Jump to content

Recommended Posts

Hello.So...Yestarday i downloaded one program and actually it had a trojan or something similar in it.The trojan opened and installed some 15-20 malwares at once (not even joking).Soo my pc crashed.I started it again and after 3-4 mins it crashed..I booted it in safe mode and deleted the half of the malwares (+ cortana) then i started my pc without Safe Mode and there were still like 8-10 malwares left.I removed them but some still are staying there.For example the program files folders are geting back over and over and malwarebytes still detects malwares.I'm not sure if I have pirate files so if you find you can tell me if you find.I will be very happy if someone helps me I have some skills at this point but it isn't enough.

Link to post
Share on other sites

Hello razor03 and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

user posted imageGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. user posted image
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

user posted imageMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. user posted image Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

user posted imageInternet Explorer - Click the Tools menu in the upper right-corner of the browser. user posted image Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

user posted imageChange default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.


Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.


Let me see those logs in your reply...

Thank you,

Kevin...
Link to post
Share on other sites

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/25/2016 10:18:09 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]

 * agp440 [Missing ImagePath]

 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]

 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       down.baidu2016.com
  127.0.0.1       123.sogou.com
  127.0.0.1       www.czzsyzgm.com
  127.0.0.1       www.czzsyzxl.com
  127.0.0.1       union.baidu2019.com

Program finished at: 09/25/2016 10:19:22 PM
Execution time: 0 hours(s), 1 minute(s), and 13 seconds(s)

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by User (25-09-2016 22:56:24)
Running from C:\Users\User\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-20 09:49:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-691218479-2863476526-4080224816-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-691218479-2863476526-4080224816-503 - Limited - Disabled)
Guest (S-1-5-21-691218479-2863476526-4080224816-501 - Limited - Disabled)
User (S-1-5-21-691218479-2863476526-4080224816-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Charles 4.0 (HKLM\...\{E0A65A42-FEA8-4BF1-AB8E-B28821357268}) (Version: 4.0.0.19 - XK72 Ltd)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Counter-Strike CSS Edition 1.6 (HKLM-x32\...\Counter-Strike CSS Edition 1.6) (Version:  - )
Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.35.1.6 - Valve Software)
Crack NewBlue ColorFast 3.0 build 121113 (HKLM-x32\...\Crack NewBlue ColorFast 3.0 build 121113_is1) (Version:  - )
Crack NewBlue Creative Effects V3.0 Build 121113 (HKLM-x32\...\Crack NewBlue Creative Effects V3.0 Build 121113_is1) (Version:  - )
Crack NewBlue Transitions Pack v3.0 build 121113 (HKLM-x32\...\Crack NewBlue Transitions Pack v3.0 build 121113_is1) (Version:  - )
Crack NewBlue Video Essentials Tools V3.0 Build 121113I (x86) (HKLM-x32\...\Crack NewBlue Video Essentials Tools V3.0 Build ~EFB930F3_is1) (Version:  - )
Discord (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
K-Lite Mega Codec Pack 10.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.3.1 (HKLM-x32\...\ManyCam) (Version: 5.3.1 - Visicom Media Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 48.0.2 (x86 bg) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 bg)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version:  - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version:  - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version:  - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version:  - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version:  - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.15.4 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
qBittorrent 3.3.3 (HKLM-x32\...\qBittorrent) (Version: 3.3.3 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.5.7.57 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7647 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.8.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SpeechLab (HKLM-x32\...\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}) (Version: 1.0.0 - BACL)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
Trapcode Suite v13.0.3 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.3 - Red Giant, LLC)
Universe (HKLM\...\Universe Premium_is1) (Version: 1.6.0 CE - Team V.R)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Windscribe version 1.59 build 10 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.59 build 10 - Windscribe)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023C0AD7-B8B0-44DE-B167-9658D6458804} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {033C4581-6095-4955-AE1D-18B48EA2D001} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {0E67BFAA-FC80-4A34-89B0-509C7B1036B4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {3D861CA7-4F95-4FA2-A631-B5B5EA9D5602} - System32\Tasks\KuaiZip_Update => X86\Update.exe <==== ATTENTION
Task: {3E227C52-5776-41E5-83D0-58A653549B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {468DC828-22D4-4C44-8EE2-26F9B960E9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4CEB3BB4-8F2F-486A-A6B7-C84499DF5F71} - System32\Tasks\{5C066DAE-FB13-483C-BE23-A69C5C4EC109} => pcalua.exe -a "C:\Users\User\Downloads\SpeechLab 2.0 [Stichy]\SpeakText.exe" -d "C:\Users\User\Downloads\SpeechLab 2.0 [Stichy]"
Task: {5040FFC9-E11A-48AB-AB1B-A2A692E84741} - System32\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {50ED5B82-A852-4BB0-A583-633B1598D607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {6170626D-3C5D-4C9F-B2E9-34F61090ADEB} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-13] (Microsoft Corporation)
Task: {6221933B-222E-45E3-8E8E-3AD711C62F71} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2016-02-08] ()
Task: {8C5BE969-824E-4986-AFC2-31FA2B374CB8} - System32\Tasks\Ladacultferdoch Reports => C:\Program Files (x86)\Anagosh\kjit.exe [2016-09-23] (VideoLAN)
Task: {92333B72-C092-4CED-83F0-7946F94CD656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {99868715-6BE5-4495-B53F-C3CFE389FBE8} - System32\Tasks\SafeZone scheduled Autoupdate 1474658096 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {F6801EA8-9497-48D3-B5CA-A616D2A10CDF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {F6FE5092-C2F6-4855-9D17-7256650A1014} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {FB3E981A-AA84-4FF4-84DD-F8309D93B584} - System32\Tasks\{179AE184-A649-4CA8-A3D0-6C614864584D} => pcalua.exe -a "C:\Users\User\Downloads\Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5-3DM\Installers\Social Club v1.1.5.8 Setup.exe" -d C:\Users\User\Downloads\Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5-3DM\Installers

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://9o0gle.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://9o0gle.com/

