Jump to content

Recommended Posts

Hello, 

Every day, exactly at 2:00 pm, on my computer an add pop up.

Even if my browser isnt active, it's shows up.

I tried many software to detect the ("what i think of as a") virus, with out any success...

 

Ty for help.

Penne.

Link to post
Share on other sites

Hello Penne and welcome to Malwarebytes...

My screen name is kevinf80, i`m here to help clean up your system....

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.


Let me see those logs in your reply...

Thank you,

Kevin...
Link to post
Share on other sites

Hey there Kevin,

I did another scan after changing the settings as you suggested before.

But MBAM still didn't found anything.

Here is the scan log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16-Apr-16
Scan Time: 17:28
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.16.03
Rootkit Database: v2016.04.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Penne

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 381031
Time Elapsed: 5 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Then, I tried to install Farbar Recovery Scan Tool without a success. 

(and I'm sure about my 64 bit system)

Here is the error message: 

Screenshot_1.png

 

 

Thank you for your time.

Penne.

 

P.S.

I am familiar with computers, so you can explain and work with me on complicated terms.

Link to post
Share on other sites
Read the following link before we continue and run Combofix:

ComboFix usage, Questions, Help? - Look here

Next,

Download Combofix from either of the following links :-

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

http://www.infospyware.net/antimalware/combofix/
 
  • Ensure that Combofix is saved directly to the Desktop <--- Very important
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
  • Close any open browsers and any other programs you might have running
  • Double click the user posted image icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here http://thespykiller.co.uk/index.php?page=20 why disabling autoruns is recommended.

*EXTRA NOTES*
  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)


Post the log in next reply please...

Kevin
Link to post
Share on other sites

That is the log I received:

ComboFix 16-04-13.01 - Penne 17-Apr-16   1:09.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1255.972.1033.18.8082.6156 [GMT 3:00]
Running from: d:\desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 9.0.318.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 9.0.375.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ar\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\bg\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ca\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\cs\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\da\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\de\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\el\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\en\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\es\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\fi\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\fr\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\gu\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\he\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\hr\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\hu\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\id\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\it\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ja\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ko\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\nb\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\nl\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pl\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pt_BR\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\pt_PT\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ro\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\ru\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sk\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sl\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sr\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\sv\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\tr\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\uk\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\vi\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\zh_CN\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_locales\zh_TW\messages.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_metadata\computed_hashes.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\_metadata\verified_contents.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_safari_beforeload.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_safari_contentblocking.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_start_chrome.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\adblock_start_common.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\background.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\bandaids.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\button\popup.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\CHANGELOG.txt
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\checkupdates.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\datacollection.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\declarativewebrequest.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\domainset.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filternormalizer.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filteroptions.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filterset.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\filtertypes.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\filtering\myfilters.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\functions.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\gab_question.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\idlehandler.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\delete.gif
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox1.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox2.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\dropbox3.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\facebook-sprite.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\gplus-sprite.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon128.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16_grayscale.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon16_grayscale@2x.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19-grayscale.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19-whitelisted.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon19.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon24.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon32.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38-grayscale.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38-whitelisted.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon38.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\icon48.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\loader.gif
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\logo.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\check.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\magnifying_glass.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-engine-card_no-shadow.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-engine-icons.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search-omnibox-card_no-shadow.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\search\search_engine_select_arrow.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\img\twitter-sprite.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_flat_55_999999_40x100.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_flat_75_aaaaaa_40x100.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_45_0078ae_1x400.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_55_f8da4e_1x400.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_glass_75_79c9ec_1x400.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_gloss-wave_50_38cfff_500x100.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_gloss-wave_75_2191c0_500x100.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-bg_inset-hard_100_fcfdfd_1x100.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-icons_056b93_256x240.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\images\ui-icons_d8e7f3_256x240.png
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\jquery-ui.custom.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\css\override-page.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery-ui.custom.min.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery.cookie.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\jquery\jquery.min.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\LICENSE
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\manifest.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\notificationoverlay.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\bug-report.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\bug-report.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\customize.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\customize.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\filters.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\filters.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\general.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\general.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\index.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\index.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\options.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\support.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\options\support.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\adreport.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\adreport.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\resourceblock.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.css
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.html
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\pages\subscribe.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\port.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\punycode.min.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\README.markdown
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\stats.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\survey.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\translators.json
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\blacklistui.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\clickwatcher.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\elementchain.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\overlay.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\blacklisting\rightclick_hook.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\load_jquery_ui.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\send_content_to_back.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\top_open_blacklist_ui.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\uiscripts\top_open_whitelist_ui.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.56_0\ytchannel.js
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage
c:\users\Penne\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Penne\AppData\Roaming\Launcher.dat
c:\windows\Temp\log.txt
.
.
(((((((((((((((((((((((((   Files Created from 2016-03-16 to 2016-04-16  )))))))))))))))))))))))))))))))
.
.
2016-04-16 22:12 . 2016-04-16 22:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-04-16 15:36 . 2016-04-16 15:36	--------	d-----w-	c:\windows\system32\appmgmt
2016-04-16 15:29 . 2016-04-16 15:29	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{74478CE7-E1FE-456D-A1CB-348DAA43BDE6}\offreg.3760.dll
2016-04-16 14:21 . 2016-04-16 14:28	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-04-16 14:21 . 2016-04-16 14:21	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2016-04-16 14:21 . 2016-03-10 11:09	64896	----a-w-	c:\windows\system32\drivers\mwac.sys
2016-04-16 14:21 . 2016-03-10 11:08	140672	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2016-04-16 14:21 . 2016-03-10 11:08	27008	----a-w-	c:\windows\system32\drivers\mbam.sys
2016-04-16 14:16 . 2016-04-16 15:29	--------	d-----w-	c:\programdata\boost_interprocess
2016-04-15 16:32 . 2016-03-17 01:45	11686560	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{74478CE7-E1FE-456D-A1CB-348DAA43BDE6}\mpengine.dll
2016-04-15 11:18 . 2016-04-15 11:20	--------	d-----w-	C:\Flashtool
2016-04-13 20:24 . 2016-04-13 20:25	--------	d-----w-	c:\program files (x86)\BSplayerPro
2016-04-13 14:11 . 2016-03-06 18:53	1885696	----a-w-	c:\windows\system32\msxml3.dll
2016-04-13 14:11 . 2016-03-06 18:53	2048	----a-w-	c:\windows\system32\msxml3r.dll
2016-04-13 14:11 . 2016-03-06 18:38	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2016-04-13 14:11 . 2016-03-06 18:38	1240576	----a-w-	c:\windows\SysWow64\msxml3.dll
2016-04-13 14:11 . 2016-03-29 17:53	3216896	----a-w-	c:\windows\system32\win32k.sys
2016-04-08 22:12 . 2016-04-04 18:02	1169408	----a-w-	c:\windows\system32\aeinv.dll
2016-04-07 11:43 . 2016-04-16 07:07	--------	d-----w-	C:\AdwCleaner
2016-04-07 11:18 . 2016-03-23 14:02	215040	----a-w-	c:\windows\system32\aepic.dll
2016-04-07 11:18 . 2016-03-17 18:04	698368	----a-w-	c:\windows\system32\generaltel.dll
2016-04-07 11:18 . 2016-03-17 18:04	499200	----a-w-	c:\windows\system32\devinv.dll
2016-04-07 11:18 . 2016-03-17 18:04	279040	----a-w-	c:\windows\system32\invagent.dll
2016-04-07 11:18 . 2016-03-17 18:04	76800	----a-w-	c:\windows\system32\acmigration.dll
2016-04-02 21:57 . 2016-04-02 21:57	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2016-04-02 11:15 . 2016-03-22 02:10	112184	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2016-04-02 11:10 . 2016-03-21 20:01	56384	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2016-04-02 11:10 . 2016-03-21 20:01	109632	----a-w-	c:\windows\system32\nvaudcap64v.dll
2016-04-02 11:10 . 2016-03-21 20:01	100416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2016-04-01 20:50 . 2016-04-01 20:50	--------	d-----w-	c:\programdata\Steam
2016-03-31 18:05 . 2016-03-31 18:05	--------	d-----w-	C:\Riot Games
2016-03-31 12:17 . 2016-03-31 12:26	--------	d-----w-	c:\programdata\TrackmaniaTurbo
2016-03-31 12:07 . 2016-03-31 12:07	--------	d-----w-	c:\program files (x86)\Ubisoft
2016-03-31 11:30 . 2016-03-31 11:32	--------	d-----w-	c:\programdata\Glyph
2016-03-30 18:25 . 2016-03-30 18:25	3721216	----a-w-	c:\windows\SysWow64\lol.scr
2016-03-25 17:27 . 2016-03-25 17:27	--------	d-----w-	c:\programdata\Malwarebytes
2016-03-25 16:04 . 2016-03-25 16:04	--------	d-----w-	c:\program files\USB Drivers
2016-03-25 14:33 . 2016-03-25 14:33	--------	d-----w-	c:\program files (x86)\Bacon Root Toolkit
2016-03-25 13:36 . 2016-03-25 13:36	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2016-03-25 11:07 . 2016-03-25 11:07	--------	d-----w-	c:\program files (x86)\MusicBee
2016-03-24 13:48 . 2016-03-24 13:48	--------	d-----w-	c:\program files (x86)\TeamViewer
2016-03-21 08:10 . 2015-12-20 18:50	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2016-03-21 08:10 . 2015-12-20 18:50	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2016-03-21 08:10 . 2015-12-20 14:08	243200	----a-w-	c:\windows\system32\rdpudd.dll
2016-03-21 08:04 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2016-03-21 00:11 . 2015-07-16 19:11	7077376	----a-w-	c:\windows\system32\mstscax.dll
2016-03-21 00:11 . 2015-07-11 13:15	429568	----a-w-	c:\windows\system32\wksprt.exe
2016-03-21 00:11 . 2015-07-16 19:12	856064	----a-w-	c:\windows\SysWow64\rdvidcrl.dll
2016-03-21 00:11 . 2015-07-16 19:12	53248	----a-w-	c:\windows\SysWow64\tsgqec.dll
2016-03-21 00:11 . 2015-07-16 19:12	6131200	----a-w-	c:\windows\SysWow64\mstscax.dll
2016-03-21 00:11 . 2015-07-16 19:11	62976	----a-w-	c:\windows\system32\tsgqec.dll
2016-03-21 00:11 . 2015-07-16 19:11	1057792	----a-w-	c:\windows\system32\rdvidcrl.dll
2016-03-20 22:04 . 2016-03-20 22:04	--------	d-----w-	c:\program files (x86)\Skillbrains
2016-03-20 19:22 . 2013-10-02 04:38	3072	----a-w-	c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2016-03-20 19:22 . 2013-10-02 01:10	44544	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2016-03-20 19:22 . 2013-10-02 02:22	56832	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2016-03-20 19:22 . 2013-10-02 02:11	13824	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-03-20 19:22 . 2013-10-02 02:08	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-03-20 19:22 . 2013-10-02 01:48	56832	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2016-03-20 19:22 . 2013-10-02 01:48	18944	----a-w-	c:\windows\system32\wksprtPS.dll
2016-03-20 19:22 . 2013-10-02 00:14	50176	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2016-03-20 19:22 . 2013-10-02 00:14	17920	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2016-03-20 19:22 . 2013-10-01 23:31	1147392	----a-w-	c:\windows\system32\mstsc.exe
2016-03-20 19:22 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\SysWow64\mstsc.exe
2016-03-20 19:21 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2016-03-20 19:21 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2016-03-20 19:21 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2016-03-20 19:21 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2016-03-20 12:08 . 2016-03-20 12:08	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2016-03-20 00:15 . 2016-03-20 12:09	--------	d-----w-	c:\program files (x86)\Microsoft Works
2016-03-20 00:15 . 2016-03-25 17:45	--------	d-----w-	c:\windows\PCHEALTH
2016-03-20 00:14 . 2016-03-20 00:14	--------	d-----w-	c:\program files\Microsoft Office
2016-03-20 00:14 . 2016-03-20 00:14	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2016-03-20 00:14 . 2016-04-13 20:48	--------	d-----w-	c:\programdata\Microsoft Help
2016-03-20 00:13 . 2016-03-20 00:13	--------	d-----r-	C:\MSOCache
2016-03-20 00:05 . 2016-03-20 00:05	--------	d-----w-	c:\program files (x86)\DAMN NFO Viewer
2016-03-20 00:02 . 2016-03-20 00:03	--------	d-----w-	c:\program files (x86)\NFOlux
2016-03-19 23:43 . 2016-03-19 23:43	47672	----a-w-	c:\windows\system32\drivers\dtliteusbbus.sys
2016-03-19 23:42 . 2016-03-19 23:43	30264	----a-w-	c:\windows\system32\drivers\dtlitescsibus.sys
2016-03-19 23:42 . 2016-03-19 23:43	--------	d-----w-	c:\program files\DAEMON Tools Lite
2016-03-19 23:42 . 2016-03-19 23:42	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2016-03-19 23:21 . 2013-11-26 08:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2016-03-19 23:21 . 2013-11-22 22:48	3928064	----a-w-	c:\windows\system32\d2d1.dll
2016-03-19 23:04 . 2016-03-19 23:04	49584	----a-w-	c:\windows\system32\drivers\hitmanpro37.sys
2016-03-19 22:14 . 2016-03-19 22:14	--------	d-----w-	c:\users\Public\Thunder Network
2016-03-19 22:14 . 2016-03-19 22:14	--------	d-----w-	c:\programdata\Thunder Network
2016-03-19 16:46 . 2015-07-30 18:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2016-03-19 16:46 . 2015-07-30 17:57	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2016-03-19 15:41 . 2015-12-08 21:54	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2016-03-19 15:41 . 2015-12-08 19:07	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2016-03-19 15:41 . 2015-02-03 03:31	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2016-03-19 15:41 . 2015-02-03 03:12	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2016-03-19 15:41 . 2015-11-10 18:55	1648128	----a-w-	c:\windows\system32\DWrite.dll
2016-03-19 15:41 . 2015-11-10 18:55	1180160	----a-w-	c:\windows\system32\FntCache.dll
2016-03-19 15:41 . 2015-11-10 18:39	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2016-03-19 15:30 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2016-03-19 15:30 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2016-03-19 15:00 . 2016-04-08 22:12	--------	d-----w-	c:\windows\system32\appraiser
2016-03-19 15:00 . 2016-03-19 15:00	--------	d-s---w-	c:\windows\system32\CompatTel
2016-03-19 14:53 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-03-19 14:53 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-19 14:52 . 2013-10-14 16:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2016-03-19 14:50 . 2016-03-19 14:50	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-19 10:41 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2016-03-19 10:41 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2016-03-19 10:41 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2016-03-19 10:41 . 2014-07-09 02:03	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2016-03-19 10:41 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2016-03-19 10:41 . 2014-07-09 01:31	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2016-03-19 10:41 . 2014-07-09 01:31	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2016-03-19 10:39 . 2011-03-11 06:41	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2016-03-19 10:39 . 2011-03-11 06:41	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2016-03-19 10:39 . 2011-03-11 06:41	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2016-03-19 10:39 . 2011-03-11 06:41	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2016-03-19 10:39 . 2011-03-11 06:41	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2016-03-19 10:39 . 2011-03-11 06:33	2565632	----a-w-	c:\windows\system32\esent.dll
2016-03-19 10:39 . 2011-03-11 06:30	96768	----a-w-	c:\windows\system32\fsutil.exe
2016-03-19 10:39 . 2011-03-11 05:33	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2016-03-19 10:39 . 2011-03-11 05:31	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2016-03-19 10:38 . 2015-06-03 20:16	1239720	----a-w-	c:\windows\system32\aitstatic.exe
2016-03-19 01:16 . 2016-03-24 15:13	--------	d-s---w-	c:\windows\SysWow64\GWX
2016-03-19 01:16 . 2016-03-24 15:13	--------	d-s---w-	c:\windows\system32\GWX
2016-03-18 16:16 . 2016-03-18 16:16	--------	d-----w-	c:\windows\Migration
2016-03-18 16:05 . 2012-07-26 04:47	2560	----a-w-	c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2016-03-18 15:37 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-06 07:18 . 2010-11-21 03:27	453280	------w-	c:\windows\system32\MpSigStub.exe
2016-03-18 09:10 . 2015-07-30 19:41	264552	----a-w-	c:\windows\system32\drivers\eamonm.sys
2016-03-18 09:10 . 2015-07-30 19:41	186784	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2016-03-18 09:10 . 2015-07-30 19:41	170792	----a-w-	c:\windows\system32\drivers\epfwwfpr.sys
2016-03-18 08:54 . 2010-11-21 03:24	14848	----a-w-	c:\windows\system32\slwga.dll
2016-03-18 08:54 . 2010-11-21 03:24	419840	----a-w-	c:\windows\system32\systemcpl.dll
2016-03-18 08:54 . 2010-11-21 03:23	13824	----a-w-	c:\windows\SysWow64\slwga.dll
2016-03-17 22:24 . 2016-04-13 13:51	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2016-03-16 21:30 . 2016-03-16 21:30	128792	----a-w-	c:\windows\SysWow64\vulkan-1-1-0-5-1.dll
2016-03-16 21:29 . 2016-03-16 21:29	41752	----a-w-	c:\windows\SysWow64\vulkaninfo-1-1-0-5-1.exe
2016-03-16 21:29 . 2016-03-16 21:29	127768	----a-w-	c:\windows\system32\vulkan-1-1-0-5-1.dll
2016-03-16 21:28 . 2016-03-16 21:28	45848	----a-w-	c:\windows\system32\vulkaninfo-1-1-0-5-1.exe
2016-02-14 01:47 . 2016-02-14 01:47	125720	----a-w-	c:\windows\SysWow64\vulkan-1-1-0-3-0.dll
2016-02-14 01:46 . 2016-02-14 01:46	126232	----a-w-	c:\windows\system32\vulkan-1-1-0-3-0.dll
2016-02-14 01:45 . 2016-02-14 01:45	42264	----a-w-	c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
2016-02-14 01:45 . 2016-02-14 01:45	45848	----a-w-	c:\windows\system32\vulkaninfo-1-1-0-3-0.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-10 50599552]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-03-01 4290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Lightshot"="c:\program files (x86)\Skillbrains\lightshot\Lightshot.exe" [2014-10-16 226560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTune"="c:\program files (x86)\GIGABYTE\EasyTune\etro.exe" [2014-08-19 5632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ryos TKL Driver.lnk - c:\program files (x86)\ROCCAT\Ryos TKL Keyboard\Ryos TKL Monitor.exe [2014-7-23 4805120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LolScreenSaverService;League Screensaver;c:\riot games\LolScreenSaver\service\service.exe;c:\riot games\LolScreenSaver\service\service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
S3 etocdrv;etocdrv;c:\windows\etocdrv.sys;c:\windows\etocdrv.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 ROCCATKV;Roccat KAVE XTD USB Mult-channel Headphone Device Driver;c:\windows\system32\DRIVERS\ROCCATKV.SYS;c:\windows\SYSNATIVE\DRIVERS\ROCCATKV.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-18 05:56	1106072	----a-w-	c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18 05:55]
.
2016-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18 05:55]
.
2016-04-16 c:\windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2016-03-20 11:29]
.
2016-04-16 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2016-03-20 11:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-02-25 05:39	775064	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-02-25 05:39	775064	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-02-25 05:39	775064	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-03-30 2396096]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-03-30 1767248]
"Cm106Sound"="c:\program files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe" [2014-01-14 2196992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SmartRecovery2\RPMKickstartEx.exe" [2014-04-01 2320384]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 10.0.0.138
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-ic-0.055170ed78988.exe -start - c:\users\Penne\AppData\Local\Temp\25993338\ic-0.055170ed78988.exe
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file)
AddRemove-SafeWeb - c:\users\Penne\AppData\Roaming\SafeWeb\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-04-17  01:13:47
ComboFix-quarantined-files.txt  2016-04-16 22:13
.
Pre-Run: 186,271,961,088 bytes free
Post-Run: 186,572,087,296 bytes free
.
- - End Of File - - D85A7FE9D540ACA8C8FD3E03AA7A4554
A36C5E4F47E84449FF07ED3517B43A31

