _____ C:\Users\Mike\Documents\access compare groups.do
2016-03-02 13:19 - 2016-03-02 13:19 - 00195550 _____ C:\Users\Mike\Downloads\Moody_Evals_2015.pdf
2016-03-02 13:19 - 2016-03-02 13:19 - 00124395 _____ C:\Users\Mike\Downloads\WV Cover Letter.pdf
2016-03-01 17:26 - 2016-02-23 06:27 - 02654872 _____ C:\Windows\system32\CoreUIComponents.dll
2016-03-01 17:26 - 2016-02-23 06:25 - 02152288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-01 17:26 - 2016-02-23 06:25 - 01818696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-01 17:26 - 2016-02-23 05:34 - 01859960 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-03-01 17:26 - 2016-02-23 05:34 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-01 17:26 - 2016-02-23 05:32 - 08705672 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 17:26 - 2016-02-23 05:32 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-01 17:26 - 2016-02-23 05:32 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-03-01 17:26 - 2016-02-23 05:31 - 00819648 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-03-01 17:26 - 2016-02-23 05:31 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-03-01 17:26 - 2016-02-23 05:31 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-03-01 17:26 - 2016-02-23 05:21 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-01 17:26 - 2016-02-23 04:45 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-03-01 17:26 - 2016-02-23 04:38 - 06952088 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 17:26 - 2016-02-23 04:38 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2016-03-01 17:26 - 2016-02-23 04:38 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-01 17:26 - 2016-02-23 04:30 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-01 17:26 - 2016-02-23 04:27 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-01 17:26 - 2016-02-23 03:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-03-01 17:26 - 2016-02-23 03:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-01 17:26 - 2016-02-23 03:56 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-03-01 17:26 - 2016-02-23 03:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-03-01 17:26 - 2016-02-23 03:29 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2016-03-01 17:26 - 2016-02-23 03:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-03-01 17:26 - 2016-02-23 03:09 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-03-01 17:26 - 2016-02-23 03:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-03-01 17:26 - 2016-02-23 03:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-01 17:26 - 2016-02-23 03:02 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-03-01 17:26 - 2016-02-23 03:00 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-03-01 17:26 - 2016-02-23 02:58 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-03-01 17:26 - 2016-02-23 02:52 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-03-01 17:26 - 2016-02-23 02:30 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-01 17:26 - 2016-02-23 02:24 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-01 17:26 - 2016-02-23 02:22 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-03-01 17:26 - 2016-02-23 02:21 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-03-01 17:26 - 2016-02-23 02:17 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-01 17:26 - 2016-02-23 01:59 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-01 17:26 - 2016-02-23 01:55 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-01 17:26 - 2016-02-23 01:55 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-01 17:26 - 2016-02-23 01:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-01 17:26 - 2016-02-23 01:50 - 09919488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-01 17:26 - 2016-02-23 01:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-01 17:26 - 2016-02-23 01:39 - 02581504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-03-01 17:26 - 2016-02-23 01:36 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-01 17:26 - 2016-02-23 01:36 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-01 17:26 - 2016-02-23 01:30 - 02061312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-03-01 17:26 - 2016-02-08 22:24 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-03-01 17:26 - 2016-02-08 22:07 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-03-01 17:26 - 2016-02-08 22:04 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-03-01 17:25 - 2016-02-23 06:29 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-03-01 17:25 - 2016-02-23 06:29 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-01 17:25 - 2016-02-23 06:27 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-01 17:25 - 2016-02-23 06:27 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-01 17:25 - 2016-02-23 06:25 - 00563552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-03-01 17:25 - 2016-02-23 06:15 - 00779384 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2016-03-01 17:25 - 2016-02-23 06:08 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-03-01 17:25 - 2016-02-23 05:33 - 00696160 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-01 17:25 - 2016-02-23 05:33 - 00389992 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-03-01 17:25 - 2016-02-23 05:32 - 02544264 