==================== Loaded Modules (Whitelisted) ==============

2016-08-02 20:04 - 2016-07-24 02:38 - 00047208 _____ () C:\Program Files (x86)\Windscribe\WindscribeService.exe
2016-07-16 09:42 - 2016-07-16 09:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-30 06:23 - 2016-06-30 06:23 - 00592384 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-20 13:31 - 2016-09-20 13:31 - 01864384 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-06-27 13:22 - 2016-06-27 13:22 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-23 16:04 - 2016-09-23 16:04 - 00338368 _____ () C:\Program Files\їмС№\X64\KZipShell.dll
2016-09-20 21:51 - 2016-09-07 02:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-20 21:49 - 2016-09-07 02:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-08-08 10:11 - 2016-08-08 10:11 - 00298672 _____ () C:\Program Files (x86)\obs-studio\data\obs-plugins\win-capture\graphics-hook64.dll
2016-08-30 20:00 - 2016-08-30 20:00 - 00370864 _____ () C:\Program Files (x86)\OBS\plugins\GraphicsCapture\GraphicsCaptureHook64.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 01983152 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
2016-08-08 10:10 - 2016-08-08 10:10 - 00858288 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\obs.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00071856 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\w32-pthreads.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00231672 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\zlib.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 02539184 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libGLESv2.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 01757016 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libopus-0.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00401744 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvorbis-0.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00801256 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvorbisenc-2.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 03019976 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libvpx-1.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00174920 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libogg-0.dll
2016-08-08 10:10 - 2016-08-08 10:10 - 00246960 _____ () C:\Program Files (x86)\obs-studio\bin\64bit\libobs-d3d11.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00098992 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\coreaudio-encoder.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00047280 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\image-source.dll
2016-08-12 11:21 - 2016-07-05 22:30 - 79704064 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libcef.dll
2016-08-12 11:21 - 2016-02-04 22:15 - 00018000 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libEGL.dll
2016-08-12 11:21 - 2016-02-04 22:15 - 02019920 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libGLESv2.dll
2016-08-12 11:21 - 2016-07-07 06:36 - 00478720 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00116400 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-ffmpeg.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00126128 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-filters.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00145584 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-outputs.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00200880 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-qsv11.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00045232 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-transitions.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00053424 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-x264.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00081072 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\rtmp-services.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00752816 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\text-freetype2.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00050352 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\vlc-video.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00097968 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-capture.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00116912 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-decklink.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00394416 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-dshow.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00254640 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-mf.dll
2016-08-08 10:11 - 2016-08-08 10:11 - 00093360 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\win-wasapi.dll
2016-08-12 11:21 - 2016-07-07 06:35 - 00365568 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe
2016-08-12 11:21 - 2016-02-04 22:15 - 02019920 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libglesv2.dll
2016-08-12 11:21 - 2016-02-04 22:15 - 00018000 _____ () C:\Program Files (x86)\obs-studio\obs-plugins\64bit\libegl.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00236488 _____ () c:\windows\system32\WerEtw.dll
2016-09-23 16:36 - 2016-09-23 16:36 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-23 16:36 - 2016-09-23 16:36 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-25 12:30 - 2016-09-25 12:30 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092500\algo.dll
2016-09-23 16:01 - 2016-09-23 16:01 - 00278528 _____ () c:\program files (x86)\anagosh\phuwlerpr.dll
2016-06-30 09:24 - 2016-06-30 09:24 - 00564224 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll
2015-07-31 05:00 - 2015-07-31 05:00 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-16 10:58 - 2016-08-16 10:58 - 00045056 _____ () C:\Program Files (x86)\BACL\SpeechLab\keyhook.dll
2016-09-20 13:31 - 2016-09-20 13:31 - 01383616 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-20 13:32 - 2016-09-20 13:32 - 00118976 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-07-12 19:53 - 2016-09-08 01:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-12 19:53 - 2016-09-20 17:28 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-12 19:53 - 2016-09-20 17:28 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-12 19:53 - 2016-07-04 20:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00638976 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSLoc_OneCore.DLL
2016-09-17 07:10 - 2016-09-13 22:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 07:10 - 2016-09-13 22:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-08-25 10:38 - 2016-08-24 17:49 - 01950392 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-08-25 10:39 - 2016-08-25 10:39 - 01050296 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-08-25 10:39 - 2016-08-25 10:39 - 03793080 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-08-25 10:39 - 2016-08-25 10:39 - 00894136 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-08-25 10:39 - 2016-08-25 10:39 - 01119416 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2014-10-01 07:23 - 2014-10-01 07:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 07:25 - 2014-10-01 07:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2016-08-16 10:58 - 2016-08-16 10:58 - 00045056 _____ () C:\Program Files (x86)\BACL\SpeechLab\SpeakTextCom.dll
2016-05-31 04:46 - 2016-05-31 04:46 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-09-23 16:36 - 2016-09-23 16:36 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-10 14:41 - 2016-08-01 14:20 - 00149352 _____ () C:\Program Files (x86)\Razer\Razer Cortex\SimbaDeviceControl.dll
2016-08-25 10:38 - 2016-08-24 17:49 - 02230456 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-08-25 10:38 - 2016-08-24 17:49 - 00088760 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-05-12 22:37 - 2016-05-12 22:37 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00120832 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-31 04:40 - 2016-05-31 04:40 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-12 22:37 - 2016-05-12 22:37 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-09-25 21:00 - 2016-09-25 21:00 - 00170496 _____ () \\?\C:\Users\User\AppData\Local\Temp\C440.tmp.node
2016-09-02 08:48 - 2016-09-10 08:46 - 02022072 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node
2016-07-12 19:53 - 2016-08-04 18:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-09-17 17:23 - 2016-09-12 17:48 - 17754304 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 05:24 - 2016-09-23 16:01 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 188.120.239.115 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{21308788-6515-4DE3-8BF5-B770B4AE0DF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{DBDCB109-955C-4942-8527-AFA42960EAAA}D:\james\choit\charles.exe] => (Allow) D:\james\choit\charles.exe
FirewallRules: [TCP Query User{8CE20F01-1CCD-4410-86B0-C4CF7FEA37C6}D:\james\choit\charles.exe] => (Allow) D:\james\choit\charles.exe
FirewallRules: [{E011C6A1-7651-4FAD-8E09-99F7CEA118CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BADF7BF-E48F-4A25-AB9F-5A14C5CC32E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2C01EF1C-35D0-49D4-8CC5-55319149F0E0}D:\james\jitia pet\fae\grand theft auto v\gta5.exe] => (Allow) D:\james\jitia pet\fae\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{D3D2C64C-6231-4D41-B3C0-4AC77359CF41}D:\james\jitia pet\fae\grand theft auto v\gta5.exe] => (Allow) D:\james\jitia pet\fae\grand theft auto v\gta5.exe
FirewallRules: [{47F4AEF8-48EE-4EB3-AC9C-03CA0B2D102B}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5951E8A7-DDDC-4B36-B326-2D087F9AC8E5}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{4ED8F7F7-A7A5-4001-B42A-942424D97E81}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [{BBCD2C6D-E774-476B-90AE-69FBE65BA5C7}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E3341384-1A64-4E4F-9416-5D1BDA6D1B61}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{427714CC-A96E-44D7-9E0D-1A39057908CC}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [UDP Query User{4D6D4A2D-2A13-4E51-A557-167F84D23718}C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe] => (Allow) C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe
FirewallRules: [TCP Query User{5F96416E-CDE2-48EC-ADC1-9733174C8067}C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe] => (Allow) C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe
FirewallRules: [UDP Query User{E1FEF267-D6E7-4419-9C1A-3F0CD63167C6}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{5AC975BD-BEBB-4554-A782-B852B0DDF0A7}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{D07A55E2-534B-4A79-8E28-54AC84E14FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DB2F543D-4785-4122-8FFC-D448EE29778F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{AB3946FD-4208-4E40-870F-42E1DCA1BA36}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [TCP Query User{98A40DD3-8AA4-4736-B9CF-CD9D98F012FF}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [UDP Query User{04005185-2EF0-489A-8FDE-F323FE07816D}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{924ACA3C-A74E-4D08-9199-8B8F546148B2}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{120C565E-B894-4C86-BF94-0B0B50185252}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{33A206E9-2C9D-417A-9DBF-1C94A4DE156D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E4F6FF23-1439-492F-8A75-B97B11CECAD7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{98C53AF6-FF7D-48B4-8DF4-1B696CDB64CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB8580D-6BE2-45B9-B646-92B65C3C2374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{987D3D80-BA00-4C26-8003-3E93F727F82E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1865D1D6-89F6-4CBF-AF67-8A024D3E36DA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9FED75D9-A3B1-474A-B0FC-BB05F83A15FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A682E27-8475-4089-BB91-E8AC431B06E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{75A964A0-82AB-4766-8BB2-F53CFDF6E874}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{04595A0D-32AF-4023-953A-118169CA1F02}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{89446BC2-5F21-4756-BF54-223F2B6BF3B6}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{23F75D1A-A81E-4982-84CD-224F413EA478}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [{F607EE37-6B9B-4443-860C-91715CFBAA1E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{E12B1A35-4636-449D-987F-670928EA3D31}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{3801F88B-5471-4857-9768-26364727A9C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15D60289-A385-4F45-9728-6B03FEB46E0E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{DE4C9ED2-C757-4710-A881-BEB4A7C62DA8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{303C1E4B-DA58-42E7-9404-785D806BE847}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{C6083222-6B6A-4432-8C02-42B0600CFE5C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{D475B9C9-FD81-445D-807D-69F396B0EB5E}] => (Allow) D:\James\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A999C29A-E1DB-4E85-8AAF-43497101F34F}] => (Allow) D:\James\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{D0263CE3-8D4B-4A11-B90A-8A70C51504B2}] => (Allow) C:\Users\User\AppData\Local\Temp\is-N3OMN.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{7B18ED13-B200-4925-A189-70EEAEE2FCFE}] => (Allow) C:\Users\User\AppData\Local\Temp\00013811\inst_buychannel_37.exe
FirewallRules: [{5AF9732A-0B32-48C8-8DBE-8298B12133F5}] => (Allow) C:\Users\User\AppData\Local\Temp\00013811\inst_buychannel_37.exe
FirewallRules: [{47D684F7-14F2-4E50-A538-6A6BE2D92370}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{D34F7BAF-5BF1-47AC-BA10-86190911031D}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe

==================== Restore Points =========================

25-09-2016 12:07:20 Installed Minecraft

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2016 10:58:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (09/25/2016 10:52:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vegas130.exe, version: 13.0.0.453, time stamp: 0x55720ce9
Faulting module name: ntdll.dll, version: 10.0.14393.103, time stamp: 0x57b7e207
Exception code: 0xc0000374
Fault offset: 0x00000000000f73f3
Faulting process id: 0x60c
Faulting application start time: 0x01d2178df89a0d09
Faulting application path: C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 2b00a51b-9e8d-43e6-a270-8136fa980dd1
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/25/2016 10:32:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.

Error: (09/25/2016 10:32:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.

Error: (09/25/2016 10:31:42 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest".Error in manifest or policy file "c:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest" on line 2.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.

Error: (09/25/2016 10:31:42 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest".Error in manifest or policy file "c:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest" on line 2.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.