 

Link to post
Share on other sites

Thanks for the log, run RogueKiller and post the produced log...

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/
 
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open.
  • Close the program > Don't Fix anything!

Let me see that log....

Link to post
Share on other sites

roguekiller report:

RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Penne [Administrator]
Started from : D:\Desktop\RogueKiller.exe
Mode : Scan -- Date : 04/17/2016 01:31:55

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \GNU_635940224620902278 -- C:\Users\Penne\AppData\Roaming\SafeWeb\atg.exe -> Found

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA Samsung SSD 840 SCSI Disk Device +++++
--- User ---
[MBR] dfb6124089ecce3332245490cb1dbf36
[BSP] 3c9a785f714dcb3815571ac78cf1ce31 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ATA WDC WD5000AAKX-2 SCSI Disk Device +++++
--- User ---
[MBR] 5915bd48c71eb516b29497979b8ebc11
[BSP] fa3c82ac89ea70f72bbbcba3d9215287 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

Link to post
Share on other sites
Double-click RogueKiller.exe to run again. (Vista/7/8/10 right-click and select Run as Administrator)

When "initializing/pre-scan” completes press the Scan button, this may take a few minutes to complete.

When the scan completes open the Registry tab and locate the following detections:


[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X]) -> Found


Make sure those entries are Checkmarked (ticked) also ensure that all other entries are not Checkmarked


Open the Tasks tab and locate the following detections:

[Suspicious.Path] \GNU_635940224620902278 -- C:\Users\Penne\AppData\Roaming\SafeWeb\atg.exe -> Found

Make sure those entries are Checkmarked (ticked) also ensure that all other entries are not Checkmarked

Hit the Delete button, when complete select "Report" in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference.
 
Let me see that log, also try FRST again...
Link to post
Share on other sites

ROGUEKILLER report:

RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Penne [Administrator]
Started from : D:\Desktop\RogueKiller.exe
Mode : Delete -- Date : 04/17/2016 01:46:53

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B} | DhcpNameServer : 10.0.0.138 ([X])  -> Replaced ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Not selected
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Not selected

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \GNU_635940224620902278 -- C:\Users\Penne\AppData\Roaming\SafeWeb\atg.exe -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA Samsung SSD 840 SCSI Disk Device +++++
--- User ---
[MBR] dfb6124089ecce3332245490cb1dbf36
[BSP] 3c9a785f714dcb3815571ac78cf1ce31 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ATA WDC WD5000AAKX-2 SCSI Disk Device +++++
--- User ---
[MBR] 5915bd48c71eb516b29497979b8ebc11
[BSP] fa3c82ac89ea70f72bbbcba3d9215287 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

 

 

 

 

 

 

 

 

 

 

now the FRST does work:

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016
Ran by Penne (administrator) on PENNE-PC (17-04-2016 01:49:30)
Running from D:\Downloads
Loaded Profiles: Penne (Available Profiles: Penne)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Riot Games\LolScreenSaver\service\service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SmartRecovery2\RPMDaemon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cm106Sound] => C:\Program Files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe [2196992 2014-01-14] (CMedia)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-02] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\GIGABYTE\EasyTune\etro.exe [5632 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\lol.scr
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-25] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ryos TKL Driver.lnk [2016-03-18]
ShortcutTarget: Ryos TKL Driver.lnk -> C:\Program Files (x86)\ROCCAT\Ryos TKL Keyboard\Ryos TKL Monitor.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2014-12-06] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A4BD593F-EDAF-4C2F-996E-249DBA97966B}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-206197487-1037210532-2885666671-1000 -> DefaultScope {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-206197487-1037210532-2885666671-1000 -> {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.il/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404120675&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295358&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404420000&from=smt&uid=WDCXWD5000AAKX-22ERMA0_WD-WCC2EHM2716127161","hxxp://www.viceice.com/"
CHR Profile: C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (GeoGebra) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-03-25]
CHR Extension: (Daum Equation Editor) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2016-03-25]
CHR Extension: (Google Calendar) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-03-25]
CHR Extension: (Google Sheets) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Musixmatch Lyrics for YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfenjblodoldnbiddmggcbkcapiolbig [2016-03-25]
CHR Extension: (Google Docs Offline) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (AdBlock) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-17]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-03-25]
CHR Extension: (YouTube) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm [2016-04-17]
CHR Extension: (GMT/UTC Clock) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiboebkhioapbcogmjkkjbpgbgjlodj [2016-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (My Chrome Theme) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-03-25]
CHR Extension: (Sleep Timer) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooopjafkemmggfcolfglbmknanpcpgji [2016-03-25]
CHR Extension: (World Clocks 2) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej [2016-03-25]
CHR Extension: (Gmail) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-18]
CHR Extension: (Canvas Rider) - C:\Users\Penne\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2016-03-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2519904 2016-03-18] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-23] (Gigabyte Technology CO., LTD.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-20] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [490256 2013-01-23] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-18] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-03-18] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2016-03-18] (ESET)
R3 etocdrv; C:\Windows\etocdrv.sys [15584 2013-10-31] (Giga-Byte Technology CO., LTD.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-03-20] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-01] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 ROCCATKV; C:\Windows\System32\DRIVERS\ROCCATKV.SYS [578560 2013-11-06] (C-Media Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-04-17] ()
R1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] ()
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-17 01:48 - 2016-04-17 01:49 - 00000000 ____D C:\FRST
2016-04-17 01:26 - 2016-04-17 01:41 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-04-17 01:26 - 2016-04-17 01:41 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-17 01:13 - 2016-04-17 01:13 - 00046778 _____ C:\ComboFix.txt
2016-04-17 01:09 - 2016-04-17 01:13 - 00000000 ____D C:\Windows\erdnt
2016-04-17 01:09 - 2016-04-17 01:13 - 00000000 ____D C:\Qoobox
2016-04-17 01:09 - 2011-06-26 09:45 - 00256000 _____ C:\Windows\PEV.exe
2016-04-17 01:09 - 2010-11-07 20:20 - 00208896 _____ C:\Windows\MBR.exe
2016-04-17 01:09 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-04-17 01:09 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-04-17 01:09 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-04-17 01:09 - 2000-08-31 03:00 - 00098816 _____ C:\Windows\sed.exe
2016-04-17 01:09 - 2000-08-31 03:00 - 00080412 _____ C:\Windows\grep.exe
2016-04-17 01:09 - 2000-08-31 03:00 - 00068096 _____ C:\Windows\zip.exe
2016-04-16 18:36 - 2016-04-16 18:36 - 00000000 ____D C:\Windows\system32\appmgmt
2016-04-16 18:29 - 2016-04-16 18:29 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\C4M
2016-04-16 17:21 - 2016-04-16 17:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 17:21 - 2016-04-16 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-16 17:21 - 2016-04-16 17:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-16 17:21 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-16 17:21 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-16 17:21 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-16 17:16 - 2016-04-16 18:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-04-16 11:54 - 2016-04-16 18:34 - 00000000 ____D C:\Users\Penne\AppData\Local\Battleplans
2016-04-15 14:20 - 2016-04-15 19:20 - 00000000 ____D C:\Users\Penne\.flashTool
2016-04-15 14:20 - 2016-04-15 19:03 - 00000000 ____D C:\Users\Penne\.oracle_jre_usage
2016-04-15 14:20 - 2016-04-15 14:20 - 00000000 ____D C:\Users\Penne\.swt
2016-04-15 14:19 - 2016-04-15 14:19 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2016-04-15 14:18 - 2016-04-15 14:20 - 00000000 ____D C:\Flashtool
2016-04-13 23:25 - 2016-04-13 23:25 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2016-04-13 23:25 - 2016-04-13 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh
2016-04-13 23:24 - 2016-04-13 23:32 - 00000000 ____D C:\Users\Penne\AppData\Roaming\BSplayer PRO
2016-04-13 23:24 - 2016-04-13 23:25 - 00000000 ____D C:\Program Files (x86)\BSplayerPro
2016-04-13 17:11 - 2016-03-29 20:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:11 - 2016-03-06 21:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:11 - 2016-03-06 21:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:11 - 2016-03-06 21:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:11 - 2016-03-06 21:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 16:51 - 2016-03-31 22:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 16:51 - 2016-03-31 21:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 16:51 - 2016-03-31 03:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 16:51 - 2016-03-31 03:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 16:51 - 2016-03-31 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 16:51 - 2016-03-31 03:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 16:51 - 2016-03-31 03:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 16:51 - 2016-03-31 03:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 16:51 - 2016-03-31 03:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 16:51 - 2016-03-31 03:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 16:51 - 2016-03-31 03:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 16:51 - 2016-03-31 03:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 16:51 - 2016-03-31 03:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 16:51 - 2016-03-31 03:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 16:51 - 2016-03-31 03:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 16:51 - 2016-03-31 03:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 16:51 - 2016-03-31 03:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 16:51 - 2016-03-31 03:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 16:51 - 2016-03-31 03:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 16:51 - 2016-03-31 03:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 16:51 - 2016-03-31 03:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 16:51 - 2016-03-31 03:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 16:51 - 2016-03-31 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 16:51 - 2016-03-31 03:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 16:51 - 2016-03-31 02:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 16:51 - 2016-03-31 02:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 16:51 - 2016-03-31 02:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 16:51 - 2016-03-31 02:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 16:51 - 2016-03-31 02:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 16:51 - 2016-03-31 02:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 16:51 - 2016-03-31 02:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 16:51 - 2016-03-31 02:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 16:51 - 2016-03-31 02:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 16:51 - 2016-03-31 02:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 16:51 - 2016-03-31 02:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 16:51 - 2016-03-31 02:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 16:51 - 2016-03-31 02:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 16:51 - 2016-03-31 02:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 16:51 - 2016-03-31 02:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 16:51 - 2016-03-31 02:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 16:51 - 2016-03-31 02:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 16:51 - 2016-03-31 02:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 16:51 - 2016-03-31 02:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 16:51 - 2016-03-31 02:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 16:51 - 2016-03-31 02:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 16:51 - 2016-03-31 02:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 16:51 - 2016-03-31 02:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 16:51 - 2016-03-31 02:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 16:51 - 2016-03-31 02:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 16:51 - 2016-03-31 02:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 16:51 - 2016-03-31 02:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 16:51 - 2016-03-31 02:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 16:51 - 2016-03-31 02:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 16:51 - 2016-03-31 02:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 16:51 - 2016-03-31 02:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 16:51 - 2016-03-31 02:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 16:51 - 2016-03-31 02:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 16:51 - 2016-03-31 02:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 16:51 - 2016-03-31 02:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 16:51 - 2016-03-31 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 16:51 - 2016-03-31 02:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 16:51 - 2016-03-31 02:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 16:51 - 2016-03-31 02:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 16:51 - 2016-03-31 02:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 16:51 - 2016-03-31 02:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 16:51 - 2016-03-31 02:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 16:51 - 2016-03-18 02:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 16:51 - 2016-03-18 02:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 16:51 - 2016-03-18 02:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 16:51 - 2016-03-18 02:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 16:51 - 2016-03-18 02:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 16:51 - 2016-03-18 02:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 16:51 - 2016-03-18 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 16:51 - 2016-03-18 01:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 16:51 - 2016-03-18 01:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 16:51 - 2016-03-18 01:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 16:51 - 2016-03-18 01:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 16:51 - 2016-03-18 01:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 16:51 - 2016-03-18 01:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 16:51 - 2016-03-18 01:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 16:51 - 2016-03-18 01:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 16:51 - 2016-03-18 01:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 16:51 - 2016-03-18 01:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 16:51 - 2016-03-18 01:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 16:51 - 2016-03-18 01:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 16:51 - 2016-03-18 01:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 16:51 - 2016-03-18 01:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 16:51 - 2016-03-18 01:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 16:51 - 2016-03-18 01:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 16:51 - 2016-03-18 01:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 16:51 - 2016-03-18 01:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 16:51 - 2016-03-18 01:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 16:51 - 2016-03-18 01:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 16:51 - 2016-03-18 01:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 16:51 - 2016-03-18 01:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 16:51 - 2016-03-18 01:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 16:51 - 2016-03-18 01:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 16:51 - 2016-03-18 01:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 16:51 - 2016-03-18 01:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 16:51 - 2016-03-18 01:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 16:51 - 2016-03-18 01:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 16:51 - 2016-03-18 01:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 16:51 - 2016-03-18 01:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 16:51 - 2016-03-18 01:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 16:51 - 2016-03-18 01:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 16:51 - 2016-03-18 01:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 16:51 - 2016-03-18 01:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 16:51 - 2016-03-18 01:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 16:51 - 2016-03-18 01:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 00:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 16:51 - 2016-03-18 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 16:51 - 2016-03-18 00:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 16:51 - 2016-03-18 00:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 16:51 - 2016-03-18 00:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 16:51 - 2016-03-18 00:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 16:51 - 2016-03-18 00:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 16:51 - 2016-03-18 00:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 16:51 - 2016-03-18 00:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 16:51 - 2016-03-18 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 16:51 - 2016-03-18 00:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 16:51 - 2016-03-18 00:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 16:51 - 2016-03-18 00:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 16:51 - 2016-03-18 00:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 16:51 - 2016-03-18 00:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 16:51 - 2016-03-18 00:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 16:51 - 2016-03-18 00:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 16:51 - 2016-03-18 00:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 00:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 00:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 16:51 - 2016-03-18 00:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 16:51 - 2016-03-16 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 16:51 - 2016-03-16 21:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 16:51 - 2016-03-16 21:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 16:51 - 2016-03-16 03:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 16:51 - 2016-03-16 03:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 16:51 - 2016-03-16 02:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 16:51 - 2016-03-11 21:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 16:51 - 2016-03-11 21:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-09 20:11 - 2016-04-16 18:36 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\Adblock Plus for IE
2016-04-09 01:12 - 2016-04-04 21:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-09 01:12 - 2016-04-04 21:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-09 01:12 - 2016-04-02 16:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-07 23:04 - 2016-04-07 23:04 - 00000000 ____D C:\Users\Penne\AppData\Local\GWX
2016-04-07 14:43 - 2016-04-16 10:07 - 00000000 ____D C:\AdwCleaner
2016-04-07 14:19 - 2016-04-07 14:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-04-07 14:18 - 2016-03-23 17:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-07 14:18 - 2016-03-17 21:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-07 14:18 - 2016-03-17 21:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-07 14:18 - 2016-03-17 21:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-07 14:18 - 2016-03-17 21:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-03 00:57 - 2016-04-03 00:57 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-04-02 14:15 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-02 14:15 - 2016-03-22 05:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-04-02 14:14 - 2016-03-22 07:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-04-02 14:14 - 2016-03-22 07:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00473592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-04-02 14:14 - 2016-03-22 07:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-04-02 14:14 - 2016-03-22 07:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-04-02 14:10 - 2016-03-21 23:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-04-02 14:10 - 2016-03-21 23:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-02 14:10 - 2016-03-21 23:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-04-01 23:50 - 2016-04-01 23:50 - 00000000 ____D C:\ProgramData\Steam
2016-04-01 23:19 - 2016-04-01 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2016-03-31 21:05 - 2016-03-31 21:05 - 00000000 ____D C:\Users\Penne\AppData\Roaming\LolScreenSaver
2016-03-31 21:05 - 2016-03-31 21:05 - 00000000 ____D C:\Riot Games
2016-03-31 15:17 - 2016-03-31 15:26 - 00000000 ____D C:\ProgramData\TrackmaniaTurbo
2016-03-31 15:15 - 2016-03-31 15:15 - 00000000 ____D C:\Users\Penne\Documents\Lightshot
2016-03-31 15:08 - 2016-03-31 15:18 - 00000000 ____D C:\Users\Penne\Documents\TrackmaniaTurbo
2016-03-31 15:07 - 2016-03-31 15:21 - 00000000 ____D C:\Users\Penne\AppData\Local\Ubisoft Game Launcher
2016-03-31 15:07 - 2016-03-31 15:07 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-03-31 15:07 - 2016-03-31 15:07 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-03-31 14:31 - 2016-03-31 14:31 - 00000000 ____D C:\Users\Penne\AppData\Local\Trove
2016-03-31 14:30 - 2016-04-16 18:36 - 00000000 ____D C:\Users\Penne\AppData\Local\Glyph
2016-03-31 14:30 - 2016-03-31 14:32 - 00000000 ____D C:\ProgramData\Glyph
2016-03-31 14:30 - 2016-03-31 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2016-03-30 21:25 - 2016-03-30 21:25 - 03721216 _____ C:\Windows\SysWOW64\lol.scr
2016-03-26 22:19 - 2016-03-26 22:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-03-26 21:11 - 2016-03-26 21:12 - 00000000 ____D C:\Users\Penne\Documents\Project CARS
2016-03-26 21:11 - 2016-03-26 21:11 - 00000000 ____D C:\Users\Penne\Documents\wmd_symbol_cache
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-25 20:03 - 2016-03-25 20:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-03-25 19:04 - 2016-03-25 19:04 - 00000000 ____D C:\Program Files\USB Drivers
2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WugFresh Development
2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Users\Penne\.android
2016-03-25 17:33 - 2016-03-25 17:33 - 00000000 ____D C:\Program Files (x86)\Bacon Root Toolkit
2016-03-25 16:37 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\Adobe
2016-03-25 16:36 - 2016-03-25 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-03-25 16:36 - 2016-03-25 16:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-25 16:36 - 2016-03-25 16:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-25 16:33 - 2016-03-25 16:38 - 00000000 ____D C:\ProgramData\Adobe
2016-03-25 16:32 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\Local\Adobe
2016-03-25 14:16 - 2016-03-25 14:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-03-25 14:07 - 2016-03-25 20:40 - 00000000 ____D C:\Users\Penne\AppData\Roaming\MusicBee
2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