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-03-01 17:25 - 2016-02-23 05:32 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2016-03-01 17:25 - 2016-02-23 05:32 - 00498448 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-03-01 17:25 - 2016-02-23 05:31 - 01017032 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-03-01 17:25 - 2016-02-23 05:31 - 00476728 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-03-01 17:25 - 2016-02-23 05:25 - 03671888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-01 17:25 - 2016-02-23 05:22 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-03-01 17:25 - 2016-02-23 05:17 - 00146272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-03-01 17:25 - 2016-02-23 04:40 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-01 17:25 - 2016-02-23 04:39 - 00502112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-01 17:25 - 2016-02-23 04:38 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-03-01 17:25 - 2016-02-23 04:38 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-03-01 17:25 - 2016-02-23 04:38 - 00450912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-03-01 17:25 - 2016-02-23 04:38 - 00420928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-03-01 17:25 - 2016-02-23 04:37 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 17:25 - 2016-02-23 04:32 - 00791744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-01 17:25 - 2016-02-23 04:27 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-03-01 17:25 - 2016-02-23 04:25 - 00534368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-03-01 17:25 - 2016-02-23 04:20 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll
2016-03-01 17:25 - 2016-02-23 04:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-03-01 17:25 - 2016-02-23 04:19 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-03-01 17:25 - 2016-02-23 04:17 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-03-01 17:25 - 2016-02-23 04:12 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2016-03-01 17:25 - 2016-02-23 04:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2016-03-01 17:25 - 2016-02-23 04:07 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-03-01 17:25 - 2016-02-23 04:07 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2016-03-01 17:25 - 2016-02-23 04:06 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2016-03-01 17:25 - 2016-02-23 04:01 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-01 17:25 - 2016-02-23 04:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 17:25 - 2016-02-23 04:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-03-01 17:25 - 2016-02-23 03:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\irmon.dll
2016-03-01 17:25 - 2016-02-23 03:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-03-01 17:25 - 2016-02-23 03:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-03-01 17:25 - 2016-02-23 03:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2016-03-01 17:25 - 2016-02-23 03:53 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-03-01 17:25 - 2016-02-23 03:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-03-01 17:25 - 2016-02-23 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-03-01 17:25 - 2016-02-23 03:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-03-01 17:25 - 2016-02-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerClient.dll
2016-03-01 17:25 - 2016-02-23 03:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2016-03-01 17:25 - 2016-02-23 03:39 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-03-01 17:25 - 2016-02-23 03:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2016-03-01 17:25 - 2016-02-23 03:38 - 00287712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 17:25 - 2016-02-23 03:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-03-01 17:25 - 2016-02-23 03:37 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-01 17:25 - 2016-02-23 03:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll
2016-03-01 17:25 - 2016-02-23 03:34 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2016-03-01 17:25 - 2016-02-23 03:34 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-03-01 17:25 - 2016-02-23 03:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-03-01 17:25 - 2016-02-23 03:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-03-01 17:25 - 2016-02-23 03:31 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-03-01 17:25 - 2016-02-23 03:27 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2016-03-01 17:25 - 2016-02-23 03:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2016-03-01 17:25 - 2016-02-23 03:23 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-03-01 17:25 - 2016-02-23 03:22 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-03-01 17:25 - 2016-02-23 03:20 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-01 17:25 - 2016-02-23 03:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-03-01 17:25 - 2016-02-23 03:20 - 00493568 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-03-01 17:25 - 2016-02-23 03:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 17:25 - 2016-02-23 03:19 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-03-01 17:25 - 2016-02-23 03:19 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-03-01 17:25 - 2016-02-23 03:18 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-03-01 