Error: (09/25/2016 10:28:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/25/2016 10:28:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/25/2016 10:28:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/25/2016 10:28:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (09/25/2016 10:28:37 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 10:28:33 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 10:28:28 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 10:28:16 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 10:17:15 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 10:17:14 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 09:28:15 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (09/25/2016 08:58:43 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 08:58:41 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/25/2016 08:58:39 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca


CodeIntegrity:
===================================
  Date: 2016-09-25 22:31:25.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-25 22:30:01.725
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-24 12:25:33.961
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-24 09:19:02.495
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 19:50:25.424
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 17:30:21.692
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 16:05:48.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 16:04:55.626
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 16:03:40.137
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 16:03:12.987
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 59%
Total physical RAM: 7863.55 MB
Available physical RAM: 3188.32 MB
Total Virtual: 15799.55 MB
Available Virtual: 9553.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.65 GB) (Free:9.52 GB) NTFS
Drive d: () (Fixed) (Total:687.37 GB) (Free:504.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4B4E1C60)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by User (administrator) on DESKTOP-EF75065 (25-09-2016 22:52:38)
Running from C:\Users\User\Downloads
Loaded Profiles: User &  (Available Profiles: User)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Българска асоциация за компютърна лингвистика) C:\Program Files (x86)\BACL\SpeechLab\TTSProfileDlg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) D:\James\mejnkreft\runtime\jre-x64\1.8.0_25\bin\java.exe
() C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
() C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe
() C:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaw.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-30] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe [41600 2015-09-14] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-05-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-08-19] (Razer Inc.)
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\sbqh\uc.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-23] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [7647848 2016-07-24] ()
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10252624 2016-08-10] (Visicom Media Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [msiql] => C:\Users\User\AppData\Local\Temp\00013769\msiql.exe /RUNNING <===== ATTENTION
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [7647848 2016-07-24] ()
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10252624 2016-08-10] (Visicom Media Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msiql] => C:\Users\User\AppData\Local\Temp\00013769\msiql.exe /RUNNING <===== ATTENTION
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-23] (AVAST Software)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\їмС№\X64\KZipShell.dll [2016-09-23] ()
ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} =>  No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Configure Bulgarian Speech.lnk [2016-09-20]
ShortcutTarget: Configure Bulgarian Speech.lnk -> C:\Users\User\AppData\Roaming\Microsoft\Installer\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}\_5af141bb.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 198.41.0.4
Tcpip\..\Interfaces\{89a31647-e35c-41e6-954a-95b1caae8c97}: [NameServer] 188.120.239.115,8.8.8.8
Tcpip\..\Interfaces\{89a31647-e35c-41e6-954a-95b1caae8c97}: [DhcpNameServer] 192.168.100.1 198.41.0.4
Tcpip\..\Interfaces\{ba704ccd-57f7-4717-a454-2aa616fe3126}: [DhcpNameServer] 139.162.11.5 139.162.13.5 139.162.14.5 139.162.15.5