2016-03-25 14:07 - 2016-03-25 14:07 - 00000000 ____D C:\Program Files (x86)\MusicBee
2016-03-24 16:49 - 2016-03-24 16:49 - 00000000 ____D C:\Users\Penne\AppData\Local\TeamViewer
2016-03-24 16:48 - 2016-03-24 16:59 - 00000000 ____D C:\Users\Penne\AppData\Roaming\TeamViewer
2016-03-24 16:48 - 2016-03-24 16:48 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-24 16:48 - 2016-03-24 16:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-21 11:10 - 2015-12-20 21:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-03-21 11:10 - 2015-12-20 21:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-03-21 11:10 - 2015-12-20 17:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-03-21 11:04 - 2014-12-11 20:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-03-21 03:11 - 2015-07-16 22:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-03-21 03:11 - 2015-07-16 22:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-03-21 03:11 - 2015-07-16 22:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-03-21 03:11 - 2015-07-16 22:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-03-21 03:11 - 2015-07-16 22:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-03-21 03:11 - 2015-07-16 22:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-03-21 03:11 - 2015-07-11 16:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-03-21 01:04 - 2016-04-17 00:50 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job
2016-03-21 01:04 - 2016-04-16 21:50 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2016-03-21 01:04 - 2016-03-21 01:04 - 00003284 _____ C:\Windows\System32\Tasks\update-sys
2016-03-21 01:04 - 2016-03-21 01:04 - 00003262 _____ C:\Windows\System32\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000
2016-03-21 01:04 - 2016-03-21 01:04 - 00000424 _____ C:\Users\Penne\AppData\Local\UserProducts.xml
2016-03-21 01:04 - 2016-03-21 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-03-21 01:04 - 2016-03-21 01:04 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-03-20 22:27 - 2016-03-20 22:27 - 00000316 _____ C:\Users\Penne\AppData\Roaming\redirect2.dat
2016-03-20 22:22 - 2013-10-02 05:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-03-20 22:22 - 2013-10-02 05:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-03-20 22:22 - 2013-10-02 05:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-03-20 22:22 - 2013-10-02 04:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-03-20 22:22 - 2013-10-02 04:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-03-20 22:22 - 2013-10-02 04:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-03-20 22:22 - 2013-10-02 03:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-03-20 22:22 - 2013-10-02 03:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-03-20 22:22 - 2013-10-02 02:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-03-20 22:22 - 2013-10-02 01:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-03-20 22:21 - 2016-03-20 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-20 22:21 - 2012-08-23 17:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-03-20 22:21 - 2012-08-23 17:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-03-20 22:21 - 2012-08-23 14:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-03-20 22:21 - 2012-08-23 13:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-03-20 22:20 - 2016-03-20 22:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-20 22:20 - 2016-03-20 22:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-03-20 22:20 - 2016-02-05 21:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-20 22:20 - 2016-02-05 21:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-20 22:20 - 2016-02-05 20:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-20 22:20 - 2016-02-02 21:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-20 22:20 - 2016-02-01 22:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-20 22:20 - 2016-02-01 21:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-20 22:20 - 2016-02-01 21:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-20 22:20 - 2016-02-01 21:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-20 22:20 - 2016-02-01 21:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-20 22:20 - 2016-02-01 21:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-20 22:20 - 2016-02-01 21:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-20 22:20 - 2016-02-01 21:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-20 22:20 - 2016-02-01 21:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-20 22:20 - 2016-02-01 21:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-20 22:20 - 2016-01-21 03:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-20 22:20 - 2015-12-16 21:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-03-20 22:20 - 2015-12-16 21:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-03-20 22:20 - 2015-12-16 21:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-03-20 22:20 - 2015-12-16 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-03-20 22:20 - 2015-12-16 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-03-20 22:20 - 2015-12-16 21:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-03-20 22:20 - 2015-12-16 17:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-03-20 22:20 - 2015-12-16 17:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-03-20 22:20 - 2015-08-05 20:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-03-20 22:20 - 2015-08-05 20:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-03-20 22:20 - 2015-06-03 23:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-20 15:08 - 2016-03-20 15:08 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-03-20 15:08 - 2016-03-20 15:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-03-20 15:02 - 2016-03-20 15:02 - 00000000 ____D C:\Users\Penne\AppData\LocalLow\CampoSanto
2016-03-20 14:34 - 2016-03-20 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-03-20 13:54 - 2016-03-20 13:54 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Firewatch_Uninstall
2016-03-20 13:54 - 2016-03-20 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-03-20 13:16 - 2016-03-20 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V Phantom Pain
2016-03-20 11:18 - 2016-03-20 11:18 - 00000009 _____ C:\Users\Penne\AppData\Roaming\update.dat
2016-03-20 03:18 - 2016-03-20 03:18 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Steam
2016-03-20 03:18 - 2016-03-20 03:18 - 00000000 ____D C:\Users\Penne\AppData\Local\Fallout4
2016-03-20 03:16 - 2016-03-20 03:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-20 03:15 - 2016-03-25 20:45 - 00000000 ____D C:\Windows\PCHEALTH
2016-03-20 03:15 - 2016-03-20 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-03-20 03:15 - 2016-03-20 03:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-03-20 03:14 - 2016-03-21 02:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Users\Penne\AppData\Local\Microsoft Help
2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-20 03:14 - 2016-03-20 03:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-03-20 03:13 - 2016-03-20 03:13 - 00000000 ___RD C:\MSOCache
2016-03-20 03:05 - 2016-03-20 03:05 - 00000000 ____D C:\Program Files (x86)\DAMN NFO Viewer
2016-03-20 03:02 - 2016-03-20 03:03 - 00000000 ____D C:\Program Files (x86)\NFOlux
2016-03-20 03:02 - 2016-03-20 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFOlux
2016-03-20 03:00 - 2016-03-20 03:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2016-03-20 02:46 - 2016-03-20 02:46 - 00000000 ____D C:\Users\Penne\AppData\Local\Disc_Soft_Ltd
2016-03-20 02:43 - 2016-03-20 02:43 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-03-20 02:43 - 2016-03-20 02:43 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-20 02:42 - 2016-03-20 02:45 - 00000000 ____D C:\Users\Penne\AppData\Roaming\DAEMON Tools Lite
2016-03-20 02:42 - 2016-03-20 02:43 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-03-20 02:42 - 2016-03-20 02:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-03-20 02:42 - 2016-03-20 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-20 02:42 - 2016-03-20 02:42 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-03-20 02:21 - 2013-11-26 11:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-03-20 02:21 - 2013-11-23 01:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-03-20 02:04 - 2016-03-20 02:04 - 00049584 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-03-20 02:03 - 2016-03-20 02:03 - 00001480 _____ C:\Windows\system32\.crusader
2016-03-20 01:14 - 2016-03-20 01:14 - 00005120 _____ C:\Users\Penne\AppData\Roaming\GiftBag.db
2016-03-20 01:14 - 2016-03-20 01:14 - 00003698 _____ C:\Windows\System32\Tasks\GTNU_635940224626022571
2016-03-20 01:14 - 2016-03-20 01:14 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-20 01:14 - 2016-03-20 01:14 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-19 23:00 - 2016-03-19 23:00 - 00000000 ____D C:\Users\Penne\AppData\Local\ESET
2016-03-19 20:00 - 2016-03-19 20:00 - 00000000 ____D C:\Users\Penne\Documents\League of Legends
2016-03-19 19:55 - 2016-03-19 19:55 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Macromedia
2016-03-19 19:46 - 2015-07-30 21:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-03-19 19:46 - 2015-07-30 20:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-03-19 18:41 - 2015-12-09 00:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-03-19 18:41 - 2015-12-08 22:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-03-19 18:41 - 2015-11-10 21:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-03-19 18:41 - 2015-11-10 21:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-03-19 18:41 - 2015-11-10 21:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-03-19 18:41 - 2015-02-03 06:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-03-19 18:41 - 2015-02-03 06:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-03-19 18:30 - 2015-02-04 06:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-03-19 18:30 - 2015-02-04 05:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-03-19 18:00 - 2016-04-09 01:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-19 18:00 - 2016-03-19 18:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-03-19 17:53 - 2015-07-30 16:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-19 17:53 - 2015-07-30 16:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-19 17:52 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-03-19 17:51 - 2016-03-19 17:51 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-03-19 17:51 - 2016-03-19 17:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-03-19 17:51 - 2016-03-19 17:51 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-03-19 17:51 - 2016-03-19 17:51 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-03-19 17:51 - 2016-03-19 17:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-03-19 17:51 - 2016-03-19 17:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-19 17:51 - 2016-03-19 17:51 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-03-19 17:50 - 2016-03-19 17:50 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-19 17:50 - 2016-03-19 17:50 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-03-19 13:41 - 2014-07-09 05:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-03-19 13:41 - 2014-07-09 05:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-03-19 13:41 - 2014-07-09 04:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-03-19 13:41 - 2014-07-09 04:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-03-19 13:41 - 2014-07-09 04:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-03-19 13:39 - 2011-03-11 09:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2016-03-19 13:39 - 2011-03-11 09:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-03-19 13:39 - 2011-03-11 09:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-03-19 13:39 - 2011-03-11 09:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-03-19 13:39 - 2011-03-11 09:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2016-03-19 13:39 - 2011-03-11 09:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-03-19 13:39 - 2011-03-11 09:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2016-03-19 13:39 - 2011-03-11 08:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-03-19 13:39 - 2011-03-11 08:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2016-03-19 13:38 - 2015-06-03 23:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-03-19 04:16 - 2016-03-24 18:13 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-19 04:16 - 2016-03-24 18:13 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-18 19:04 - 2016-03-18 19:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2016-03-18 18:37 - 2012-07-26 06:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-03-18 18:37 - 2012-07-26 06:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-03-18 18:37 - 2012-07-26 06:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-03-18 18:37 - 2012-07-26 06:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-03-18 18:37 - 2012-07-26 06:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-03-18 18:37 - 2012-07-26 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-03-18 18:37 - 2012-07-26 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-03-18 18:37 - 2012-06-02 17:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-03-18 18:29 - 2012-03-01 09:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-03-18 18:29 - 2012-03-01 09:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-03-18 18:29 - 2012-03-01 08:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-03-18 18:24 - 2016-04-13 23:47 - 00000000 ____D C:\Windows\system32\MRT
2016-03-18 18:24 - 2016-04-13 23:45 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-18 18:22 - 2014-07-01 01:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-03-18 18:22 - 2014-07-01 01:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-03-18 18:22 - 2014-06-06 09:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-03-18 18:22 - 2014-06-06 09:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-03-18 18:22 - 2014-03-10 00:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-03-18 18:22 - 2014-03-10 00:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-03-18 18:22 - 2014-03-10 00:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-03-18 18:22 - 2014-03-10 00:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-03-18 17:12 - 2016-03-26 21:13 - 00000000 ____D C:\Users\Penne\AppData\Roaming\NVIDIA
2016-03-18 17:12 - 2016-03-18 17:12 - 00000000 ____D C:\Users\Penne\AppData\Local\Uber Entertainment
2016-03-18 16:36 - 2016-04-16 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-03-18 16:36 - 2016-03-18 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A2A Simulations
2016-03-18 14:57 - 2015-01-09 06:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-03-18 14:57 - 2015-01-09 06:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-03-18 14:57 - 2015-01-09 06:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-03-18 14:57 - 2015-01-09 05:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-03-18 14:56 - 2014-12-19 06:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-03-18 14:56 - 2014-06-19 01:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-03-18 14:55 - 2015-07-15 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-03-18 14:55 - 2014-10-14 05:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-03-18 14:55 - 2014-01-29 05:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-18 14:55 - 2014-01-29 05:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-18 14:55 - 2013-10-12 05:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-18 14:55 - 2013-10-12 05:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-18 14:55 - 2013-10-12 05:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-18 14:55 - 2013-10-12 05:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-18 14:55 - 2013-10-12 05:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-18 14:55 - 2013-08-28 04:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-03-18 14:55 - 2012-06-06 09:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-03-18 14:55 - 2012-06-06 08:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-03-18 14:55 - 2011-12-30 09:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-03-18 14:55 - 2011-12-30 08:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-03-18 14:54 - 2016-01-06 22:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-03-18 14:54 - 2016-01-06 22:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-03-18 14:54 - 2016-01-06 21:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-03-18 14:54 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-03-18 14:54 - 2015-11-14 02:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-03-18 14:54 - 2015-11-14 02:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-03-18 14:54 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-03-18 14:54 - 2015-11-14 01:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-03-18 14:54 - 2015-11-14 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-03-18 14:54 - 2015-08-05 20:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-03-18 14:54 - 2015-07-15 21:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-03-18 14:54 - 2015-07-15 21:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-03-18 14:54 - 2015-07-15 21:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-03-18 14:54 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-03-18 14:54 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-03-18 14:54 - 2015-04-13 06:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-03-18 14:54 - 2014-01-28 05:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-03-18 14:54 - 2013-10-30 05:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-03-18 14:54 - 2013-10-30 05:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-03-18 14:54 - 2013-03-19 08:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-03-18 14:54 - 2012-10-09 21:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-03-18 14:54 - 2012-10-09 21:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-03-18 14:54 - 2012-10-09 20:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-03-18 14:54 - 2012-10-09 20:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-03-18 14:54 - 2011-06-16 08:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2016-03-18 14:54 - 2011-06-16 07:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2016-03-18 14:54 - 2011-06-15 13:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2016-03-18 14:54 - 2011-06-15 13:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2016-03-18 14:54 - 2011-06-15 13:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2016-03-18 14:54 - 2011-06-15 13:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2016-03-18 14:54 - 2011-06-15 11:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2016-03-18 14:54 - 2011-06-15 11:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2016-03-18 14:54 - 2011-06-15 11:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2016-03-18 14:54 - 2011-06-15 11:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2016-03-18 14:54 - 2011-06-15 11:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2016-03-18 14:54 - 2010-12-23 13:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-03-18 14:54 - 2010-12-23 13:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2016-03-18 14:54 - 2010-12-23 08:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-03-18 14:54 - 2010-12-23 08:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2016-03-18 14:53 - 2015-11-19 17:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-18 14:53 - 2015-11-19 17:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-18 14:53 - 2015-11-03 22:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-03-18 14:53 - 2015-11-03 21:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-03-18 14:53 - 2015-05-25 21:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-03-18 14:53 - 2015-05-25 21:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-03-18 14:53 - 2015-05-25 21:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-03-18 14:53 - 2015-05-25 21:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-03-18 14:53 - 2015-05-25 21:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-03-18 14:53 - 2015-05-25 21:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-03-18 14:53 - 2015-05-25 21:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-03-18 14:53 - 2015-05-25 21:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-03-18 14:53 - 2015-05-25 21:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-03-18 14:53 - 2015-05-25 21:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-03-18 14:53 - 2015-05-25 21:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-03-18 14:53 - 2015-05-25 21:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-03-18 14:53 - 2015-03-19 02:39 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-18 14:53 - 2015-02-03 06:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-03-18 14:53 - 2015-02-03 06:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-03-18 14:53 - 2015-02-03 06:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-03-18 14:53 - 2015-02-03 06:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-03-18 14:53 - 2015-02-03 06:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-03-18 14:53 - 2015-02-03 06:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-03-18 14:53 - 2015-02-03 06:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-03-18 14:53 - 2015-02-03 06:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-03-18 14:53 - 2015-02-03 06:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-03-18 14:53 - 2015-02-03 06:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-03-18 14:53 - 2015-02-03 06:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-03-18 14:53 - 2015-02-03 06:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-03-18 14:53 - 2015-02-03 06:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-03-18 14:53 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-03-18 14:53 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-03-18 14:53 - 2014-06-28 03:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-03-18 14:53 - 2012-01-04 13:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-03-18 14:53 - 2012-01-04 11:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-03-18 14:53 - 2011-11-17 09:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-03-18 14:53 - 2011-11-17 08:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-03-18 14:53 - 2011-05-04 08:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-03-18 14:53 - 2011-05-04 08:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-03-18 14:53 - 2011-05-04 08:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-03-18 14:53 - 2011-05-04 08:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-03-18 14:53 - 2011-05-04 08:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-03-18 14:53 - 2011-05-04 08:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-03-18 14:53 - 2011-05-04 08:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-03-18 14:53 - 2011-05-04 08:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-03-18 14:53 - 2011-05-04 08:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-03-18 14:53 - 2011-05-04 07:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-03-18 14:53 - 2011-05-04 07:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-03-18 14:53 - 2011-05-04 07:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-03-18 14:53 - 2011-05-04 07:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-03-18 14:53 - 2011-05-04 07:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-03-18 14:53 - 2011-05-04 07:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-03-18 14:53 - 2011-05-04 07:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-03-18 14:53 - 2011-05-04 07:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-03-18 14:53 - 2011-05-04 07:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-03-18 14:26 - 2015-07-09 20:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-03-18 14:26 - 2015-07-09 20:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-03-18 14:26 - 2015-07-09 20:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-03-18 14:26 - 2015-07-09 20:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-03-18 14:25 - 2013-10-19 05:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-03-18 14:25 - 2013-10-19 04:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-03-18 14:22 - 2014-04-05 05:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-03-18 14:22 - 2014-04-05 05:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-03-18 14:22 - 2013-11-26 14:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-18 14:10 - 2016-03-18 15:09 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orbx