17:25 - 2016-02-23 03:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-03-01 17:25 - 2016-02-23 03:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-03-01 17:25 - 2016-02-23 03:12 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-03-01 17:25 - 2016-02-23 03:11 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-03-01 17:25 - 2016-02-23 03:10 - 00997376 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-03-01 17:25 - 2016-02-23 03:10 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-01 17:25 - 2016-02-23 03:09 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-03-01 17:25 - 2016-02-23 03:09 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-03-01 17:25 - 2016-02-23 03:06 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-03-01 17:25 - 2016-02-23 03:05 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-03-01 17:25 - 2016-02-23 03:04 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2016-03-01 17:25 - 2016-02-23 03:04 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-03-01 17:25 - 2016-02-23 03:04 - 00382464 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-03-01 17:25 - 2016-02-23 03:02 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-03-01 17:25 - 2016-02-23 03:02 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-01 17:25 - 2016-02-23 02:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-03-01 17:25 - 2016-02-23 02:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2016-03-01 17:25 - 2016-02-23 02:58 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-03-01 17:25 - 2016-02-23 02:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeBrokerClient.dll
2016-03-01 17:25 - 2016-02-23 02:50 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2016-03-01 17:25 - 2016-02-23 02:49 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-03-01 17:25 - 2016-02-23 02:48 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-03-01 17:25 - 2016-02-23 02:47 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2016-03-01 17:25 - 2016-02-23 02:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-03-01 17:25 - 2016-02-23 02:37 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-03-01 17:25 - 2016-02-23 02:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-01 17:25 - 2016-02-23 02:36 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-01 17:25 - 2016-02-23 02:36 - 00379392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 17:25 - 2016-02-23 02:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 17:25 - 2016-02-23 02:35 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-03-01 17:25 - 2016-02-23 02:31 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-03-01 17:25 - 2016-02-23 02:30 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 17:25 - 2016-02-23 02:29 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-01 17:25 - 2016-02-23 02:28 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-03-01 17:25 - 2016-02-23 02:28 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-03-01 17:25 - 2016-02-23 02:24 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-01 17:25 - 2016-02-23 02:24 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2016-03-01 17:25 - 2016-02-23 02:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-03-01 17:25 - 2016-02-23 02:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 17:25 - 2016-02-23 02:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-03-01 17:25 - 2016-02-23 02:14 - 00990720 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-01 17:25 - 2016-02-23 02:11 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-03-01 17:25 - 2016-02-23 02:05 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-01 17:25 - 2016-02-23 02:01 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-03-01 17:25 - 2016-02-23 01:58 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-03-01 17:25 - 2016-02-23 01:56 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-01 17:25 - 2016-02-23 01:53 - 01799168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-01 17:25 - 2016-02-23 01:51 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-01 17:25 - 2016-02-23 01:42 - 03425792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-03-01 17:25 - 2016-02-23 01:41 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-03-01 17:25 - 2016-02-23 01:35 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-03-01 17:25 - 2016-02-23 01:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-03-01 17:25 - 2016-02-23 01:32 - 02793472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-03-01 17:25 - 2016-02-23 01:28 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-03-01 17:25 - 2016-02-08 23:28 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-03-01 17:25 - 2016-02-08 23:13 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-03-01 17:25 - 2016-02-08 22:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-03-01 17:25 - 2016-02-08 22:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-03-01 17:25 - 2016-02-08 22:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-03-01 15:51 - 2016-03-01 15:51 - 00284144 _____ C:\Users\Mike\Downloads\2016-03-01 - The Donald and The Terminator - WSJ.pdf
2016-02-29 17:56 - 2016-02-29 17:56 - 00090070 _____ C:\Users\Mike\Downloads\CV 216.pdf
2016-02-29 17:56 - 2016-02-29 17:56 - 00052019 _____ C:\Users\Mike\Downloads\DePauw.pdf