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-23] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-23] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-05-31] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-05-31] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default\searchplugins\google-avast.xml [2016-09-23]
FF Extension: (Firefox Hotfix) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-23]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-09-25] <==== ATTENTION
CHR Extension: (Easy Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-09-25]
CHR Extension: (Google Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-23]
CHR Extension: (Google Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-23]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-23]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-23]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-25]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-24]
CHR Extension: (Електронни таблици от Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-23]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-23]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-24]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-23]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-23]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-09-23]
CHR Extension: (Easy Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-07-27]
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-12]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-12]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-09-09]
CHR Extension: (TubeBuddy for YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-12]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-05-31] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Arohary; C:\Program Files (x86)\Anagosh\PhuwleRpr.dll [278528 2016-09-23] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-23] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [449112 2016-07-28] (Intel Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-19] (Hi-Rez Studios) [File not signed]
S2 HpSvc; C:\Program Files (x86)\LuDaShi\lpi\HpSvc.dll [239016 2016-07-21] () <==== ATTENTION
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-07-28] (Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-30] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-08-01] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [47208 2016-07-24] ()
S2 Kuaizip Update Checker; C:\Program Files (x86)\KuaiZip\X86\kuaizipUpdateChecker.dll [X]
S2 KuaizipUpdateChecker; C:\Program Files\їмС№\X86\kuaizipUpdateChecker.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-23] (AVAST Software)
R3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R2 KuaiZipDrive; C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [92872 2016-09-23] (WinMount International Inc)
S2 KuaiZipDrive2; C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys [93072 2016-09-23] (WinMount International Inc) <==== ATTENTION
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-06] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-08-10] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 V0770Vid; C:\Windows\system32\DRIVERS\V0770Vid.sys [388616 2015-09-14] (Creative Technology Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 22:52 - 2016-09-25 22:54 - 00028978 _____ C:\Users\User\Downloads\FRST.txt
2016-09-25 22:52 - 2016-09-25 22:52 - 00000000 ____D C:\FRST
2016-09-25 22:27 - 2016-09-25 22:28 - 00000000 ____D C:\Program Files (x86)\OBS
2016-09-25 22:27 - 2016-09-25 22:27 - 00001004 _____ C:\Users\User\Desktop\Open Broadcaster Software.lnk
2016-09-25 22:27 - 2016-09-25 22:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-09-25 22:22 - 2016-09-25 22:23 - 68582904 _____ (obsproject.com) C:\Users\User\Downloads\OBS_0_659b_With_Browser_Installer.exe
2016-09-25 22:21 - 2016-09-25 22:52 - 02403328 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2016-09-25 22:21 - 2016-09-25 22:22 - 00000000 ____D C:\Users\User\Desktop\Malware Fighting tools
2016-09-25 22:18 - 2016-09-25 22:19 - 00003940 _____ C:\Users\User\Desktop\Rkill.txt
2016-09-25 22:17 - 2016-09-25 22:17 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill.exe
2016-09-25 13:27 - 2016-09-25 13:28 - 97255680 _____ C:\Users\User\Downloads\OBS-Studio-0.15.4-With-Browser-Installer (1).exe
2016-09-25 13:25 - 2016-09-25 13:26 - 97255680 _____ C:\Users\User\Downloads\OBS-Studio-0.15.4-With-Browser-Installer.exe
2016-09-25 12:08 - 2016-09-25 12:08 - 00000721 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-09-25 12:08 - 2016-09-25 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-25 12:05 - 2016-09-25 12:05 - 02314240 _____ C:\Users\User\Downloads\MinecraftInstaller (1).msi
2016-09-24 22:45 - 2016-09-24 23:12 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06Z.ZZZZ.Z..ZZZ.ZZ
2016-09-24 21:53 - 2016-09-24 21:53 - 02127043 _____ C:\Users\User\Downloads\slab sum c-.mp4
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne3e8058735946a80
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6fef53786064a66c
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6139386055fa04c6
2016-09-24 11:28 - 2016-09-24 11:29 - 00736512 _____ C:\Users\User\Downloads\FREE TO USE OVERWATCH DAY 0 EARLY GAMEPLAY- OVERWATCH GAMEPLAY WITH NO VOICE.mp4.sfk
2016-09-24 11:27 - 2016-09-24 11:28 - 149628805 _____ C:\Users\User\Downloads\FREE TO USE OVERWATCH DAY 0 EARLY GAMEPLAY- OVERWATCH GAMEPLAY WITH NO VOICE.mp4
2016-09-24 09:16 - 2016-09-25 22:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-24 09:14 - 2016-09-24 09:14 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-24 09:14 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 09:14 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 09:14 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 09:13 - 2016-09-24 09:13 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-24 08:44 - 2016-09-24 08:46 - 00049088 _____ C:\Users\User\Downloads\ANTARCTICA [READ DESC].mp4.sfk
2016-09-24 08:43 - 2016-09-24 08:43 - 06374058 _____ C:\Users\User\Downloads\ANTARCTICA [READ DESC].mp4
2016-09-24 08:43 - 2016-09-24 08:43 - 00566514 _____ C:\Users\User\Downloads\videoplayback (2).m4a
2016-09-23 17:14 - 2016-09-23 19:38 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474658096
2016-09-23 17:14 - 2016-09-23 19:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-23 17:14 - 2016-09-23 17:14 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-09-23 17:14 - 2016-09-23 17:13 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-09-23 17:04 - 2016-09-23 17:06 - 00000000 ____D C:\WINDOWS\SystemApps.bak
2016-09-23 17:03 - 2016-09-23 17:03 - 00000622 _____ C:\Users\User\Downloads\TakeOwnership.zip
2016-09-23 16:38 - 2016-09-23 16:38 - 00000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2016-09-23 16:37 - 2016-09-23 16:37 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-09-23 16:37 - 2016-09-23 16:37 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-09-23 16:37 - 2016-09-23 16:37 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-09-23 16:37 - 2016-09-23 16:37 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-09-23 16:37 - 2016-09-23 16:37 - 00000350 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-09-23 16:37 - 2016-09-23 16:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-09-23 16:36 - 2016-09-23 17:13 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-23 16:36 - 2016-09-23 16:36 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-09-23 16:36 - 2016-09-23 16:36 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-09-23 16:35 - 2016-09-23 16:36 - 06253640 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_cnet_2 (1).exe
2016-09-23 16:27 - 2016-09-23 16:27 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-23 16:09 - 2016-09-23 16:09 - 00000258 __RSH C:\Users\User\ntuser.pol
2016-09-23 16:08 - 2016-09-23 16:08 - 00000000 ____D C:\WINDOWS\Panther
2016-09-23 16:07 - 2016-09-23 17:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-23 16:06 - 2016-09-23 16:06 - 00003408 _____ C:\WINDOWS\System32\Tasks\ComputerZ-Tray
2016-09-23 16:06 - 2016-09-23 16:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Ludashi
2016-09-23 16:06 - 2016-09-23 16:06 - 00000000 ____D C:\Program Files (x86)\LDSGameCenter
2016-09-23 16:05 - 2016-09-23 16:06 - 00000000 ____D C:\Program Files (x86)\LuDaShi
2016-09-23 16:05 - 2016-09-23 16:05 - 00093072 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive2.sys
2016-09-23 16:05 - 2016-09-23 16:05 - 00003516 _____ C:\WINDOWS\System32\Tasks\KuaiZip_Update
2016-09-23 16:05 - 2016-09-23 16:05 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-09-23 16:04 - 2016-09-24 09:47 - 00000000 ____D C:\Program Files (x86)\sbqh
2016-09-23 16:04 - 2016-09-23 16:46 - 00000000 ____D C:\Program Files\їмС№
2016-09-23 16:04 - 2016-09-23 16:33 - 00000000 ____D C:\Program Files (x86)\GreatMaker
2016-09-23 16:04 - 2016-09-23 16:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Kuaizip
2016-09-23 16:04 - 2016-09-23 16:05 - 06253640 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2016-09-23 16:04 - 2016-09-23 16:04 - 00092872 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2016-09-23 16:04 - 2016-09-23 16:04 - 00000000 ____D C:\Users\User\AppData\Roaming\Softlink
2016-09-23 16:04 - 2016-09-23 16:04 - 00000000 ____D C:\Users\Public\Thunder Network
2016-09-23 16:04 - 2016-09-23 16:04 - 00000000 ____D C:\ProgramData\Thunder Network
2016-09-23 16:03 - 2016-09-23 16:03 - 00001802 __RSH C:\ProgramData\ntuser.pol
2016-09-23 16:02 - 2016-09-25 22:53 - 00002333 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-09-23 16:02 - 2016-09-25 22:53 - 00001968 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-09-23 16:02 - 2016-09-23 19:33 - 00000000 ____D C:\Program Files (x86)\WebShield
2016-09-23 16:02 - 2016-09-23 16:02 - 00000000 _____ C:\TOSTACK
2016-09-23 16:01 - 2016-09-24 22:26 - 00000000 ___HD C:\Program Files (x86)\l76d2127
2016-09-23 16:01 - 2016-09-23 17:17 - 00000000 ____D C:\Users\User\AppData\Local\app
2016-09-23 16:01 - 2016-09-23 17:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 16:01 - 2016-09-23 16:07 - 00000000 ____D C:\Program Files (x86)\Anagosh
2016-09-23 16:01 - 2016-09-23 16:01 - 00008934 _____ C:\WINDOWS\System32\Tasks\Ladacultferdoch Reports
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\Users\User\AppData\Local\Pluqery
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\ProgramData\Avira
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\ProgramData\Avg
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\Program Files (x86)\WeatherChickn
2016-09-23 14:20 - 2016-09-23 14:20 - 00001385 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-09-23 14:20 - 2016-09-23 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-09-23 13:21 - 2016-09-23 13:24 - 31336304 _____ (Riot Games) C:\Users\User\Downloads\LeagueofLegends_EUNE_Installer_2016_05_13 (1).exe
2016-09-23 08:10 - 2016-09-23 08:22 - 00027680 _____ C:\Users\User\Downloads\TOP 10 Intro Templates #173 Sony Vegas Pro + Free Download.mp3.sfk
2016-09-22 22:56 - 2016-09-22 22:58 - 00036144 _____ C:\Users\User\Documents\samoubiima.veg
2016-09-22 22:56 - 2016-09-22 22:56 - 00033600 _____ C:\Users\User\Documents\samoubiima.veg.bak
2016-09-22 19:52 - 2016-09-22 20:15 - 00091800 _____ C:\Users\User\Documents\edita.veg
2016-09-22 19:52 - 2016-09-22 20:14 - 00091400 _____ C:\Users\User\Documents\edita.veg.bak
2016-09-21 18:56 - 2016-09-21 18:57 - 00000000 ____D C:\Users\User\AppData\Local\HirezLauncherUI
2016-09-21 18:49 - 2016-09-21 18:50 - 00028640 _____ C:\Users\User\Downloads\HBD TO ME.mp4.sfk
2016-09-21 18:49 - 2016-09-21 18:49 - 05011743 _____ C:\Users\User\Downloads\HBD TO ME.mp4
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files\MSBuild
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-21 18:05 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-21 18:05 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-21 17:50 - 2016-09-21 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-21 17:50 - 2016-09-21 17:50 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-09-21 17:49 - 2016-09-24 22:38 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-09-21 16:26 - 2016-09-21 16:27 - 00025728 _____ C:\Users\User\Downloads\FOREVER.mp4.sfk
2016-09-21 16:25 - 2016-09-21 16:25 - 04079089 _____ C:\Users\User\Downloads\FOREVER.mp4
2016-09-21 16:12 - 2016-09-21 19:13 - 00081816 _____ C:\Users\User\Documents\gei.veg
2016-09-21 16:12 - 2016-09-21 19:11 - 00081888 _____ C:\Users\User\Documents\gei.veg.bak
2016-09-21 16:09 - 2016-09-21 16:22 - 00031584 _____ C:\Users\User\Downloads\- DESTRUCTION [1080p60].mp4.sfk