2016-03-18 14:10 - 2016-03-18 15:09 - 00000000 ____D C:\Users\Penne\AppData\Local\Orbx
2016-03-18 14:10 - 2016-03-18 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbx
2016-03-18 14:05 - 2016-03-18 14:05 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-03-18 14:05 - 2016-03-18 14:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-03-18 14:01 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-18 14:01 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-18 14:01 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-18 14:01 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-18 14:01 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-18 14:01 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-18 14:01 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-18 14:01 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-18 14:01 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-18 14:01 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-18 14:01 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-18 14:01 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-18 14:01 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-18 14:01 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-18 14:01 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-18 14:01 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-18 14:01 - 2014-12-06 07:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-03-18 14:01 - 2014-12-06 06:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-03-18 14:01 - 2014-12-06 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-03-18 14:00 - 2015-11-10 21:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-03-18 14:00 - 2015-11-10 21:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-03-18 14:00 - 2015-02-03 06:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-03-18 14:00 - 2015-02-03 06:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-03-18 14:00 - 2015-01-29 06:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-03-18 14:00 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-03-18 14:00 - 2014-06-18 05:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-03-18 14:00 - 2014-06-18 04:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-03-18 14:00 - 2013-10-04 05:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-03-18 14:00 - 2013-10-04 05:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-03-18 14:00 - 2013-10-04 04:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-03-18 14:00 - 2013-10-04 04:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-03-18 14:00 - 2013-08-05 05:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-03-18 13:59 - 2016-02-03 21:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-18 13:59 - 2016-01-11 22:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-18 13:59 - 2015-07-01 23:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-03-18 13:59 - 2015-07-01 23:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-03-18 13:59 - 2015-07-01 23:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-03-18 13:59 - 2015-07-01 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-03-18 13:59 - 2015-04-24 21:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-03-18 13:59 - 2015-04-24 20:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-03-18 13:59 - 2013-12-04 05:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-03-18 13:59 - 2013-12-04 05:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-03-18 13:59 - 2013-12-04 05:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-03-18 13:59 - 2013-12-04 05:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-03-18 13:59 - 2013-12-04 05:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-03-18 13:59 - 2013-12-04 05:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-03-18 13:59 - 2013-12-04 05:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-03-18 13:59 - 2013-12-04 05:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-03-18 13:59 - 2013-12-04 05:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-03-18 13:59 - 2013-12-04 05:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-03-18 13:59 - 2013-12-04 05:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-03-18 13:59 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-03-18 13:59 - 2013-12-04 05:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-03-18 13:59 - 2013-12-04 05:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-03-18 13:59 - 2013-12-04 04:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-03-18 13:59 - 2013-12-04 04:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-03-18 13:59 - 2013-12-04 04:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-03-18 13:59 - 2013-12-04 04:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-03-18 13:59 - 2013-11-27 04:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-03-18 13:59 - 2013-11-27 04:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-03-18 13:59 - 2013-11-27 04:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-03-18 13:59 - 2013-11-27 04:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-18 13:59 - 2013-11-27 04:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-03-18 13:59 - 2013-04-26 02:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-03-18 13:59 - 2013-04-01 01:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-03-18 13:59 - 2013-02-12 07:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-03-18 13:59 - 2012-07-04 23:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2016-03-18 13:59 - 2011-03-11 09:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-03-18 13:59 - 2011-03-11 09:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-03-18 13:59 - 2011-03-11 08:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-03-18 13:59 - 2011-03-11 08:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-03-18 13:58 - 2016-02-05 04:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-18 13:58 - 2016-02-04 21:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-18 13:58 - 2016-02-03 21:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-18 13:58 - 2016-02-03 21:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-18 13:58 - 2016-02-03 21:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-18 13:58 - 2016-02-03 21:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-18 13:58 - 2016-01-07 20:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-03-18 13:58 - 2015-11-11 21:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-18 13:58 - 2015-11-11 21:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-03-18 13:58 - 2015-11-11 21:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-18 13:58 - 2015-11-11 21:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-03-18 13:58 - 2015-11-05 22:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-03-18 13:58 - 2015-11-05 22:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-03-18 13:58 - 2015-11-05 12:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-03-18 13:58 - 2015-09-15 00:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-18 13:58 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-03-18 13:58 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-03-18 13:58 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-03-18 13:58 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-03-18 13:58 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-03-18 13:58 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-03-18 13:58 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-03-18 13:58 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-03-18 13:58 - 2013-07-12 13:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-03-18 13:58 - 2013-07-12 13:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2016-03-18 13:58 - 2013-07-03 07:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-03-18 13:58 - 2013-07-03 07:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-03-18 13:58 - 2013-06-26 01:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-03-18 13:58 - 2012-11-29 01:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-03-18 13:58 - 2012-11-29 01:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-03-18 13:58 - 2012-11-29 01:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-03-18 13:58 - 2012-10-03 20:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-03-18 13:58 - 2012-10-03 20:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-03-18 13:58 - 2012-10-03 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-03-18 13:58 - 2012-10-03 20:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-03-18 13:58 - 2012-10-03 20:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-03-18 13:58 - 2012-10-03 19:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-03-18 13:58 - 2012-10-03 19:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-03-18 13:58 - 2012-10-03 19:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-03-18 13:57 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-18 13:57 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-18 13:57 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-18 13:57 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-18 13:57 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-18 13:57 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-18 13:57 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-18 13:57 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-18 13:57 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-18 13:57 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-18 13:57 - 2015-10-29 20:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-03-18 13:57 - 2015-10-29 20:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-03-18 13:57 - 2015-10-29 20:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-03-18 13:57 - 2015-10-29 20:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-03-18 13:57 - 2015-10-29 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-03-18 13:57 - 2015-10-29 20:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-03-18 13:57 - 2015-10-29 20:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-03-18 13:57 - 2015-10-13 19:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-03-18 13:57 - 2015-10-13 19:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-03-18 13:57 - 2015-07-23 03:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-18 13:57 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-03-18 13:57 - 2015-07-22 20:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-03-18 13:57 - 2015-07-22 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-03-18 13:57 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-03-18 13:57 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-03-18 13:57 - 2014-03-04 12:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-03-18 13:57 - 2014-03-04 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-03-18 13:57 - 2014-03-04 12:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-03-18 13:57 - 2014-03-04 12:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-03-18 13:57 - 2014-03-04 12:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-03-18 13:57 - 2014-03-04 12:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-03-18 13:57 - 2014-03-04 12:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-03-18 13:57 - 2014-03-04 12:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-03-18 13:57 - 2012-11-02 08:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-03-18 13:57 - 2012-11-02 08:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-03-18 13:57 - 2012-08-22 00:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2016-03-18 13:57 - 2011-03-03 09:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-03-18 13:57 - 2011-03-03 09:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-03-18 13:57 - 2011-03-03 09:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2016-03-18 13:57 - 2011-03-03 08:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-03-18 13:57 - 2011-03-03 08:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2016-03-18 13:56 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-03-18 13:56 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-03-18 13:56 - 2015-07-09 20:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-03-18 13:56 - 2014-08-12 05:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-03-18 13:56 - 2014-08-12 04:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-03-18 13:56 - 2014-06-16 05:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-03-18 13:56 - 2013-04-10 09:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-03-18 13:56 - 2011-04-29 06:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-18 13:56 - 2011-04-29 06:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-03-18 13:56 - 2011-04-29 06:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-03-18 13:56 - 2011-02-03 14:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-03-18 13:55 - 2015-12-09 00:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-03-18 13:55 - 2015-12-08 22:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-03-18 13:55 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-03-18 13:55 - 2015-02-18 10:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-03-18 13:55 - 2014-11-11 06:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-03-18 13:55 - 2014-11-11 05:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-03-18 13:55 - 2013-09-08 05:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-03-18 13:55 - 2013-09-08 05:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-03-18 13:55 - 2012-12-07 16:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-03-18 13:55 - 2012-12-07 16:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-03-18 13:55 - 2012-12-07 15:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-03-18 13:55 - 2012-12-07 15:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-03-18 13:55 - 2012-12-07 14:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2016-03-18 13:55 - 2012-12-07 14:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2016-03-18 13:55 - 2012-12-07 14:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2016-03-18 13:55 - 2012-12-07 13:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2016-03-18 13:55 - 2012-03-17 10:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-03-18 13:55 - 2011-08-17 08:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-03-18 13:55 - 2011-08-17 08:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-03-18 13:55 - 2011-08-17 07:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-03-18 13:55 - 2011-08-17 07:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-03-18 13:54 - 2016-02-09 12:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-18 13:54 - 2015-12-09 00:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-03-18 13:54 - 2015-12-09 00:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-03-18 13:54 - 2015-12-09 00:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-03-18 13:54 - 2015-12-09 00:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-03-18 13:54 - 2015-12-09 00:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-03-18 13:54 - 2015-12-09 00:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-03-18 13:54 - 2015-12-09 00:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-03-18 13:54 - 2015-12-09 00:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-03-18 13:54 - 2015-12-09 00:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-03-18 13:54 - 2015-12-08 22:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-03-18 13:54 - 2015-12-08 22:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-03-18 13:54 - 2015-12-08 22:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-03-18 13:54 - 2015-12-08 22:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-03-18 13:54 - 2015-12-08 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-03-18 13:54 - 2015-12-08 22:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-03-18 13:54 - 2015-12-08 21:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-03-18 13:54 - 2015-12-08 21:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-03-18 13:54 - 2015-12-08 21:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-03-18 13:54 - 2015-04-11 06:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-03-18 13:54 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-03-18 13:54 - 2014-02-04 05:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-03-18 13:54 - 2014-02-04 05:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-18 13:54 - 2014-02-04 05:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-03-18 13:54 - 2014-02-04 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-03-18 13:54 - 2014-02-04 05:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-03-18 13:54 - 2013-07-26 05:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-03-18 13:54 - 2013-07-26 04:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-03-18 13:54 - 2012-09-26 01:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2016-03-18 13:54 - 2012-09-26 01:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2016-03-18 13:54 - 2011-02-05 20:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2016-03-18 13:54 - 2011-02-05 20:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2016-03-18 13:54 - 2011-02-05 20:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2016-03-18 13:53 - 2016-03-18 16:41 - 00000000 ____D C:\Users\Penne\Documents\Prepar3D v3 Files
2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Lockheed Martin
2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\Users\Penne\AppData\Local\Lockheed Martin
2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2016-03-18 13:53 - 2016-03-18 13:53 - 00000000 ____D C:\ProgramData\Lockheed Martin