2016-02-29 17:56 - 2016-02-29 17:56 - 00042778 _____ C:\Users\Mike\Downloads\Teaching Statement.pdf
2016-02-29 17:55 - 2016-02-29 17:55 - 00789805 _____ C:\Users\Mike\Downloads\Transcripts.pdf
2016-02-29 16:09 - 2016-02-29 16:09 - 00000222 _____ C:\Users\Mike\Desktop\Marvel Heroes 2016.url
2016-02-29 15:55 - 2016-02-29 15:55 - 11833463 _____ C:\Users\Mike\Documents\teachers_1926_1935_gender.dta
2016-02-29 15:00 - 2016-02-29 15:00 - 00000000 ____D C:\Users\Mike\AppData\Local\Microsoft Help
2016-02-29 13:54 - 2016-02-29 16:36 - 08163449 _____ C:\Users\Mike\Documents\teacher_gender_MMedits_macros_all.xlsm
2016-02-28 12:39 - 2016-02-28 17:21 - 00116013 _____ C:\Users\Mike\Documents\Moody_GenderWageGap2016.pdf
2016-02-27 21:12 - 2016-02-27 21:12 - 00000222 _____ C:\Users\Mike\Desktop\Alien Isolation.url
2016-02-27 20:51 - 2016-02-27 20:51 - 00000000 ____D C:\Users\Mike\AppData\Local\The Lord of the Rings Online
2016-02-27 20:48 - 2016-03-01 21:10 - 00000000 ____D C:\Users\Mike\Documents\The Lord of the Rings Online
2016-02-27 20:48 - 2016-02-27 20:50 - 00000000 ____D C:\Users\Mike\AppData\Local\Turbine
2016-02-27 20:48 - 2016-02-27 20:48 - 00000000 ____D C:\Users\Mike\AppData\Local\ApplicationHistory
2016-02-27 20:47 - 2016-02-27 20:47 - 00896880 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-27 20:47 - 2016-02-27 20:47 - 00000000 ____D C:\Windows\SysWOW64\URTTEMP
2016-02-27 20:19 - 2016-02-27 20:47 - 00000226 _____ C:\Users\Mike\Desktop\The Lord of the Rings Online.url
2016-02-27 19:41 - 2016-03-05 15:36 - 00000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2016-02-27 19:41 - 2016-02-27 19:41 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-27 19:41 - 2016-02-27 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-27 19:41 - 2016-02-27 19:41 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-02-27 19:40 - 2016-02-27 19:40 - 30510920 _____ C:\Users\Mike\Downloads\vlc-2.2.2-win32.exe
2016-02-26 19:06 - 2016-02-26 19:06 - 00629087 _____ C:\Users\Mike\Downloads\Statement_Feb 2016.pdf
2016-02-25 23:39 - 2016-02-25 23:39 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Macromedia
2016-02-25 23:26 - 2016-02-25 23:26 - 00112004 _____ C:\Users\Mike\Documents\Moody_CFT_Letter_2016.pdf
2016-02-23 21:47 - 2016-02-23 21:50 - 00114369 _____ C:\Users\Mike\Documents\SchoolAccess_1page.pdf
2016-02-22 02:48 - 2016-02-22 02:48 - 112206656 _____ (SQUARE ENIX CO., LTD.) C:\Users\Mike\Downloads\ffxivsetup_ft.exe
2016-02-21 21:43 - 2016-02-21 21:44 - 00000000 ____D C:\Users\Mike\AppData\Roaming\RIFT
2016-02-21 21:43 - 2016-02-21 21:43 - 00000000 ____D C:\Users\Mike\Documents\RIFT
2016-02-21 20:53 - 2016-02-21 20:53 - 00000221 _____ C:\Users\Mike\Desktop\RIFT.url
2016-02-21 16:11 - 2016-02-22 01:13 - 00034875 _____ C:\Users\Mike\Documents\SchoolAccess_Tables_Controls.xlsx
2016-02-21 01:50 - 2016-02-21 01:50 - 00000000 ____D C:\Users\Mike\AppData\LocalLow\Sony Online Entertainment
2016-02-21 01:47 - 2016-02-21 01:47 - 00000000 ____D C:\Users\Mike\AppData\LocalLow\Daybreak Game Company
2016-02-21 01:47 - 2016-02-21 01:47 - 00000000 ____D C:\Users\Mike\AppData\Local\SCE
2016-02-21 01:47 - 2016-02-21 01:47 - 00000000 ____D C:\Users\Mike\AppData\Local\Daybreak Game Company
2016-02-21 00:53 - 2016-02-21 00:53 - 00000222 _____ C:\Users\Mike\Desktop\EverQuest II.url
2016-02-21 00:02 - 2016-02-21 00:02 - 02993208 _____ (Blizzard Entertainment) C:\Users\Mike\Downloads\World-of-Warcraft-Setup.exe
2016-02-20 20:21 - 2016-02-21 17:19 - 00004340 _____ C:\Users\Mike\Documents\law rural skilled farmer.do
2016-02-20 20:14 - 2016-02-21 19:17 - 00005594 _____ C:\Users\Mike\Documents\law revenue rural RPC skilled farmer.do
2016-02-20 13:11 - 2016-02-20 13:11 - 00000000 ____D C:\Users\Mike\AppData\Local\Downloaded Installations
2016-02-20 13:11 - 2016-02-20 13:11 - 00000000 ____D C:\Program Files (x86)\AMD
2016-02-20 01:09 - 2016-02-09 03:25 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-20 01:09 - 2016-02-09 03:25 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-19 12:41 - 2016-02-19 12:44 - 00005452 _____ C:\Users\Mike\Documents\law revenue rural RPC 3.do
2016-02-19 01:39 - 2016-02-19 02:01 - 00005189 _____ C:\Users\Mike\Documents\law revenue rural RPC 2.do
2016-02-19 01:27 - 2016-02-19 01:48 - 00004982 _____ C:\Users\Mike\Documents\law revenue rural RPC.do
2016-02-17 20:25 - 2016-02-19 17:17 - 00000000 ____D C:\Users\Mike\AppData\Roaming\NVIDIA
2016-02-17 18:38 - 2016-03-15 22:58 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD66DD56-1613-4094-BF75-97D153DBF394}
2016-02-17 17:55 - 2016-02-19 01:59 - 00005866 _____ C:\Users\Mike\Documents\law rural.do
2016-02-17 17:53 - 2016-02-18 14:31 - 00004823 _____ C:\Users\Mike\Documents\law revenue rural.do
2016-02-17 11:13 - 2016-02-17 11:13 - 00006226 _____ C:\Users\Mike\Downloads\xdm_iframe
2016-02-16 17:01 - 2016-02-18 14:33 - 00025915 _____ C:\Users\Mike\Documents\SchoolAccess_Tables.xlsx
2016-02-16 15:51 - 2016-02-16 18:44 - 00004733 _____ C:\Users\Mike\Documents\law revenue.do
2016-02-16 14:33 - 2016-02-16 14:33 - 00000000 ____D C:\Stata11
2016-02-15 19:26 - 2016-03-01 20:34 - 00000000 ____D C:\Users\Mike\AppData\Local\CrashDumps
2016-02-14 17:58 - 2016-02-14 17:58 - 00000000 ____D C:\Users\Mike\AppData\Local\My Games