2016-09-21 16:03 - 2016-09-21 16:03 - 05710616 _____ C:\Users\User\Downloads\- DESTRUCTION [1080p60].mp4
2016-09-21 15:45 - 2016-09-21 15:45 - 00000222 _____ C:\Users\User\Desktop\Paladins.url
2016-09-21 14:55 - 2016-09-21 14:55 - 00003520 _____ C:\Users\User\Downloads\Repair.jar
2016-09-21 14:33 - 2016-09-21 14:33 - 00027274 _____ C:\Users\User\Downloads\RepairMan-0.3.2.jar
2016-09-21 13:12 - 2016-09-21 15:06 - 00083288 _____ C:\Users\User\Documents\gayy.veg
2016-09-21 13:12 - 2016-09-21 14:57 - 00022552 _____ C:\Users\User\Documents\gayy.veg.bak
2016-09-21 11:25 - 2016-09-21 11:25 - 00965083 _____ C:\Users\User\Downloads\#12.wmv
2016-09-20 23:02 - 2016-09-20 23:02 - 00000000 ____D C:\Program Files\CMAK
2016-09-20 23:02 - 2016-09-20 23:02 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignffe0c00f90266638
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf8fc6ef0d58f08d2
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7a2912fbe51e8eb8
2016-09-20 22:12 - 2016-09-07 03:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-20 22:12 - 2016-09-07 03:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-20 22:12 - 2016-09-07 03:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-20 22:12 - 2016-09-07 03:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-20 22:12 - 2016-09-07 03:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-20 22:12 - 2016-09-07 02:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-20 22:12 - 2016-09-07 02:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-20 22:12 - 2016-09-07 02:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-20 22:12 - 2016-09-07 02:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-20 22:12 - 2016-09-07 02:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-20 22:12 - 2016-09-07 02:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-20 22:12 - 2016-09-07 02:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-20 22:12 - 2016-09-07 02:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-20 22:12 - 2016-09-07 02:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-20 22:12 - 2016-09-07 02:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-20 22:12 - 2016-09-07 02:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-20 22:12 - 2016-09-07 02:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-20 22:12 - 2016-09-07 02:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-20 22:12 - 2016-09-07 02:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-20 22:12 - 2016-09-07 02:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-20 22:12 - 2016-09-07 02:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-20 22:12 - 2016-09-07 02:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-20 22:12 - 2016-09-07 02:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-20 22:12 - 2016-09-07 02:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-20 22:12 - 2016-08-20 03:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-20 22:12 - 2016-08-20 03:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-20 22:12 - 2016-08-20 03:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-20 22:12 - 2016-08-20 03:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-20 22:12 - 2016-08-20 03:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-20 22:12 - 2016-08-20 03:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-20 22:12 - 2016-08-20 02:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-20 22:12 - 2016-08-06 02:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-20 22:12 - 2016-08-06 01:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-20 22:12 - 2016-08-06 01:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-20 22:12 - 2016-08-06 01:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-20 22:12 - 2016-08-06 01:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-20 22:12 - 2016-08-06 01:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-20 22:12 - 2016-08-06 01:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-20 22:12 - 2016-08-06 01:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-20 22:12 - 2016-08-06 01:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-20 22:12 - 2016-08-02 06:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-20 22:11 - 2016-09-07 03:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-20 22:11 - 2016-09-07 03:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-20 22:11 - 2016-09-07 03:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-20 22:11 - 2016-09-07 03:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-20 22:11 - 2016-09-07 03:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-20 22:11 - 2016-09-07 03:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-20 22:11 - 2016-09-07 03:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-20 22:11 - 2016-09-07 03:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-20 22:11 - 2016-09-07 03:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-20 22:11 - 2016-09-07 03:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-20 22:11 - 2016-09-07 03:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-20 22:11 - 2016-09-07 03:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-20 22:11 - 2016-09-07 03:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-20 22:11 - 2016-09-07 02:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-20 22:11 - 2016-09-07 02:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-20 22:11 - 2016-09-07 02:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-20 22:11 - 2016-09-07 02:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-20 22:11 - 2016-09-07 02:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-20 22:11 - 2016-09-07 02:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-20 22:11 - 2016-09-07 02:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-20 22:11 - 2016-09-07 02:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-20 22:11 - 2016-09-07 02:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-20 22:11 - 2016-09-07 02:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-20 22:11 - 2016-09-07 02:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-20 22:11 - 2016-09-07 02:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-20 22:11 - 2016-09-07 02:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-20 22:11 - 2016-09-07 02:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-20 22:11 - 2016-09-07 02:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-20 22:11 - 2016-09-07 02:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-20 22:11 - 2016-09-07 02:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-20 22:11 - 2016-09-07 02:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-20 22:11 - 2016-09-07 02:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-20 22:11 - 2016-08-20 03:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-20 22:11 - 2016-08-20 03:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-20 22:11 - 2016-08-20 03:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-20 22:11 - 2016-08-20 03:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-20 22:11 - 2016-08-20 03:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-20 22:11 - 2016-08-20 03:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-20 22:11 - 2016-08-20 03:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-20 22:11 - 2016-08-20 03:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-20 22:11 - 2016-08-20 02:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-20 22:11 - 2016-08-06 02:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-20 22:11 - 2016-08-06 02:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-20 22:11 - 2016-08-06 01:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-20 22:11 - 2016-08-06 01:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-20 22:11 - 2016-08-06 01:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-20 22:11 - 2016-08-06 01:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-20 22:11 - 2016-08-06 01:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-20 22:11 - 2016-08-06 01:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-20 22:11 - 2016-08-06 01:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-20 22:11 - 2016-08-06 01:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-20 22:11 - 2016-08-06 01:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-20 22:11 - 2016-08-06 01:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-20 22:11 - 2016-08-06 01:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-20 22:11 - 2016-08-06 01:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-20 22:11 - 2016-08-06 01:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-20 22:11 - 2016-08-06 01:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-20 22:11 - 2016-08-06 01:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-20 22:11 - 2016-08-06 01:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-20 22:11 - 2016-08-06 01:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-20 22:11 - 2016-08-02 06:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-20 22:11 - 2016-08-02 02:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-20 22:11 - 2016-07-21 23:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-20 22:11 - 2016-07-21 22:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-20 22:10 - 2016-09-07 03:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-20 22:10 - 2016-09-07 03:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-20 22:10 - 2016-09-07 03:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-20 22:10 - 2016-09-07 03:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-20 22:10 - 2016-09-07 03:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-20 22:10 - 2016-09-07 03:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-20 22:10 - 2016-09-07 03:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-20 22:10 - 2016-09-07 03:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-20 22:10 - 2016-09-07 03:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-20 22:10 - 2016-09-07 03:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-20 22:10 - 2016-09-07 03:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-20 22:10 - 2016-09-07 03:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-20 22:10 - 2016-09-07 03:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-20 22:10 - 2016-09-07 03:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-20 22:10 - 2016-09-07 03:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-20 22:10 - 2016-09-07 03:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-20 22:10 - 2016-09-07 02:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-20 22:10 - 2016-09-07 02:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-20 22:10 - 2016-09-07 02:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-20 22:10 - 2016-09-07 02:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-20 22:10 - 2016-09-07 02:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-20 22:10 - 2016-09-07 02:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-20 22:10 - 2016-09-07 02:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-20 22:10 - 2016-09-07 02:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-20 22:10 - 2016-09-07 02:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-20 22:10 - 2016-09-07 02:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-20 22:10 - 2016-09-07 02:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-20 22:10 - 2016-09-07 02:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-20 22:10 - 2016-08-20 04:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-20 22:10 - 2016-08-20 03:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-20 22:10 - 2016-08-20 03:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-20 22:10 - 2016-08-20 03:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-20 22:10 - 2016-08-20 03:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-20 22:10 - 2016-08-20 03:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-20 22:10 - 2016-08-20 03:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-20 22:10 - 2016-08-20 03:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-20 22:10 - 2016-08-20 02:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-20 22:10 - 2016-08-20 02:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-20 22:10 - 2016-08-20 02:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-20 22:10 - 2016-07-21 23:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-20 22:10 - 2016-07-21 23:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-20 22:10 - 2016-07-21 22:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-20 22:08 - 2016-09-07 02:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-20 22:06 - 2016-09-07 03:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-20 22:06 - 2016-09-07 03:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-20 22:06 - 2016-09-07 03:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-20 22:06 - 2016-09-07 02:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-20 22:06 - 2016-08-06 01:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-20 22:04 - 2016-09-07 03:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-20 22:04 - 2016-09-07 03:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-20 22:04 - 2016-09-07 02:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-20 21:53 - 2016-09-07 03:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-20 21:53 - 2016-09-07 03:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-20 21:53 - 2016-09-07 03:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-20 21:53 - 2016-09-07 03:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-20 21:53 - 2016-09-07 02:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-20 21:53 - 2016-09-07 02:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-20 21:53 - 2016-09-07 02:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-20 21:53 - 2016-09-07 02:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-20 21:53 - 2016-09-07 02:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-20 21:53 - 2016-09-07 02:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-20 21:53 - 2016-09-07 02:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-20 21:53 - 2016-09-07 02:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-20 21:53 - 2016-09-07 02:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-20 21:53 - 2016-08-20 03:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-20 21:53 - 2016-08-20 02:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-20 21:53 - 2016-08-06 02:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-20 21:53 - 2016-08-06 02:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-20 21:53 - 2016-08-06 01:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-20 21:53 - 2016-08-06 01:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-20 21:53 - 2016-08-06 01:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-20 21:53 - 2016-07-21 23:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-20 21:52 - 2016-09-07 03:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-20 21:52 - 2016-09-07 03:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-20 21:52 - 2016-09-07 03:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-20 21:52 - 2016-09-07 03:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-20 21:52 - 2016-09-07 03:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-20 21:52 - 2016-09-07 02:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-20 21:52 - 2016-09-07 02:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-20 21:52 - 2016-09-07 02:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-20 21:52 - 2016-09-07 02:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-20 21:52 - 2016-09-07 02:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-20 21:52 - 2016-09-07 02:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-20 21:52 - 2016-09-07 02:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-20 21:52 - 2016-09-07 02:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-20 21:52 - 2016-09-07 02:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-20 21:52 - 2016-09-07 02:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-20 21:52 - 2016-09-07 02:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-20 21:52 - 2016-09-07 02:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-20 21:52 - 2016-09-07 02:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-20 21:52 - 2016-09-07 02:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-20 21:52 - 2016-09-07 02:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-20 21:52 - 2016-09-07 02:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-20 21:52 - 2016-09-07 02:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-20 21:52 - 2016-09-07 02:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-20 21:52 - 2016-09-07 02:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-20 21:52 - 2016-09-07 02:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-20 21:52 - 2016-08-20 03:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-20 21:52 - 2016-08-20 03:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-20 21:52 - 2016-08-20 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-20 21:52 - 2016-08-20 03:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-20 21:52 - 2016-08-06 02:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-20 21:52 - 2016-08-06 01:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-20 21:52 - 2016-08-06 01:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-20 21:52 - 2016-08-06 01:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-20 21:52 - 2016-08-06 01:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-20 21:52 - 2016-08-06 01:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-20 21:51 - 2016-09-07 03:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-20 21:51 - 2016-09-07 03:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-20 21:51 - 2016-09-07 03:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-20 21:51 - 2016-09-07 02:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-20 21:51 - 2016-09-07 02:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-20 21:51 - 2016-09-07 02:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-20 21:51 - 2016-09-07 02:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-20 21:51 - 2016-09-07 02:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-20 21:51 - 2016-09-07 02:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-20 21:51 - 2016-09-07 02:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-20 21:51 - 2016-09-07 02:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-20 21:51 - 2016-09-07 02:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-20 21:51 - 2016-09-07 02:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-20 21:51 - 2016-09-07 02:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-20 21:51 - 2016-09-07 02:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-20 21:51 - 2016-09-07 02:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-20 21:51 - 2016-08-20 03:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-20 21:51 - 2016-08-20 03:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-20 21:51 - 2016-08-20 03:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-20 21:51 - 2016-08-20 03:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-20 21:51 - 2016-08-20 03:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-20 21:51 - 2016-08-20 03:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-20 21:51 - 2016-08-20 03:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-20 21:51 - 2016-08-06 01:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-20 21:51 - 2016-08-06 01:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-20 21:51 - 2016-08-06 01:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-20 21:50 - 2016-09-07 03:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-20 21:50 - 2016-09-07 03:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-20 21:50 - 2016-09-07 03:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-20 21:50 - 2016-09-07 03:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-20 21:50 - 2016-09-07 03:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-20 21:50 - 2016-09-07 03:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-20 21:50 - 2016-09-07 03:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-20 21:50 - 2016-09-07 02:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-20 21:50 - 2016-09-07 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-20 21:50 - 2016-09-07 02:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-20 21:50 - 2016-09-07 02:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-20 21:50 - 2016-09-07 02:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-20 21:50 - 2016-09-07 02:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-20 21:50 - 2016-09-07 02:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-20 21:50 - 2016-09-07 02:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-20 21:50 - 2016-09-07 02:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-20 21:50 - 2016-09-07 02:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-20 21:50 - 2016-09-07 02:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-20 21:50 - 2016-09-07 02:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-20 21:50 - 2016-09-07 02:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-20 21:50 - 2016-08-18 23:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-20 21:50 - 2016-08-06 02:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-20 21:49 - 2016-09-07 03:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-20 21:49 - 2016-09-07 03:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-20 21:49 - 2016-09-07 03:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-20 21:49 - 2016-09-07 03:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-20 21:49 - 2016-09-07 03:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-20 21:49 - 2016-09-07 03:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-20 21:49 - 2016-09-07 03:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-20 21:49 - 2016-09-07 03:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-20 21:49 - 2016-09-07 03:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-20 21:49 - 2016-09-07 03:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-20 21:49 - 2016-09-07 03:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-20 21:49 - 2016-09-07 03:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-20 21:49 - 2016-09-07 02:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-20 21:49 - 2016-09-07 02:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-20 21:49 - 2016-09-07 02:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-20 21:49 - 2016-09-07 02:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-20 21:49 - 2016-09-07 02:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-20 21:49 - 2016-09-07 02:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-20 21:49 - 2016-09-07 02:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-20 21:49 - 2016-09-07 02:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-20 21:49 - 2016-09-07 02:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-20 21:49 - 2016-09-07 02:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-20 21:49 - 2016-09-07 02:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-20 21:49 - 2016-08-20 03:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-20 21:49 - 2016-08-20 03:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-20 21:49 - 2016-08-20 03:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-20 21:49 - 2016-08-06 02:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-20 21:49 - 2016-08-06 01:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-20 21:49 - 2016-07-21 23:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-20 21:48 - 2016-09-07 03:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-20 21:48 - 2016-09-07 03:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-20 21:48 - 2016-09-07 03:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-20 21:48 - 2016-09-07 03:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-20 21:48 - 2016-09-07 02:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-20 21:48 - 2016-09-07 02:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-20 21:48 - 2016-09-07 02:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-20 21:48 - 2016-09-07 02:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-20 21:48 - 2016-09-07 02:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-20 21:48 - 2016-09-07 02:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-20 21:48 - 2016-08-20 04:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-20 21:48 - 2016-08-06 02:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-20 21:48 - 2016-08-06 01:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-20 21:48 - 2016-07-21 23:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-20 21:47 - 2016-09-07 04:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-20 21:47 - 2016-09-07 03:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-20 21:47 - 2016-09-07 03:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-20 21:47 - 2016-09-07 03:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-20 21:47 - 2016-09-07 03:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-20 