2016-03-18 13:53 - 2016-01-22 09:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-03-18 13:53 - 2016-01-22 09:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-03-18 13:53 - 2016-01-22 09:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-03-18 13:53 - 2016-01-22 09:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-03-18 13:53 - 2015-09-23 16:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-03-18 13:53 - 2015-09-23 16:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-03-18 13:53 - 2015-09-23 16:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-03-18 13:53 - 2015-08-27 21:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-03-18 13:53 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-03-18 13:53 - 2015-08-27 20:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-03-18 13:53 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-03-18 13:53 - 2015-01-17 05:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-03-18 13:53 - 2015-01-17 05:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-03-18 13:53 - 2014-10-30 05:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-03-18 13:53 - 2014-10-30 04:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-03-18 13:53 - 2014-09-04 08:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-03-18 13:53 - 2014-09-04 08:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-03-18 13:53 - 2013-04-26 08:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-03-18 13:53 - 2013-04-26 07:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-03-18 13:52 - 2016-02-09 12:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-18 13:52 - 2016-02-09 12:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-18 13:52 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-18 13:52 - 2016-02-09 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-18 13:52 - 2016-02-09 12:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-18 13:52 - 2016-02-09 12:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-18 13:52 - 2016-02-09 12:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-18 13:52 - 2016-02-09 12:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-18 13:52 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-18 13:52 - 2016-02-09 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-18 13:52 - 2016-01-22 09:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-18 13:52 - 2016-01-22 09:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-18 13:52 - 2016-01-22 09:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-18 13:52 - 2016-01-22 09:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-18 13:52 - 2016-01-22 08:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-18 13:52 - 2016-01-22 08:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-18 13:52 - 2014-10-03 05:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-18 13:52 - 2014-10-03 05:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-03-18 13:52 - 2014-10-03 05:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-18 13:52 - 2014-10-03 05:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-18 13:52 - 2014-10-03 05:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-03-18 13:52 - 2014-10-03 04:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-18 13:52 - 2014-10-03 04:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-03-18 13:52 - 2014-10-03 04:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-18 13:52 - 2014-10-03 04:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-18 13:52 - 2014-10-03 04:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-03-18 13:52 - 2012-11-23 06:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-03-18 13:51 - 2015-10-13 07:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-03-18 13:51 - 2014-10-25 04:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-03-18 13:51 - 2014-10-25 04:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-03-18 13:51 - 2014-07-17 05:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-18 13:51 - 2014-07-17 05:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-03-18 13:51 - 2014-07-17 05:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-03-18 13:51 - 2014-07-17 04:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-03-18 13:51 - 2014-07-17 04:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-03-18 13:51 - 2013-05-10 08:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-03-18 13:51 - 2013-05-10 06:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-03-18 13:51 - 2012-07-05 01:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-03-18 13:51 - 2012-07-05 01:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-03-18 13:51 - 2012-07-05 01:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-03-18 13:51 - 2012-07-05 00:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-03-18 13:51 - 2012-07-05 00:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-03-18 13:51 - 2012-04-26 08:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-03-18 13:51 - 2012-04-26 08:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-03-18 13:51 - 2011-05-24 14:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-03-18 13:51 - 2011-05-24 13:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2016-03-18 13:51 - 2011-05-24 13:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2016-03-18 13:51 - 2011-05-24 13:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2016-03-18 13:51 - 2011-05-24 13:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2016-03-18 13:50 - 2015-12-09 00:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-03-18 13:50 - 2015-12-08 22:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-03-18 13:50 - 2015-11-03 22:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-03-18 13:50 - 2015-11-03 21:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-03-18 13:50 - 2015-03-04 07:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-03-18 13:50 - 2015-03-04 07:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-03-18 13:50 - 2015-03-04 07:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-03-18 13:50 - 2014-12-08 06:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-03-18 13:50 - 2014-12-08 05:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-03-18 13:50 - 2013-10-12 05:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-03-18 13:50 - 2013-10-12 05:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-03-18 13:50 - 2013-10-12 05:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-03-18 13:50 - 2013-10-12 05:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-03-18 13:50 - 2013-10-12 04:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-03-18 13:50 - 2013-10-12 04:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-03-18 13:50 - 2013-10-12 04:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-03-18 13:50 - 2013-10-12 04:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-03-18 13:50 - 2013-05-13 08:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-03-18 13:50 - 2013-05-13 06:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-03-18 13:50 - 2013-05-13 06:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-03-18 13:50 - 2013-05-13 06:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-03-18 13:50 - 2013-01-24 09:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-03-18 13:50 - 2012-05-14 08:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-03-18 13:50 - 2012-02-17 09:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-03-18 13:50 - 2012-02-17 08:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-03-18 13:50 - 2012-02-17 07:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-03-18 13:50 - 2011-12-16 11:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2016-03-18 13:50 - 2011-12-16 10:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2016-03-18 13:50 - 2011-08-27 08:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-03-18 13:50 - 2011-08-27 07:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-03-18 13:50 - 2011-05-03 08:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-18 13:50 - 2011-05-03 07:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-18 13:50 - 2011-02-23 07:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-03-18 13:50 - 2011-02-18 13:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-03-18 13:50 - 2011-02-18 08:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-03-18 13:50 - 2011-02-12 14:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-03-18 13:50 - 2010-06-02 14:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-03-18 13:50 - 2010-06-02 14:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-03-18 13:50 - 2010-06-02 14:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-03-18 13:50 - 2010-06-02 14:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-03-18 13:50 - 2010-06-02 14:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-03-18 13:50 - 2010-06-02 14:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-03-18 13:50 - 2010-05-26 21:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-03-18 13:50 - 2010-05-26 21:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-03-18 13:50 - 2010-05-26 21:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-03-18 13:50 - 2010-05-26 21:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-18 13:50 - 2010-02-04 20:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-03-18 13:50 - 2009-09-05 03:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-03-18 13:50 - 2009-09-05 03:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-03-18 13:50 - 2009-03-17 00:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-03-18 13:50 - 2009-03-10 01:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-03-18 13:50 - 2008-10-27 20:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-03-18 13:50 - 2008-10-15 16:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-03-18 13:50 - 2008-07-31 20:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-03-18 13:50 - 2008-07-31 20:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-03-18 13:50 - 2008-07-31 20:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-03-18 13:50 - 2008-07-31 20:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-03-18 13:50 - 2008-07-10 21:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-03-18 13:50 - 2008-07-10 21:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-03-18 13:50 - 2008-07-10 21:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-03-18 13:50 - 2008-05-31 00:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-03-18 13:50 - 2008-05-31 00:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-03-18 13:50 - 2008-05-31 00:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-03-18 13:50 - 2008-05-31 00:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-03-18 13:50 - 2008-05-31 00:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-03-18 13:50 - 2008-05-31 00:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-03-18 13:50 - 2008-05-31 00:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-03-18 13:50 - 2008-05-31 00:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-03-18 13:50 - 2008-05-31 00:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-03-18 13:50 - 2008-03-06 02:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-03-18 13:50 - 2008-03-06 02:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-03-18 13:50 - 2008-03-06 02:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-03-18 13:50 - 2008-03-06 02:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-03-18 13:50 - 2008-03-06 02:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-03-18 13:50 - 2008-03-06 02:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-03-18 13:50 - 2008-03-06 01:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-03-18 13:50 - 2008-03-06 01:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-03-18 13:50 - 2008-03-06 01:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-03-18 13:50 - 2008-03-06 01:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-03-18 13:50 - 2008-02-06 09:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-03-18 13:50 - 2008-02-06 09:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-03-18 13:50 - 2007-10-22 13:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-03-18 13:50 - 2007-10-22 13:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-03-18 13:50 - 2007-10-22 13:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-03-18 13:50 - 2007-10-22 13:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-03-18 13:50 - 2007-10-13 01:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-03-18 13:50 - 2007-10-13 01:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-03-18 13:50 - 2007-10-13 01:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-03-18 13:50 - 2007-10-13 01:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-03-18 13:50 - 2007-10-02 19:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-03-18 13:50 - 2007-10-02 19:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-03-18 13:50 - 2007-07-20 10:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-03-18 13:50 - 2007-07-20 10:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-03-18 13:50 - 2007-07-20 04:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-03-18 13:50 - 2007-06-21 06:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-03-18 13:50 - 2007-06-21 06:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-03-18 13:50 - 2007-05-17 02:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-03-18 13:50 - 2007-04-05 04:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-03-18 13:50 - 2007-04-05 04:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-03-18 13:50 - 2007-04-05 04:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-18 13:50 - 2007-04-05 04:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-18 13:50 - 2007-03-16 02:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-03-18 13:50 - 2007-03-16 02:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-03-18 13:50 - 2007-03-13 02:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-18 13:50 - 2007-03-13 02:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-03-18 13:50 - 2007-03-13 02:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-03-18 13:50 - 2007-03-13 02:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-03-18 13:50 - 2007-03-05 22:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-03-18 13:50 - 2007-03-05 22:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-03-18 13:50 - 2007-01-25 01:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-03-18 13:50 - 2007-01-25 01:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-03-18 13:50 - 2006-12-08 22:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-03-18 13:50 - 2006-12-08 22:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-03-18 13:50 - 2006-11-29 23:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-03-18 13:50 - 2006-11-29 23:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-03-18 13:50 - 2006-11-29 23:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-03-18 13:50 - 2006-11-29 23:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-03-18 13:50 - 2006-09-29 02:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-03-18 13:50 - 2006-09-29 02:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-03-18 13:50 - 2006-09-29 02:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-03-18 13:50 - 2006-09-29 02:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-03-18 13:50 - 2006-07-28 19:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-03-18 13:50 - 2006-07-28 19:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-03-18 13:50 - 2006-07-28 19:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-03-18 13:50 - 2006-07-28 19:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-03-18 13:50 - 2006-05-31 17:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-03-18 13:50 - 2006-05-31 17:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-03-18 13:50 - 2006-03-31 22:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-03-18 13:50 - 2006-03-31 22:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-03-18 13:50 - 2006-03-31 22:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-03-18 13:50 - 2006-03-31 22:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-03-18 13:50 - 2006-03-31 22:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-03-18 13:50 - 2006-03-31 22:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-03-18 13:50 - 2006-02-03 18:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-03-18 13:50 - 2006-02-03 18:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-03-18 13:50 - 2006-02-03 18:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-03-18 13:50 - 2006-02-03 18:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-03-18 13:50 - 2006-02-03 18:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-03-18 13:50 - 2006-02-03 18:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-03-18 13:50 - 2005-12-06 04:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-03-18 13:50 - 2005-12-06 04:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-03-18 13:50 - 2005-07-23 05:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-03-18 13:50 - 2005-07-23 05:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-03-18 13:50 - 2005-05-27 01:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-03-18 13:50 - 2005-05-27 01:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-03-18 13:50 - 2005-03-19 03:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-03-18 13:50 - 2005-03-19 03:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-03-18 13:50 - 2005-02-06 05:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-03-18 13:50 - 2005-02-06 05:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\ProgramData\ESET
2016-03-18 12:03 - 2016-03-18 12:03 - 00000000 ____D C:\Program Files\ESET
2016-03-18 11:57 - 2016-03-25 16:37 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Adobe
2016-03-18 11:57 - 2016-03-18 11:57 - 00000000 ____D C:\Users\Penne\AppData\Roaming\LolClient
2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\WinRAR
2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-18 11:53 - 2016-03-18 11:53 - 00000000 ____D C:\Program Files\WinRAR
2016-03-18 11:43 - 2016-04-16 17:26 - 00000000 ____D C:\Users\Penne\AppData\Roaming\tixati
2016-03-18 11:43 - 2016-03-18 11:43 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati
2016-03-18 11:43 - 2016-03-18 11:43 - 00000000 ____D C:\Program Files\tixati
2016-03-18 11:25 - 2016-03-18 11:25 - 00000000 ___SD C:\Users\Penne\AppData\LocalLow\Temp
2016-03-18 11:13 - 2016-03-27 01:39 - 00000000 ____D C:\Users\Penne\AppData\Roaming\MultiWall
2016-03-18 11:13 - 2016-03-18 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiWall
2016-03-18 11:13 - 2016-03-18 11:13 - 00000000 ____D C:\Program Files (x86)\MultiWall
2016-03-18 10:57 - 2016-03-31 14:51 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-18 10:52 - 2016-03-18 10:52 - 00000000 ____D C:\Users\Penne\AppData\Local\Steam
2016-03-18 10:52 - 2016-03-18 10:52 - 00000000 ____D C:\Users\Penne\AppData\Local\CEF
2016-03-18 10:50 - 2016-04-17 01:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-18 10:50 - 2016-03-18 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-18 10:48 - 2016-03-18 10:48 - 00000000 ____D C:\ProgramData\Riot Games
2016-03-18 10:44 - 2016-03-18 10:44 - 00000000 ____D C:\Users\Penne\AppData\Local\CrashDumps
2016-03-18 10:43 - 2016-03-18 10:44 - 00000000 ____D C:\ProgramData\KaveXTD
2016-03-18 10:43 - 2016-03-18 10:43 - 00022343 _____ C:\Windows\Cm106.ini.cfl
2016-03-18 10:43 - 2016-03-18 10:43 - 00000374 _____ C:\Windows\Cm106.ini.imi
2016-03-18 10:43 - 2016-03-18 10:43 - 00000323 _____ C:\Windows\system\Cm106.ini
2016-03-18 10:43 - 2016-03-18 10:43 - 00000135 _____ C:\Windows\system\Dlap.pfx
2016-03-18 10:43 - 2016-03-18 10:43 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-03-18 10:43 - 2016-03-18 10:43 - 00000000 ____D C:\Program Files\Roccat
2016-03-18 10:43 - 2013-12-28 12:47 - 00007905 ____N C:\Windows\Cm106.ini.cfg
2016-03-18 10:43 - 2013-11-08 16:55 - 00830464 ____N C:\Windows\system32\Cmeau106.exe
2016-03-18 10:43 - 2009-08-21 02:00 - 00359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2016-03-18 10:43 - 2006-10-07 15:45 - 00524768 _____ (Microsoft Corporation) C:\Windows\difxapi.dll
2016-03-18 10:42 - 2016-03-18 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2016-03-18 10:42 - 2016-03-18 10:42 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2016-03-18 10:41 - 2016-03-18 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-03-18 10:41 - 2008-07-31 20:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-03-18 10:41 - 2008-07-31 20:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-03-18 10:41 - 2008-07-12 18:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-03-18 10:41 - 2008-07-12 18:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-03-18 10:41 - 2008-07-12 18:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-03-18 10:38 - 2016-03-18 10:42 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Riot Games
2016-03-18 10:35 - 2016-03-25 19:03 - 00000000 ____D C:\ProgramData\Samsung
2016-03-18 10:35 - 2016-03-18 10:35 - 00003274 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-03-18 10:35 - 2016-03-18 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-03-18 10:32 - 2016-04-17 01:26 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Skype
2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\Users\Penne\Tracing
2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\ProgramData\Skype
2016-03-18 10:32 - 2016-03-18 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-18 10:28 - 2013-10-31 13:21 - 00015584 _____ (Giga-Byte Technology CO., LTD.) C:\Windows\etocdrv.sys
2016-03-18 09:51 - 2016-03-20 01:47 - 00000000 ____D C:\Program Files\Google
2016-03-18 09:48 - 2016-03-18 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-18 09:48 - 2016-03-18 09:48 - 00000000 ____D C:\Users\Penne\AppData\LocalGoogle
2016-03-18 09:19 - 2016-04-17 01:24 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2016-03-18 09:19 - 2013-04-10 02:44 - 00014928 _____ (Giga-Byte Technology CO., LTD.) C:\Windows\system32\etocdrv.sys
2016-03-18 09:17 - 2016-04-17 01:24 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-03-18 09:16 - 2016-03-18 10:35 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-03-18 09:16 - 2016-03-18 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-03-18 09:12 - 2016-04-02 14:15 - 00000000 ____D C:\Temp
2016-03-18 08:50 - 2016-04-17 01:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-18 08:50 - 2016-03-18 10:16 - 00000000 ____D C:\Windows\SysWOW64\GBT_DL_OBJ
2016-03-18 08:48 - 2016-03-18 09:23 - 00000000 ____D C:\Users\Penne\AppData\Local\Downloaded Installations
2016-03-18 08:44 - 2016-04-02 14:11 - 00000000 ____D C:\Users\Penne\AppData\Local\NVIDIA Corporation
2016-03-18 08:43 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-18 08:43 - 2016-03-30 04:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-18 08:43 - 2016-03-30 04:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-18 08:43 - 2016-03-30 04:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-03-18 08:43 - 2016-03-30 04:05 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-18 08:43 - 2016-03-30 04:05 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-18 08:43 - 2016-03-18 08:51 - 00000000 ____D C:\Users\Penne\AppData\Local\NVIDIA