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 23:28 - 2016-02-12 02:22 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 23:28 - 2016-02-12 02:22 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-15 23:28 - 2016-02-12 02:22 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-15 23:27 - 2016-02-12 02:31 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-03-15 23:21 - 2016-02-12 02:07 - 00891772 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-15 23:21 - 2015-10-30 02:21 - 00000000 ____D C:\Windows\INF
2016-03-15 23:17 - 2016-02-12 12:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-15 23:15 - 2016-02-12 02:34 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-15 23:15 - 2016-02-12 02:24 - 00000000 ____D C:\ProgramData\WRData
2016-03-15 23:15 - 2016-02-12 02:22 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-15 23:15 - 2016-02-12 02:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-15 23:15 - 2016-02-12 02:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-15 23:14 - 2015-10-30 01:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-15 23:08 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-15 23:07 - 2016-02-12 01:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-15 23:00 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 23:00 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\AppReadiness
2016-03-13 17:33 - 2016-02-12 01:19 - 00000000 ____D C:\Users\Mike\Documents\Cover Letters
2016-03-13 08:21 - 2016-02-12 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-13 08:20 - 2016-02-12 02:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-12 15:04 - 2016-02-12 02:03 - 00000000 ____D C:\Users\Mike\AppData\Local\Packages
2016-03-11 11:45 - 2015-10-30 02:11 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 00:04 - 2016-02-12 02:05 - 00002364 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 00:04 - 2016-02-12 02:05 - 00000000 ___RD C:\Users\Mike\OneDrive
2016-03-09 22:19 - 2015-07-13 21:45 - 12653504 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-08 23:16 - 2016-02-12 02:00 - 00332240 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-08 23:16 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-08 23:16 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-08 23:16 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-08 23:16 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-08 16:36 - 2016-02-12 11:11 - 00000000 ____D C:\Windows\system32\MRT
2016-03-08 16:33 - 2016-02-12 11:11 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-08 05:27 - 2016-02-12 02:18 - 14226864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-08 05:27 - 2016-02-12 02:18 - 03259176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-08 05:27 - 2015-07-13 21:45 - 20061152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-08 05:27 - 2015-07-13 21:45 - 03681672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-08 05:27 - 2015-07-13 21:45 - 00037702 _____ C:\Windows\system32\nvinfo.pb
2016-03-08 02:12 - 2015-10-30 02:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 02:12 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 01:42 - 2016-02-12 02:25 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-08 01:42 - 2016-02-12 02:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-08 01:42 - 2016-02-12 02:08 - 06371384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-08 01:42 - 2016-02-12 02:08 - 02992576 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-08 01:42 - 2016-02-12 02:08 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-08 01:42 - 2016-02-12 02:08 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-08 01:42 - 2016-02-12 02:08 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-08 01:42 - 2016-02-12 02:08 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-06 23:22 - 2016-02-12 02:08 - 06203411 _____ C:\Windows\system32\nvcoproc.bin
2016-03-06 12:31 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\rescache
2016-03-06 02:23 - 2016-02-12 02:03 - 00000000 ____D C:\Users\Mike
2016-03-05 19:46 - 2016-02-12 02:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-05 19:46 - 2016-02-12 01:19 - 00000000 ____D C:\Users\Mike\Documents\my games
2016-03-05 19:40 - 2016-02-12 23:28 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-05 19:15 - 2016-02-12 01:20 - 00001630 _____ C:\Users\Mike\Documents\Trends schoolaccess.do
2016-03-03 12:02 - 2016-02-12 02:24 - 00045592 ____T (Webroot) C:\Windows\system32\Drivers\wrUrlFlt.sys
2016-03-03 12:02 - 2016-02-12 02:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 04:16 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 __RSD C:\Windows\Media
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-03 04:16 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\bcastdvr
2016-03-03 04:16 - 2015-10-30 01:28 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-03-03 04:16 - 2015-10-30 01:28 - 00000000 ____D C:\Windows\system32\Dism
2016-02-27 20:47 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\Registration
2016-02-27 12:57 - 2016-02-12 02:24 - 00181688 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2016-02-27 12:57 - 2016-02-12 02:24 - 00117304 _____ (Webroot) C:\Windows\system32\WRusr.dll
2016-02-24 11:53 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\appcompat
2016-02-21 17:18 - 2016-02-12 01:20 - 00020926 _____ C:\Users\Mike\Documents\SchoolAccess_chart.xlsx
2016-02-20 20:44 - 2016-02-12 01:20 - 00000000 ____D C:\Users\Mike\Documents\Witcher 2
2016-02-20 01:07 - 2016-02-12 02:20 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-02-20 01:07 - 2016-02-12 02:17 - 00000000 ____D C:\Users\Mike\AppData\Local\NVIDIA
2016-02-17 01:40 - 2016-02-12 02:29 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-17 01:40 - 2016-02-12 02:20 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-02-17 01:40 - 2016-02-12 02:20 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-02-17 01:40 - 2016-02-12 02:20 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-02-17 01:40 - 2016-02-12 02:20 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-02-16 15:50 - 2016-02-12 01:20 - 00005776 _____ C:\Users\Mike\Documents\law.do
2016-02-14 02:07 - 2015-10-30 02:24 - 00000000 ___SD C:\Windows\system32\F12
2016-02-14 02:07 - 2015-10-30 02:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-02-14 02:07 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\system32\oobe
2016-02-14 02:07 - 2015-10-30 02:24 - 00000000 ____D C:\Windows\Provisioning
2016-02-14 01:02 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories =======