21:47 - 2016-09-07 03:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-20 21:47 - 2016-09-07 03:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-20 21:47 - 2016-09-07 03:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-20 21:47 - 2016-09-07 03:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-20 21:47 - 2016-09-07 03:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-20 21:47 - 2016-09-07 03:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-20 21:47 - 2016-09-07 03:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-20 21:47 - 2016-09-07 03:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-20 21:47 - 2016-09-07 03:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-20 21:47 - 2016-09-07 03:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-20 21:47 - 2016-09-07 03:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-20 21:47 - 2016-09-07 02:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-20 21:47 - 2016-09-07 02:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-20 21:47 - 2016-09-07 02:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-20 21:47 - 2016-09-07 02:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-20 21:47 - 2016-09-07 02:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-20 21:47 - 2016-09-07 02:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-20 21:47 - 2016-09-07 02:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-20 21:47 - 2016-09-07 02:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-20 21:47 - 2016-09-07 02:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-20 21:47 - 2016-09-07 02:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-20 21:47 - 2016-09-07 02:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-20 21:47 - 2016-09-07 02:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-20 21:47 - 2016-09-07 02:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-20 21:47 - 2016-09-07 02:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-20 21:47 - 2016-09-07 02:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-20 21:47 - 2016-09-07 02:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-20 21:47 - 2016-09-07 02:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-20 21:47 - 2016-08-27 10:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-20 21:47 - 2016-08-27 03:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-20 21:47 - 2016-08-27 02:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-20 21:47 - 2016-08-27 02:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-20 21:47 - 2016-08-27 02:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-20 21:47 - 2016-08-20 03:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-20 21:47 - 2016-08-20 03:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-20 21:47 - 2016-08-20 03:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-20 21:47 - 2016-08-20 03:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-20 21:47 - 2016-08-06 02:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-20 21:47 - 2016-08-06 02:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-20 21:47 - 2016-08-06 02:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-20 21:47 - 2016-08-06 02:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-20 21:47 - 2016-08-06 01:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-20 21:47 - 2016-08-06 01:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-20 21:47 - 2016-08-06 01:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-20 21:47 - 2016-07-21 23:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-20 21:46 - 2016-09-07 03:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-20 21:46 - 2016-09-07 03:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-20 21:46 - 2016-09-07 03:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-20 21:46 - 2016-09-07 03:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-20 21:46 - 2016-09-07 03:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-20 21:46 - 2016-09-07 03:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-20 21:46 - 2016-09-07 03:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-20 21:46 - 2016-09-07 02:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-20 21:46 - 2016-09-07 02:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-20 21:46 - 2016-09-07 02:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-20 21:46 - 2016-09-07 02:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-20 21:46 - 2016-09-07 02:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-20 21:46 - 2016-09-07 02:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-20 21:46 - 2016-09-07 02:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-09-20 21:46 - 2016-09-07 02:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-20 21:46 - 2016-09-07 02:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-20 21:46 - 2016-09-07 02:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-20 21:46 - 2016-09-07 02:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-20 21:46 - 2016-09-07 02:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-20 21:46 - 2016-09-07 02:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-20 21:46 - 2016-09-07 02:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-20 21:46 - 2016-09-07 02:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-20 21:46 - 2016-09-07 02:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-20 21:46 - 2016-09-07 02:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-20 21:46 - 2016-09-07 02:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-20 21:46 - 2016-08-27 07:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-20 21:46 - 2016-08-27 02:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-20 21:46 - 2016-08-27 02:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-20 21:46 - 2016-08-27 02:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-20 21:46 - 2016-08-20 04:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-20 21:46 - 2016-08-20 03:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-20 21:46 - 2016-08-06 02:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-20 21:46 - 2016-08-06 02:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-20 21:46 - 2016-08-06 02:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-20 21:46 - 2016-08-06 02:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-20 21:46 - 2016-08-06 02:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-20 21:46 - 2016-08-06 02:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-20 21:46 - 2016-08-06 02:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-20 21:46 - 2016-08-05 07:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-20 21:46 - 2016-08-05 07:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-20 21:46 - 2016-08-05 07:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-20 21:46 - 2016-08-02 06:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-20 21:46 - 2016-08-02 06:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-20 21:46 - 2016-08-02 02:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-20 21:45 - 2016-09-07 02:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-20 21:45 - 2016-09-07 02:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-20 21:45 - 2016-09-07 02:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-20 21:45 - 2016-09-07 02:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-20 21:45 - 2016-09-07 02:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-20 21:45 - 2016-09-07 02:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-20 21:45 - 2016-09-07 02:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-20 21:45 - 2016-09-07 02:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-20 21:45 - 2016-09-07 02:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-20 21:45 - 2016-09-07 02:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-20 21:45 - 2016-09-07 02:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-20 21:45 - 2016-09-07 02:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-20 21:45 - 2016-09-07 02:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-20 21:45 - 2016-09-07 02:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-20 21:45 - 2016-09-07 02:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-20 21:45 - 2016-09-07 02:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-20 21:45 - 2016-09-07 02:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-20 21:45 - 2016-09-07 02:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-20 21:45 - 2016-09-07 02:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-20 21:45 - 2016-09-07 02:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-20 21:45 - 2016-09-07 02:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-20 21:45 - 2016-08-27 02:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-20 21:45 - 2016-08-27 02:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-20 21:45 - 2016-08-20 03:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-20 21:45 - 2016-08-20 03:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-20 21:45 - 2016-08-20 03:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-20 21:45 - 2016-08-20 03:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-20 21:45 - 2016-08-06 01:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-20 21:45 - 2016-08-06 01:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-20 21:45 - 2016-08-06 01:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-20 21:45 - 2016-08-06 01:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-20 21:45 - 2016-08-06 01:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-20 21:45 - 2016-08-06 01:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-20 21:45 - 2016-08-06 01:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-20 21:45 - 2016-08-06 01:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-20 21:45 - 2016-08-06 01:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-20 21:45 - 2016-08-06 01:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-20 21:45 - 2016-08-06 01:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-20 21:45 - 2016-08-06 01:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-20 21:45 - 2016-08-06 01:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-20 21:45 - 2016-08-06 01:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-20 21:45 - 2016-08-06 01:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-20 21:45 - 2016-08-06 01:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-20 21:45 - 2016-08-06 01:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-20 21:45 - 2016-08-06 01:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-20 21:45 - 2016-08-06 01:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-20 21:45 - 2016-08-05 06:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-20 21:45 - 2016-08-05 06:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-20 21:45 - 2016-08-05 06:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-20 21:45 - 2016-08-05 06:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-20 21:45 - 2016-08-05 06:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-20 21:45 - 2016-08-05 06:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-20 21:45 - 2016-08-05 06:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-20 21:45 - 2016-08-05 06:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-20 21:45 - 2016-08-02 06:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-20 21:45 - 2016-08-02 06:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-20 21:45 - 2016-08-02 06:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-20 21:45 - 2016-08-02 06:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-20 21:45 - 2016-08-02 02:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-20 21:45 - 2016-08-02 02:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-20 21:27 - 2016-09-20 21:27 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-20 21:27 - 2016-09-20 21:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-20 21:27 - 2016-09-20 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-20 21:27 - 2016-09-20 21:27 - 00000000 ____D C:\Program Files\CCleaner
2016-09-20 21:23 - 2016-09-20 21:27 - 08244656 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup522.exe
2016-09-20 21:01 - 2016-09-21 11:28 - 00351080 _____ C:\Users\User\Documents\bebe.veg
2016-09-20 21:01 - 2016-09-21 11:18 - 00345912 _____ C:\Users\User\Documents\bebe.veg.bak
2016-09-20 13:28 - 2016-09-20 13:28 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-20 13:27 - 2016-09-20 13:27 - 00000000 ____D C:\ProgramData\USOShared
2016-09-20 13:26 - 2016-09-20 21:24 - 00000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2016-09-20 13:26 - 2016-09-20 13:26 - 00000020 ___SH C:\Users\User\ntuser.ini