2016-03-18 08:43 - 2010-05-26 21:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-03-18 08:43 - 2010-05-26 21:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-03-18 08:43 - 2010-05-26 21:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-03-18 08:43 - 2010-05-26 21:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-03-18 08:43 - 2010-05-26 21:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-03-18 08:43 - 2010-05-26 21:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-18 08:42 - 2016-04-02 14:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-18 08:42 - 2016-04-02 14:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-18 08:42 - 2016-03-22 07:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-18 08:42 - 2016-03-22 07:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-18 08:42 - 2016-03-22 07:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-18 08:42 - 2016-03-22 07:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-18 08:42 - 2016-03-22 05:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-18 08:42 - 2016-03-22 05:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-18 08:42 - 2016-03-22 05:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-18 08:42 - 2016-03-18 21:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-18 08:42 - 2016-03-18 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-03-18 08:42 - 2016-03-17 00:30 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-03-18 08:42 - 2016-03-17 00:29 - 00127768 _____ C:\Windows\system32\vulkan-1.dll
2016-03-18 08:42 - 2016-03-17 00:29 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-03-18 08:42 - 2016-03-17 00:28 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-03-18 08:42 - 2016-03-08 13:07 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436451.dll
2016-03-18 08:42 - 2016-03-08 13:07 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-03-18 08:42 - 2016-03-08 13:07 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436451.dll
2016-03-18 08:42 - 2016-03-08 13:07 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-03-18 08:42 - 2016-03-08 13:07 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-03-18 08:41 - 2016-04-02 14:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-18 08:41 - 2016-03-18 08:41 - 00000000 ____D C:\NVIDIA
2016-03-18 08:37 - 2016-04-16 17:26 - 00000000 ____D C:\Windows\Panther
2016-03-18 08:33 - 2016-03-18 09:45 - 00000000 ____D C:\Program Files\GIGABYTE
2016-03-18 08:33 - 2016-03-18 09:40 - 00000000 ____D C:\Program Files (x86)\GIGABYTE
2016-03-18 08:33 - 2013-03-27 19:51 - 00021072 _____ C:\Windows\system32\Drivers\UsbCharger.sys
2016-03-18 08:33 - 2013-02-19 22:18 - 00021584 _____ C:\Windows\system32\Drivers\AppleCharger.sys
2016-03-18 08:33 - 2010-04-07 02:30 - 00031272 _____ C:\Windows\system32\AppleChargerSrv.exe
2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____D C:\Users\Penne\Intel
2016-03-18 08:32 - 2016-03-18 08:32 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Intel Corporation
2016-03-18 08:32 - 2012-12-21 17:44 - 00786056 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2016-03-18 08:32 - 2012-12-21 17:44 - 00366216 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2016-03-18 08:32 - 2012-12-21 17:44 - 00020616 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2016-03-18 08:31 - 2016-03-18 08:31 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-03-18 08:31 - 2016-03-18 08:31 - 00000000 ____D C:\Program Files\Realtek
2016-03-18 08:31 - 2013-01-23 03:37 - 00490256 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys
2016-03-18 08:31 - 2012-12-12 00:11 - 00543104 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2016-03-18 08:31 - 2012-11-14 23:54 - 00073032 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2016-03-18 08:31 - 2012-11-13 23:01 - 00101224 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2016-03-18 08:31 - 2012-01-06 08:03 - 00003114 _____ C:\Windows\system32\e1d62x64.din
2016-03-18 08:31 - 2009-05-26 04:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2016-03-18 08:31 - 2006-01-12 09:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2016-03-18 08:30 - 2016-03-18 08:31 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-03-18 08:30 - 2016-03-18 08:30 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-03-18 08:30 - 2013-03-19 16:37 - 00442368 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-03-18 08:30 - 2013-03-19 16:37 - 00015360 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2016-03-18 08:30 - 2013-03-12 23:19 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-03-18 08:30 - 2013-02-26 15:42 - 03333576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-03-18 08:30 - 2013-02-26 13:04 - 00429097 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-03-18 08:30 - 2013-02-26 11:41 - 19089920 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-03-18 08:30 - 2013-02-26 08:30 - 03685448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-03-18 08:30 - 2013-02-21 12:26 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-03-18 08:30 - 2013-02-21 12:26 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-03-18 08:30 - 2013-02-21 12:25 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-03-18 08:30 - 2013-02-21 11:11 - 00131656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-03-18 08:30 - 2013-02-20 13:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-03-18 08:30 - 2013-02-20 05:55 - 00912960 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-03-18 08:30 - 2013-02-19 13:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-03-18 08:30 - 2013-02-19 10:11 - 02751560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-03-18 08:30 - 2013-02-08 10:36 - 03155536 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-03-18 08:30 - 2013-02-05 15:32 - 01658952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-03-18 08:30 - 2013-02-02 16:30 - 02099480 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-03-18 08:30 - 2013-02-02 16:30 - 00907544 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-03-18 08:30 - 2013-02-02 16:29 - 13975320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-03-18 08:30 - 2013-02-02 16:29 - 01898776 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2016-03-18 08:30 - 2013-01-23 11:36 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-03-18 08:30 - 2013-01-21 20:41 - 00204864 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-03-18 08:30 - 2013-01-17 14:32 - 00719640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-03-18 08:30 - 2013-01-17 01:05 - 00801560 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2016-03-18 08:30 - 2013-01-17 01:05 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2016-03-18 08:30 - 2013-01-17 01:05 - 00518936 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2016-03-18 08:30 - 2013-01-17 01:05 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-03-18 08:30 - 2013-01-16 11:02 - 02079816 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-03-18 08:30 - 2013-01-15 05:33 - 02722848 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-03-18 08:30 - 2012-12-17 12:49 - 02032584 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-03-18 08:30 - 2012-12-12 06:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-03-18 08:30 - 2012-10-02 09:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-03-18 08:30 - 2012-10-02 09:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-03-18 08:30 - 2012-10-02 09:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-03-18 08:30 - 2012-09-10 15:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-03-18 08:30 - 2012-08-31 14:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-03-18 08:30 - 2012-08-31 14:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-03-18 08:30 - 2012-08-31 14:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-03-18 08:30 - 2012-08-31 14:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-03-18 08:30 - 2012-08-31 14:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-03-18 08:30 - 2012-07-15 16:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-03-18 08:30 - 2012-06-20 12:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-03-18 08:30 - 2012-03-08 06:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-03-18 08:30 - 2012-01-30 06:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-03-18 08:30 - 2012-01-10 05:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-03-18 08:30 - 2011-12-20 10:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-03-18 08:30 - 2011-11-22 11:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-03-18 08:30 - 2011-09-02 09:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-03-18 08:30 - 2011-09-02 09:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-03-18 08:30 - 2011-09-02 09:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-03-18 08:30 - 2011-08-23 12:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-03-18 08:30 - 2011-05-31 04:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-03-18 08:30 - 2011-03-17 07:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-03-18 08:30 - 2011-03-07 12:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-03-18 08:30 - 2010-11-08 02:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-03-18 08:30 - 2010-11-03 13:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-03-18 08:30 - 2010-09-27 04:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-03-18 08:30 - 2010-07-22 11:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-03-18 08:30 - 2009-11-24 04:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-03-18 08:30 - 2009-11-24 04:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-03-18 08:30 - 2009-11-24 04:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-03-18 08:30 - 2009-11-24 04:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-03-18 08:29 - 2016-03-18 08:32 - 00000000 ____D C:\ProgramData\Intel
2016-03-18 08:29 - 2016-03-18 08:32 - 00000000 ____D C:\Program Files\Intel
2016-03-18 08:29 - 2013-03-22 03:44 - 07558640 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00745968 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00534000 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00529392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00441840 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00407536 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00397808 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00250864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-03-18 08:29 - 2013-03-22 03:44 - 00165872 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-03-18 08:29 - 2013-03-19 16:37 - 00109056 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3071.dll
2016-03-18 08:29 - 2013-03-19 16:35 - 00017502 _____ C:\Windows\system32\iglhxs64.vp
2016-03-18 08:29 - 2013-03-19 16:34 - 01758208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2016-03-18 08:29 - 2013-03-19 16:33 - 01631744 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2016-03-18 08:29 - 2013-03-19 16:33 - 00322560 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2016-03-18 08:29 - 2013-03-19 16:33 - 00279040 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2016-03-18 08:29 - 2013-03-19 16:33 - 00258560 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2016-03-18 08:29 - 2013-03-19 16:33 - 00203264 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 24283136 _____ C:\Windows\system32\igdfcl64.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 09362944 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 07861760 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 05611008 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 00240640 _____ C:\Windows\SysWOW64\igdde32.dll
2016-03-18 08:29 - 2013-03-19 16:32 - 00103936 _____ C:\Windows\SysWOW64\igdail32.dll
2016-03-18 08:29 - 2013-03-19 16:31 - 09802240 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-03-18 08:29 - 2013-03-19 16:31 - 08647680 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-03-18 08:29 - 2013-03-19 16:31 - 07175680 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2016-03-18 08:29 - 2013-03-19 16:31 - 04534784 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-03-18 08:29 - 2013-03-19 16:31 - 00286720 _____ C:\Windows\system32\igdde64.dll
2016-03-18 08:29 - 2013-03-19 16:31 - 00117760 _____ C:\Windows\system32\igdail64.dll
2016-03-18 08:29 - 2013-03-19 16:29 - 19586560 _____ C:\Windows\SysWOW64\igdfcl32.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 08901632 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 03988480 _____ (Microsoft) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 02384896 _____ C:\Windows\system32\GfxRes.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00443904 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00443392 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00442368 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441856 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00441344 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00440832 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00432640 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00357888 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00348160 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00345600 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-03-18 08:29 - 2013-03-19 16:27 - 00256973 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00243062 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00225909 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00192779 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00191488 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00189982 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00184704 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00173641 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00173255 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00171308 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00170949 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00170868 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00169419 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00168766 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00168624 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00168145 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00167827 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00167279 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00166207 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00166115 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00165888 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00165805 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00165389 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00164428 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00161093 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00160055 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00159440 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00154905 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00148171 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00146480 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-03-18 08:29 - 2013-03-19 16:27 - 00140288 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00124928 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-03-18 08:29 - 2013-03-19 16:27 - 00108032 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00065536 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00029184 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-03-18 08:29 - 2013-03-19 16:27 - 00001806 _____ C:\Windows\system32\GfxUIEx.exe.config
2016-03-18 08:29 - 2013-03-19 16:27 - 00000935 _____ C:\Windows\system32\DPTopologyApp.exe.config
2016-03-18 08:29 - 2013-03-19 16:27 - 00000935 _____ C:\Windows\system32\CustomModeApp.exe.config
2016-03-18 08:29 - 2013-03-19 16:27 - 00000264 _____ C:\Windows\system32\GfxUIHotKeyMenu.exe.config
2016-03-18 08:29 - 2013-03-19 16:25 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2016-03-18 08:29 - 2013-03-19 16:25 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00861184 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00856576 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00216064 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00180224 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-03-18 08:29 - 2013-03-19 16:25 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-03-18 08:29 - 2013-03-19 16:25 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2016-03-18 08:29 - 2013-03-19 16:25 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-03-18 08:29 - 2013-03-19 16:25 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2016-03-18 08:29 - 2013-03-19 16:25 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-03-18 08:29 - 2013-03-19 16:25 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2016-03-18 08:29 - 2013-03-19 16:25 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-03-18 08:29 - 2013-03-19 16:24 - 03401728 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2016-03-18 08:29 - 2013-03-19 16:23 - 04359168 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2016-03-18 08:29 - 2013-03-12 23:19 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2016-03-18 08:28 - 2016-03-20 03:27 - 00768152 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-18 08:28 - 2016-03-18 10:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-18 08:28 - 2016-03-18 08:49 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-18 08:28 - 2016-03-18 08:29 - 00000000 ____D C:\Intel
2016-03-18 08:28 - 2013-02-28 01:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-03-18 08:26 - 2016-04-17 01:24 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-18 08:26 - 2016-04-17 01:00 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-18 08:26 - 2016-03-20 01:47 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-18 08:26 - 2016-03-20 01:36 - 00000000 ____D C:\Users\Penne\AppData\Local\Google
2016-03-18 08:26 - 2016-03-18 08:56 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-18 08:26 - 2016-03-18 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-03-18 08:26 - 2016-03-18 08:55 - 00003922 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-18 08:26 - 2016-03-18 08:55 - 00003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-18 08:25 - 2016-03-18 08:59 - 00000010 _____ C:\Windows\GSetup.ini
2016-03-18 07:43 - 2016-03-25 00:45 - 00000000 ____D C:\Users\Penne\AppData\Local\VirtualStore
2016-03-18 07:43 - 2016-03-19 18:01 - 00001413 _____ C:\Users\Penne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-18 07:41 - 2016-04-15 14:20 - 00000000 ____D C:\Users\Penne
2016-03-18 07:41 - 2016-03-25 00:45 - 00109688 _____ C:\Users\Penne\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-18 07:41 - 2016-03-18 07:41 - 00000020 ___SH C:\Users\Penne\ntuser.ini
2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\My Documents
2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Videos
2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Pictures
2016-03-18 07:41 - 2016-03-18 07:41 - 00000000 _SHDL C:\Users\Penne\Documents\My Music
2016-03-18 07:41 - 2010-11-21 10:16 - 00000000 ____D C:\Users\Penne\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-17 01:30 - 2009-07-14 08:13 - 00784286 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 01:30 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-04-17 01:24 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-17 01:18 - 2009-07-14 07:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 01:18 - 2009-07-14 07:45 - 00016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 01:12 - 2009-07-14 05:34 - 00000215 _____ C:\Windows\system.ini
2016-04-14 21:51 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2016-04-14 20:36 - 2009-07-14 07:45 - 00417112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-06 10:18 - 2010-11-21 06:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-01 23:50 - 2015-10-05 01:47 - 00000000 ____D C:\Users\Penne\Documents\My Games
2016-03-21 02:41 - 2009-07-14 05:34 - 00000478 _____ C:\Windows\win.ini
2016-03-20 22:26 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-03-20 13:54 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-03-20 05:27 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\AppCompat
2016-03-20 03:17 - 2009-07-14 08:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-20 03:15 - 2010-11-21 10:17 - 00000000 ____D C:\Windows\ShellNew
2016-03-20 03:15 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-20 02:32 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\Web
2016-03-19 18:00 - 2010-11-21 10:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-19 18:00 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-19 04:16 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-19 04:16 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\tracing
2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\Dism
2016-03-19 04:16 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-03-18 12:10 - 2015-07-30 22:41 - 00264552 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-03-18 12:10 - 2015-07-30 22:41 - 00186784 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-03-18 12:10 - 2015-07-30 22:41 - 00170792 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2016-03-18 11:54 - 2010-11-21 06:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-03-18 11:54 - 2010-11-21 06:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2016-03-18 11:54 - 2010-11-21 06:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2016-03-18 10:43 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system
2016-03-18 08:42 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\Help
2016-03-18 08:37 - 2009-07-14 08:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-03-18 08:36 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-18 08:33 - 2009-07-14 08:32 - 00000000 ____D C:\Windows\Downloaded Program Files