2016-02-12 02:25 - 2016-02-12 02:25 - 12964920 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2016-02-12 02:16 - 2016-02-12 02:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Mike\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Mike\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-12 09:25

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Mike (2016-03-15 23:35:30)
Running from C:\Users\Mike\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-12 07:03:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1429111364-1358436674-1010729600-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1429111364-1358436674-1010729600-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1429111364-1358436674-1010729600-503 - Limited - Disabled)
Guest (S-1-5-21-1429111364-1358436674-1010729600-501 - Limited - Disabled)
Mike (S-1-5-21-1429111364-1358436674-1010729600-1001 - Administrator - Enabled) => C:\Users\Mike

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.1.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.1.8.3 - ASUSTek COMPUTER INC.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EverQuest II (HKLM-x32\...\Steam App 201230) (Version:  - Daybreak Games)
EverQuest II (HKU\S-1-5-21-1429111364-1358436674-1010729600-1001\...\DG0-EverQuest II) (Version:  - Sony Online Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version:  - Crate Entertainment)
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes 2016 (HKLM-x32\...\Steam App 226320) (Version:  - Gazillion Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6568.2036 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6528.1017 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
RIFT (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version:  - Turbine, Inc.)
The Lord of the Rings Online™ v03.08.00.8029 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8029 - Turbine, Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.8.72 - Webroot)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1429111364-1358436674-1010729600-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {064AE2B4-6E5C-4B8A-A866-B349862377BA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-08] (Microsoft Corporation)
Task: {07003FC3-E830-4FF8-AA88-098A04FABA28} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {33D171ED-2D7E-4A31-AC4B-5E6824100064} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)
Task: {343017F2-0ABD-47AD-82A5-73DDE0DFFECC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-03-02] (Microsoft Corporation)
Task: {4D98B594-5188-451A-BF43-57383F96402C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {6D7FC98F-37FD-44D1-A81D-DC8C7E51F1D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-03-02] (Microsoft Corporation)
Task: {752941B7-BE67-4FDA-97AB-52A6DE4C7573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-12] (Google Inc.)
Task: {BFADB90F-EA4E-48AC-8212-E702D7D0C4F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2016-03-08] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-02-12 02:08 - 2016-03-08 01:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-18 23:31 - 2015-08-18 23:31 - 00048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-02-12 02:10 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-02-12 01:03 - 2016-02-28 02:20 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-02-20 01:07 - 2016-02-17 01:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-12 02:29 - 2016-02-17 01:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-20 01:07 - 2016-02-17 01:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-01 17:26 - 2016-02-23 06:27 - 02654872 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-03-01 17:26 - 2016-02-23 06:27 - 02654872 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-03-15 23:06 - 2016-02-28 05:22 - 08914120 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-02-12 11:09 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 17:25 - 2016-02-23 03:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-12 11:10 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-12 11:10 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-12 11:10 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-12 11:10 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-12 00:54 - 2016-02-12 00:54 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-03-06 19:07 - 2015-03-06 19:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-02-17 18:01 - 2016-02-17 18:01 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 19:07 - 2015-03-06 19:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-02-17 18:01 - 2016-02-17 18:01 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-02-12 02:10 - 2016-03-15 23:15 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-02-12 02:10 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-12-02 16:30 - 2015-12-02 16:30 - 00065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2016-01-18 12:10 - 2016-01-18 12:10 - 01946624 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2016-02-12 00:54 - 2016-02-12 00:54 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-12 00:54 - 2016-02-12 00:54 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-12 02:20 - 2016-02-17 02:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-12 01:11 - 2016-02-09 20:17 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-12 01:11 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-12 01:11 - 2016-03-10 14:02 - 02547792 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-12 01:11 - 2016-02-08 18:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-12 01:11 - 2016-02-08 18:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-12 01:11 - 2016-02-08 18:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-12 01:11 - 2016-02-08 18:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-12 01:11 - 2016-02-08 18:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-12 01:11 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-12 01:11 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-12 01:11 - 2016-03-10 14:02 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-08 23:03 - 2016-02-17 17:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-02-12 01:11 - 2016-02-08 20:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-02-19 16:29 - 2016-02-17 23:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 