==================== Files in the root of some directories =======

2016-03-20 01:14 - 2016-03-20 01:14 - 0005120 _____ () C:\Users\Penne\AppData\Roaming\GiftBag.db
2016-03-20 22:27 - 2016-03-20 22:27 - 0000316 _____ () C:\Users\Penne\AppData\Roaming\redirect2.dat
2016-03-20 11:18 - 2016-03-20 11:18 - 0000009 _____ () C:\Users\Penne\AppData\Roaming\update.dat
2016-03-20 11:19 - 2016-03-24 15:16 - 0000004 _____ () C:\Users\Penne\AppData\Roaming\Microsoft\notaut.txt
2016-03-21 00:18 - 2016-03-21 00:18 - 0000004 _____ () C:\Users\Penne\AppData\Roaming\Microsoft\notautfbb.txt
2016-03-21 01:04 - 2016-03-21 01:04 - 0000003 _____ () C:\Users\Penne\AppData\Local\updater.log
2016-03-21 01:04 - 2016-03-21 01:04 - 0000424 _____ () C:\Users\Penne\AppData\Local\UserProducts.xml
2016-03-18 10:43 - 2016-03-18 10:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Penne\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-14 21:43

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

FRST Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016
Ran by Penne (2016-04-17 01:49:42)
Running from D:\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-03-18 04:41:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-206197487-1037210532-2885666671-500 - Administrator - Disabled)
Guest (S-1-5-21-206197487-1037210532-2885666671-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-206197487-1037210532-2885666671-1002 - Limited - Enabled)
Penne (S-1-5-21-206197487-1037210532-2885666671-1000 - Administrator - Enabled) => C:\Users\Penne

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.318.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.375.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B14.1003.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B14.1003.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
A2A C172 Trainer Academic for P3D (HKLM-x32\...\A2A C172 Trainer Academic for P3D) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Atlas Reactor Live (HKLM-x32\...\Glyph Atlas Reactor Live) (Version:  - Trion Worlds, Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.70.1080 - AB Team, d.o.o.)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.13.0911.1 -  GIGABYTE)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_is1) (Version:  - )
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
ESET NOD32 Antivirus (HKLM\...\{60853F5E-E6F5-4A34-BBCD-C09D49BB5E64}) (Version: 9.0.318.0 - ESET, spol. s r.o.)
Everybody's Gone to the Rapture (HKLM-x32\...\Everybody's Gone to the Rapture_is1) (Version:  - )
EZSetup B15.0623.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B15.0623.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )
Firewatch (HKLM-x32\...\Firewatch_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.20.0 - Androxyde)
FTX Global Base Pack (HKLM-x32\...\FTX Global Base Pack1.40) (Version: 1.40 - Orbx Simulation Systems Pty Ltd)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.0.1.0 (HKLM\...\PROSetDX) (Version: 18.0.1.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Kerbal Space Program (HKLM\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
League Screensaver (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metal Gear Solid V Phantom Pain, גונסט 1.0.0.1 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.0.1 - RePack by SEYTER)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MultiWall version 1.0.26 (HKLM-x32\...\{54384F46-6346-4BDC-A137-4D4037D362D3}_is1) (Version: 1.0.26 - MultiWall)
MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall)
NFOlux (HKLM-x32\...\NFOlux) (Version:  - )
Nosgoth (HKLM\...\Steam App 200110) (Version:  - Psyonix)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Planetary Annihilation (HKLM\...\Steam App 233250) (Version:  - Uber Entertainment)
Prepar3D v3 Academic (HKLM-x32\...\{ef7923e2-4857-4683-820d-a3994d88d709}) (Version: 3.0.10.14945 - Lockheed Martin)
Prepar3D v3 Academic Client (HKLM-x32\...\{213CD124-D688-436D-9BD8-FFB56DC830BE}) (Version: 3.0.10.14945 - Lockheed Martin)
Prepar3D v3 Content (HKLM-x32\...\{CE8E65FC-9BE3-438A-8449-BCD5E8ACC6BE}) (Version: 3.0.10.14945 - Lockheed Martin)
Prepar3D v3 Scenery (HKLM-x32\...\{3F2CF900-1437-4F93-9ABF-07B8B80E37DA}) (Version: 3.0.10.14945 - Lockheed Martin)
Project CARS v.9.0 (HKLM-x32\...\Project CARS_is1) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
ROCCAT  Ryos TKL Keyboard Driver (HKLM-x32\...\{2EF5DFF4-EEF0-4FF7-97BD-C5B8C5C5D0F1}) (Version: 1.00.0011 - Roccat GmbH)
ROCCAT Kave XTD (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016206}) (Version:   - Roccat GmbH)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.5 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Recovery 2 B14.1209.1  (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Trackmania Turbo (HKLM\...\Steam App 375900) (Version:  - Nadeo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2F5BBB12-EE07-4E27-BD19-423F18CF03A5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-01-08] (Samsung Electronics.)
Task: {46E61794-AA76-4D47-86C3-3081D6C52D7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.)
Task: {49BF7E02-B6E6-403F-BEE8-719F99A37C14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-18] (Google Inc.)
Task: {C3031F5A-CA73-471B-9314-9045A81F0F19} - System32\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {E14C44BE-E430-4602-937A-75A86AFFE745} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {E1639A15-7B07-442F-BCB1-EEF3636E7A5F} - System32\Tasks\GTNU_635940224626022571 => Chrome.exe hxxp://www.5web.co/wapi/tudp.php?fp=70DF-4A3E-34F0-1E38-C887-9B35-AE47-9586&amp;cc=IL
Task: {E5AFBB1F-AA5D-4947-AC75-C07917A56276} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-206197487-1037210532-2885666671-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-03-18 08:42 - 2016-03-22 05:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 09:45 - 2016-03-18 09:45 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2016-03-30 21:25 - 2016-03-30 21:25 - 00707072 _____ () C:\Riot Games\LolScreenSaver\service\service.exe
2016-03-18 08:42 - 2016-03-30 04:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-02 14:10 - 2016-03-30 04:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-18 08:42 - 2016-03-30 04:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-18 08:42 - 2016-03-30 04:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-02 14:10 - 2016-03-30 04:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-02 14:10 - 2016-03-30 04:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-02 14:10 - 2016-03-30 04:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-18 08:42 - 2016-03-30 04:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-02 14:10 - 2016-03-30 04:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-02 14:10 - 2016-03-30 04:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-18 08:29 - 2013-03-19 16:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-18 08:42 - 2016-03-30 04:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2009-07-14 00:03 - 2009-07-14 04:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2016-03-18 08:56 - 2016-03-08 05:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-18 08:56 - 2016-03-08 05:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-04-09 13:29 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Penne\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2016-04-17 01:12 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-206197487-1037210532-2885666671-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Penne\AppData\Roaming\MultiWall\\wallpaper.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F97853C9-3C52-4D5A-AEB2-C0760B36C30F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DFA471F5-9527-45A1-8D7B-0B000267A6DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A61EA972-30A0-482F-B799-7FE8F51DC368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8E9B1A61-B3B1-41C1-866A-3DE58DCFA837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{241F3230-51DE-4BD6-938E-98DDB154AF4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2E20D67E-43D4-4AEB-8DA3-F113C8E9EDC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0640F91-D55B-4F81-98E0-BA7FBED1F8E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E0074908-A3B1-4443-853D-AB8D9C4B65F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{FEF3C82E-AEF3-4617-80EF-E059C3254CD8}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [UDP Query User{8C841A1D-F28B-4F8D-ADF7-DA13A24FED7A}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [{FE88C34C-49BF-4714-828C-D9EB7E988357}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{268F4022-0559-4DC5-AE50-E78953065C57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B351FF78-89CE-4FE6-A90F-03CC5F38A316}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1B9CCA89-A970-4270-B3DB-E3C5CFBD7AEB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{145C947C-3F69-4DEB-BC1A-8437E7760D84}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DAF8F908-4628-4F59-A49E-6C5ED8F48C97}] => (Allow) D:\Steam-Apps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3D11F486-6E12-4075-BF18-BA21A1AF1217}] => (Allow) D:\Steam-Apps\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{D2D57AAB-CC36-49CD-9820-93822E546EBC}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [UDP Query User{A90A9723-82EE-4E92-93B7-9FE73E9A8677}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{C79DFBCE-49AF-4A43-AA16-4C4FD9054735}] => (Allow) D:\Steam-Apps\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{8C473422-B915-4CCA-8C39-86E726D819CD}] => (Allow) D:\Steam-Apps\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{978EBBB8-8C00-442C-AAE5-8581B859DB97}] => (Allow) D:\Steam-Apps\steamapps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{83C0289B-6D08-48F0-9495-2B9C38B7A6E3}] => (Allow) D:\Steam-Apps\steamapps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{DA7F5A0F-BC47-48C3-A45E-243487AA07AC}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{7EC81193-CB19-4C5D-8FD8-CB77D583462C}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{87A1D1F7-F748-4711-A8B9-7D53A3886E4B}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{F8A1A03A-5CFB-4B26-ACDD-1223894FC87F}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\PA.exe
FirewallRules: [{119AEA45-F114-404C-8091-D5300298BDC4}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{793F3AC9-B2C9-4AC0-B365-055446D267F4}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\crashupload.exe
FirewallRules: [{924611BE-3948-4781-84EE-9C0D85CBEB7B}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{0B15B2D0-A21B-4591-9A69-1CA4C84F1CED}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x86\host\CoherentUI_Host.exe
FirewallRules: [{755C7EEE-3E22-4D71-8E7F-32CA34002662}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{2B8B28B0-9773-42D0-81F7-6735065601E7}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\crashupload.exe
FirewallRules: [{D3DA14C9-F403-4D49-AD10-EF6F1B3421A8}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{F26ABB2D-9CA5-47AF-B5AB-62DCBCB0A79C}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\host\CoherentUI_Host.exe
FirewallRules: [{632D1E00-908E-44CC-A711-2B127183CDA2}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{9915292A-9726-427D-859B-76C4C66F47A9}] => (Allow) D:\Steam-Apps\steamapps\common\Planetary Annihilation\bin_x64\server.exe
FirewallRules: [{3EEF11CF-FD98-4DD6-8AC4-7598A6132008}] => (Allow) D:\Steam-Apps\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4E4EA51-E0B3-4075-BA6C-F7F0C63D3644}] => (Allow) D:\Steam-Apps\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{24E2F9D7-C9F3-4C65-AE66-F6B1E7BBAC4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{39796F68-328E-494A-ABCF-60E689FC4C20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{861866CF-9A80-47F1-A26A-A7724DC5DB2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BFA4DA97-9F77-4757-AAFF-99CF486CDD0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A60151A1-E913-4D4C-9C54-AC592DBB4E8E}D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe] => (Allow) D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe
FirewallRules: [UDP Query User{3A1E9D41-0B74-458E-B944-90B2E0257613}D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe] => (Allow) D:\games\borderlands.goty.edition-kaos\binaries\borderlands.exe
FirewallRules: [{0428E04E-6DAF-4D2D-A9BE-51AC538A97CD}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\TrackmaniaTurbo.exe
FirewallRules: [{AABA8A94-4645-4A90-9BB4-0B6FDC4E8778}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\TrackmaniaTurbo.exe
FirewallRules: [{E53877A5-627C-4E91-99E4-5E5BAD1D7B02}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\Config.exe
FirewallRules: [{690176E8-6514-4726-A2FD-6FA4ACC87016}] => (Allow) D:\Steam-Apps\steamapps\common\Trackmania Turbo\Config.exe
FirewallRules: [TCP Query User{924B7A66-0437-44C7-BE07-DEB3F9DD0BFF}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{D3E8AC35-82E3-4D2A-B27C-9A104D7A8311}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{9A477243-2C4B-42FF-84DD-EBF89324625F}D:\games\battleplans\client\battleplans.exe] => (Allow) D:\games\battleplans\client\battleplans.exe
FirewallRules: [UDP Query User{B887D9C7-0A18-4E30-8F87-4435900AE82B}D:\games\battleplans\client\battleplans.exe] => (Allow) D:\games\battleplans\client\battleplans.exe

==================== Restore Points =========================

07-04-2016 14:49:54 AA11
09-04-2016 01:12:49 Windows Update
09-04-2016 20:11:06 Installed Adblock Plus for IE (32-bit and 64-bit)
13-04-2016 16:49:49 Windows Update
13-04-2016 23:44:31 Windows Update
16-04-2016 11:54:45 Installed Battleplans
16-04-2016 18:34:48 Removed Battleplans
16-04-2016 18:36:18 Removed Adblock Plus for IE (32-bit and 64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2016 01:26:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2016 01:09:16 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/17/2016 12:11:47 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 11:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 10:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 09:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 08:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 07:11:47 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 05:58:39 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/16/2016 05:28:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/17/2016 01:41:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/17/2016 01:26:57 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/17/2016 01:12:36 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (04/17/2016 01:12:09 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/17/2016 01:11:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The League Screensaver service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/17/2016 01:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The League Screensaver service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (04/17/2016 01:10:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (04/17/2016 01:10:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The League Screensaver service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/17/2016 01:09:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The League Screensaver service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (04/16/2016 05:58:39 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}


CodeIntegrity:
===================================
  Date: 2016-04-17 01:12:09.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-17 01:12:09.153
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8082.06 MB
Available physical RAM: 4965.21 MB
Total Virtual: 8280.25 MB
Available Virtual: 5803.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:173.71 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:245.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: FFE72723)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E06A7B1C)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Link to post
Share on other sites
Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Please download Junkware Removal Tool to your desktop.
 
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs, also give an update on any remaining issues or concerns....

Thank you,

Kevin.

Fixlist.txt

Link to post
Share on other sites

Excellent, thanks for the update. Run the following to clean up...

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:


  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings   <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection

Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif

 

Link to post
Share on other sites
  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.