16:29 - 2016-02-17 23:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 02:24 - 2015-10-30 02:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1429111364-1358436674-1010729600-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C704ADD-163C-4839-8BAC-4D3A3B1A7746}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2599E921-9F2B-4688-8EBD-43015DBA0624}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{837913C0-35CD-4992-9E0A-DFC9BFA177E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BFDDFBED-39B2-4CCA-AD94-6669A4D441A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B622F3A6-6DE5-480F-A7B0-5D01D4CCD5CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{ECDAA4A3-2583-49AC-9524-3F551D83EEA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82C1FCC7-A03E-41A0-BFE3-10D175D94A5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A8DEDFC7-CA9E-4BC3-B5F1-7BA61E4A3AE0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{616ABFF8-A54D-4BBA-B8BD-5C5AD7F1896E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5ACF67FF-DEAB-4459-A7AB-B8A5B54CB443}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07F13A38-6BC7-473A-AF49-3A24851CC786}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{50E5C0EF-AD00-4002-AE8C-DBC4AF1F151F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F3B6E220-8771-4392-85AF-BE5FAA148F40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{987C3211-A7A3-407D-B94A-652BED375B42}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{859F382E-D06A-4264-A671-2E638DED368C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AF3ED838-0BF4-4663-B2F1-43F331E02A4D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{93720AA7-CBB2-4DB3-80E9-4474DFCD2F86}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{00BA1F4E-2F5C-44E6-8D4F-20A4ECCD3826}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{F2F1AF52-DAD0-48AD-96ED-F619B4F157C2}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{3D259168-CA33-414C-B680-4657D069ECE2}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{A9AFA1E1-1214-4833-B139-DD932B1A3EAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{9ACCA7D7-758A-45B0-B2D8-D1ADA8C7402D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{227B8C9D-B063-437C-8C38-96E3427DAC25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{C85EA16F-3F83-4615-A863-4E14906E7EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{2109C80F-537C-425B-9D87-6E99C2D76E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{6B7F65C7-A308-4CDF-B99F-550A71EF03C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{AC69D7ED-4CA2-4FCA-B94B-725E7D45FCCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{1C43DA14-4C12-46AE-AFA2-C92ED6482A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [TCP Query User{03BC1B30-EAF3-4A64-AF7B-A48F4FDC35DA}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{E35186F7-0A73-4B48-9E8A-2087094CF4D7}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{7BBB14B8-BB5D-4589-8A77-2EBD4E7B5EA9}C:\program files (x86)\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{B41730A4-3B1C-4048-8383-77955D0FAF75}C:\program files (x86)\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe
FirewallRules: [{EE101166-B99A-47A4-8A2C-AE0EE7096206}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EverQuest 2\LaunchPad.exe
FirewallRules: [{4129581B-932E-44B2-9460-97DD5CF9793A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EverQuest 2\LaunchPad.exe
FirewallRules: [{3F6DD1B3-E86A-46D2-8610-EE51B63F8939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{3BAD6D06-A824-40B6-9A92-4F3208CA7953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{E16E18EB-E1D2-4E88-B374-08AC8B33A142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{92CE2E22-040D-4388-8415-9DF00238BABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [TCP Query User{D2FECD13-2158-4DDA-8C9E-7A74785240ED}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{784CC759-A26C-4AFF-8420-118D703B8F0B}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [{D025B427-C4DC-4823-8005-293AEC0C959B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{83028BBA-C1CD-4EE6-8378-5B5D6780F9E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [TCP Query User{72593D42-A03F-4E70-9AA5-46184FFDE1C0}C:\program files (x86)\steam\steamapps\common\mytheon\mytheonclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mytheon\mytheonclient.exe
FirewallRules: [UDP Query User{D02ADD29-7DE2-4BBD-A6D1-6C5905F9305F}C:\program files (x86)\steam\steamapps\common\mytheon\mytheonclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\mytheon\mytheonclient.exe
FirewallRules: [{7F8D4D33-EEF0-4217-B969-BA5F41E84E98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{737436AE-C6D9-4A68-A32F-0A383F4F61B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{E49BFA83-0780-427E-875A-71E8D97DA658}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{F6B11D45-4652-4E0C-9D18-1C27619D3662}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [TCP Query User{42A0FFA6-6315-4C4C-A794-5C3060A99605}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{67A09E6B-4C1E-493E-B378-C742C42EC5C2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{9AB0632D-0573-477D-984E-5E0ACE843B3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-02-2016 14:17:27 Installed DirectX
29-02-2016 16:36:49 Installed DirectX
05-03-2016 19:46:02 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
11-03-2016 11:44:43 Windows Update
13-03-2016 15:26:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
13-03-2016 15:26:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2016 03:26:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/13/2016 03:26:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/13/2016 03:26:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/12/2016 08:23:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/11/2016 04:40:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/11/2016 11:44:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/08/2016 11:50:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-36966RJ)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (03/08/2016 04:36:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/06/2016 11:55:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BatmanAC.exe version 1.1.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2e4c

Start Time: 01d177c8bb077edf

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe

Report Id: 3daa8540-e3bc-11e5-8ce1-10c37b94ee25

Faulting package full name: 

Faulting package-relative application ID:

Error: (03/05/2016 07:46:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (03/15/2016 11:14:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_2366f service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/15/2016 11:14:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/15/2016 11:08:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WRSVC service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/15/2016 10:55:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:37:16 AM on ‎3/‎14/‎2016 was unexpected.

Error: (03/15/2016 10:55:24 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844750233830481880

Error: (03/13/2016 08:03:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_24d19 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/13/2016 08:03:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/13/2016 06:04:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_248e1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/13/2016 06:04:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/13/2016 04:05:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_26979 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-03-15 23:07:57.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 14:01:48.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 13:57:24.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-08 22:16:56.182
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-03 11:02:02.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-02 10:51:37.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-27 21:12:51.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-22 20:40:01.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-19 18:26:19.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-18 23:43:29.583
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 16%
Total physical RAM: 16326.99 MB
Available physical RAM: 13578.16 MB
Total Virtual: 18758.99 MB
Available Virtual: 15676.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.27 GB) (Free:90.19 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:2794.52 GB) (Free:1595.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C82B65EE)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End of Addition.txt ============================

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

 

Next,

 

Do not see any obvious malware or infection in those logs, run the following scans to double check....

 

Please open Malwarebytes Anti-Malware.


  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:


  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:   Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 

Next,

 

Download Sophos Free Virus Removal Tool and save it to your desktop.


  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program

 

Let me see those logs in your reply....

 

Thank you,

 

Kevin

Link to post
Share on other sites

Sorry for the delay. Crazy week. I didn't get a hit on any of the 3. Logs for MBAM and Adware Cleaner. I'm assuming I either don't have a problem or an extremely new and cleverly built one.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/20/2016
Scan Time: 4:47 PM
Logfile: MBAM log.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.20.05
Rootkit Database: v2016.03.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Mike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340184
Time Elapsed: 6 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 14:00:50
# Updated 13/03/2016 by Xplode
# Database : 2016-03-16.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Mike - DESKTOP-36966RJ
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [597 bytes] - [16/03/2016 14:00:50]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [689 bytes] ##########
 

Edited by Birini
Link to post
Share on other sites

Your logs are clean, no obvious malware or infection.... If you are satisfied we can clean up tools...

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools

Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif

 

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.