2016-09-20 13:25 - 2016-09-20 21:31 - 00000000 ____D C:\Windows.old
2016-09-20 13:25 - 2016-07-16 01:29 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2016-09-20 13:25 - 2016-07-16 01:26 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2016-09-20 13:25 - 2016-07-16 01:25 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2016-09-20 13:25 - 2016-07-16 00:45 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0002.dll
2016-09-20 13:25 - 2016-07-16 00:42 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0002.dll
2016-09-20 13:25 - 2016-07-16 00:39 - 01868800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2016-09-20 13:24 - 2016-09-20 13:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-20 13:23 - 2016-09-20 13:23 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\My Documents
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-09-20 07:47 - 2016-09-20 07:48 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-20 07:47 - 2016-09-20 07:48 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-20 07:46 - 2016-09-24 22:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-20 07:46 - 2016-09-20 07:46 - 00003550 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-20 07:46 - 2016-09-20 07:46 - 00003326 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-20 07:46 - 2016-09-20 07:46 - 00003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EED9C1A5-E344-46EF-8B20-C3BDE6381A91}
2016-09-20 07:46 - 2016-09-20 07:46 - 00003126 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2016-09-20 07:46 - 2016-09-20 07:46 - 00003050 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001
2016-09-20 07:46 - 2016-09-20 07:46 - 00002882 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2016-09-20 07:46 - 2016-09-20 07:46 - 00002820 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-20 07:46 - 2016-09-20 07:46 - 00002798 _____ C:\WINDOWS\System32\Tasks\update-sys
2016-09-20 07:46 - 2016-09-20 07:46 - 00002580 _____ C:\WINDOWS\System32\Tasks\{179AE184-A649-4CA8-A3D0-6C614864584D}
2016-09-20 07:46 - 2016-09-20 07:46 - 00002370 _____ C:\WINDOWS\System32\Tasks\{5C066DAE-FB13-483C-BE23-A69C5C4EC109}
2016-09-20 07:46 - 2016-09-20 07:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-20 07:42 - 2016-09-20 07:42 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-20 07:36 - 2016-09-20 07:36 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-20 07:34 - 2016-09-20 07:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\My Documents
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Videos
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Pictures
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Music
2016-09-20 07:30 - 2016-07-28 01:27 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-20 07:30 - 2016-07-16 09:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-20 07:29 - 2016-09-25 20:58 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-20 07:29 - 2016-09-20 07:35 - 00000000 ____D C:\Program Files\Intel
2016-09-20 07:29 - 2016-09-20 07:29 - 00000568 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-09-20 07:29 - 2016-09-20 07:29 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\Program Files\Realtek
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-09-20 07:28 - 2016-09-25 12:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-20 07:28 - 2016-09-20 07:28 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-19 22:20 - 2016-09-19 22:22 - 00001536 _____ C:\Users\User\Downloads\Glitch Overlay.mp4.sfk
2016-09-19 22:20 - 2016-09-19 22:20 - 00314270 _____ C:\Users\User\Downloads\Glitch Overlay.mp4
2016-09-19 22:01 - 2016-09-19 22:02 - 00207776 _____ C:\Users\User\Downloads\Glitch Art Video.mp4.sfk
2016-09-19 22:00 - 2016-09-19 22:00 - 12944758 _____ C:\Users\User\Downloads\Glitch Art Video.mp4
2016-09-19 21:52 - 2016-09-19 21:54 - 00007072 _____ C:\Users\User\Downloads\Glitch overlay by Duczmen + Download link FREE (1).mp4.sfk
2016-09-19 21:52 - 2016-09-19 21:52 - 01477227 _____ C:\Users\User\Downloads\Glitch overlay by Duczmen + Download link FREE (1).mp4
2016-09-19 21:28 - 2016-09-19 22:19 - 00299568 _____ C:\Users\User\Documents\basi.veg.tmp
2016-09-19 21:28 - 2016-09-19 22:19 - 00299568 _____ C:\Users\User\Documents\basi.veg.bak
2016-09-19 21:26 - 2016-09-19 21:32 - 00396640 _____ C:\Users\User\Downloads\Qualmsound - Breath (Blynk Remix).mp4.sfk
2016-09-19 21:26 - 2016-09-19 21:26 - 18697673 _____ C:\Users\User\Downloads\Qualmsound - Breath (Blynk Remix).mp4
2016-09-19 21:12 - 2016-09-19 21:22 - 00000044 _____ C:\Users\User\Documents\pooshock.ru.url
2016-09-19 18:39 - 2016-09-19 18:50 - 00267744 _____ C:\Users\User\Downloads\MarCrew REOPPENED !.mp4.sfk
2016-09-19 18:39 - 2016-09-19 18:39 - 29852481 _____ C:\Users\User\Downloads\MarCrew REOPPENED !.mp4
2016-09-19 17:11 - 2016-09-19 17:11 - 58906114 _____ C:\Users\User\Downloads\Драма 2.mp4
2016-09-19 17:07 - 2016-09-19 17:10 - 533484853 _____ C:\Users\User\Downloads\ДРАМА.mp4
2016-09-19 14:15 - 2016-09-19 14:15 - 00028424 _____ C:\Users\User\Documents\testeaweaw.veg
2016-09-19 14:06 - 2016-09-19 14:10 - 00013920 _____ C:\Users\User\Downloads\Free Blue Sync Intro Template [C4,AE] #14.mp4.sfk
2016-09-19 14:05 - 2016-09-19 14:05 - 03225955 _____ C:\Users\User\Downloads\Free Blue Sync Intro Template [C4,AE] #14.mp4
2016-09-19 14:03 - 2016-09-19 14:03 - 24068500 _____ C:\Users\User\Downloads\MerkzzFx End of 2015 intro template.zip
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign75384d03ca01ba6a
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3bf565f523dbc71d
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign385b943bf9cddf7b
2016-09-18 12:56 - 2016-09-18 12:56 - 40254473 _____ C:\Users\User\Downloads\Открития на нацистите, откраднати от САЩ след войната.mp4
2016-09-17 22:38 - 2016-09-17 22:38 - 00012928 _____ C:\Users\User\Documents\тест.veg
2016-09-17 19:47 - 2016-09-17 19:49 - 221498696 _____ C:\Users\User\Downloads\900 subs giftpack by Hasel.rar
2016-09-16 22:20 - 2016-09-16 22:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign39983a584c625489
2016-09-16 22:19 - 2016-09-16 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd46f29e432adafb3
2016-09-16 22:19 - 2016-09-16 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4744c9725b67c423
2016-09-16 21:20 - 2016-09-16 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign58d080d745fad1f4
2016-09-16 21:20 - 2016-09-16 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3fad890414530d69
2016-09-16 21:19 - 2016-09-16 21:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign128dad34647a6984
2016-09-16 20:07 - 2016-09-16 21:01 - 00000000 ____D C:\Users\User\Desktop\Cringe
2016-09-16 19:55 - 2016-09-16 21:30 - 00071104 _____ C:\Users\User\Documents\cringe.veg
2016-09-16 19:55 - 2016-09-16 21:29 - 00068448 _____ C:\Users\User\Documents\cringe.veg.bak
2016-09-16 19:42 - 2016-09-16 19:44 - 00752864 _____ C:\Users\User\Downloads\КАК ДА СИ ХВАНЕМ ГАДЖЕ.mp4.sfk
2016-09-16 19:42 - 2016-09-16 19:42 - 102753911 _____ C:\Users\User\Downloads\КАК ДА СИ ХВАНЕМ ГАДЖЕ.mp4
2016-09-16 18:36 - 2016-09-17 22:33 - 00319768 _____ C:\Users\User\Documents\Sci - Fi.veg
2016-09-16 18:36 - 2016-09-17 21:37 - 00319768 _____ C:\Users\User\Documents\Sci - Fi.veg.bak
2016-09-16 18:31 - 2016-09-16 18:46 - 00220576 _____ C:\Users\User\Downloads\Chris Travis - Sci - Fi.mp4.sfk
2016-09-16 18:31 - 2016-09-16 18:31 - 37198160 _____ C:\Users\User\Downloads\Chris Travis - Sci - Fi.mp4
2016-09-16 17:36 - 2016-09-16 17:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Charles
2016-09-16 17:02 - 2016-09-20 07:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Charles
2016-09-16 16:59 - 2016-09-16 17:01 - 78958592 _____ C:\Users\User\Downloads\charles-proxy-4.0-win64.msi
2016-09-15 20:16 - 2016-09-15 20:16 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign57398b4eafcd1c23
2016-09-15 20:15 - 2016-09-15 20:15 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb20d906f49468e85
2016-09-15 20:15 - 2016-09-15 20:15 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3a7d68bf9db899f0
2016-09-15 20:09 - 2016-09-15 20:42 - 00096384 _____ C:\Users\User\Downloads\HBD Rufflexos [DESC].mp4.sfk
2016-09-15 20:08 - 2016-09-15 20:08 - 15906182 _____ C:\Users\User\Downloads\HBD Rufflexos [DESC].mp4
2016-09-15 16:19 - 2016-09-15 16:19 - 00012888 _____ C:\Users\User\Documents\tree.veg
2016-09-15 13:23 - 2016-09-15 13:27 - 00826944 _____ C:\Users\User\Downloads\YouTube loading screen.mp4.sfk
2016-09-15 13:22 - 2016-09-15 13:22 - 10114516 _____ C:\Users\User\Downloads\YouTube loading screen.mp4
2016-09-15 11:40 - 2016-09-15 14:48 - 16104576 _____ C:\Users\User\Documents\bobi duo.veg
2016-09-15 11:40 - 2016-09-15 14:46 - 16104576 _____ C:\Users\User\Documents\bobi duo.veg.bak
2016-09-15 11:34 - 2016-09-15 11:35 - 00055944 _____ C:\Users\User\Documents\nigga.sfk
2016-09-15 11:30 - 2016-09-15 11:31 - 07152104 _____ C:\Users\User\Documents\nigga.wav
2016-09-14 22:16 - 2016-09-14 22:22 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2016-09-14 22:16 - 2016-09-14 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-14 18:31 - 2016-09-14 18:31 - 00149864 _____ C:\Users\User\Downloads\Star Wars BattleFront II.torrent
2016-09-13 22:35 - 2016-09-13 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc69e3c133beea7d7
2016-09-13 22:34 - 2016-09-13 22:34 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign9f25a5b8716a5a56
2016-09-13 22:34 - 2016-09-13 22:34 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign184e2c7ebf27c4d2
2016-09-13 20:53 - 2016-09-13 20:53 - 00025792 _____ C:\Users\User\Documents\thesark.veg
2016-09-13 20:46 - 2016-09-13 20:54 - 00302656 _____ C:\Users\User\Downloads\The Chainsmokers - Don't Let Me Down (Illenium Remix) (1).mp4.sfk
2016-09-13 20:31 - 2016-09-13 20:31 - 56659041 _____ C:\Users\User\Downloads\The Chainsmokers - Don't Let Me Down (Illenium Remix) (1).mp4
2016-09-13 18:54 - 2016-09-13 18:54 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb97ff47d499a85e9
2016-09-13 18:54 - 2016-09-13 18:54 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3610533ce0c4c27b
2016-09-13 18:54 - 2016-09-13 18:54 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign22390f5e38f0fc30
2016-09-13 14:23 - 2016-09-13 14:25 - 188834405 _____ C:\Users\User\Downloads\Template (1).rar
2016-09-13 14:23 - 2016-09-13 14:23 - 349144087 _____ C:\Users\User\Downloads\INTRO TEMPLATE 4.rar
2016-09-13 13:53 - 2016-09-13 14:13 - 00091688 _____ C:\Users\User\Documents\reaction.veg
2016-09-13 13:53 - 2016-09-13 14:13 - 00087848 _____ C:\Users\User\Documents\reaction.veg.bak
2016-09-13 09:33 - 2016-09-13 12:57 - 00065856 _____ C:\Users\User\Documents\weeqweqweqweqwe.veg
2016-09-13 09:33 - 2016-09-13 12:48 - 00053488 _____ C:\Users\User\Documents\weeqweqweqweqwe.veg.bak
2016-09-13 09:31 - 2016-09-13 09:32 - 00044544 _____ C:\Users\User\Downloads\SET FIRE - DUO W- BLACKOUT [DESC].mp4.sfk
2016-09-13 09:31 - 2016-09-13 09:31 - 06714761 _____ C:\Users\User\Downloads\SET FIRE - DUO W- BLACKOUT [DESC].mp4
2016-09-12 23:00 - 2016-09-12 23:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignea47eb84b7823afc
2016-09-12 23:00 - 2016-09-12 23:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5d757e77bbb25db9
2016-09-12 23:00 - 2016-09-12 23:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5176cd406e0921d0
2016-09-12 20:56 - 2016-09-12 23:20 - 00317920 _____ C:\Users\User\Downloads\ERA - Ameno.mp4.sfk
2016-09-12 20:48 - 2016-09-12 20:48 - 16054646 _____ C:\Users\User\Downloads\ERA - Ameno.mp4
2016-09-12 20:39 - 2016-09-12 21:54 - 00192112 _____ C:\Users\User\Documents\LOL.veg
2016-09-12 20:39 - 2016-09-12 21:40 - 00134272 _____ C:\Users\User\Documents\LOL.veg.bak
2016-09-12 20:36 - 2016-09-12 20:39 - 00006592 _____ C:\Users\User\Downloads\Keemstar is a meme.mp4.sfk
2016-09-12 20:32 - 2016-09-12 20:32 - 00215636 _____ C:\Users\User\Downloads\Keemstar is a meme.mp4
2016-09-12 20:30 - 2016-09-12 20:31 - 91013140 _____ C:\Users\User\Downloads\хейт към българските ютубъри _)_.mp4
2016-09-12 19:09 - 2016-09-12 19:11 - 83243180 _____ C:\Users\User\Downloads\500SUBS INTRO TEMPLATE  by BattiArts.rar
2016-09-12 18:38 - 2016-09-12 18:38 - 00251168 _____ C:\Users\User\Downloads\SLIGHT - tsunami.mp4.sfk
2016-09-12 18:37 - 2016-09-12 18:37 - 47292442 _____ C:\Users\User\Downloads\SLIGHT - tsunami.mp4
2016-09-12 17:40 - 2016-09-12 17:41 - 00037568 _____ C:\Users\User\Downloads\-_veyron_-.mp4.sfk
2016-09-12 17:05 - 2016-09-12 17:06 - 00021888 _____ C:\Users\User\Documents\300 €€€ SPOT.mp4.sfk
2016-09-12 13:21 - 2016-09-12 13:23 - 00165696 _____ C:\Users\User\Downloads\Hard Rap Instrumental - Sick Trap Beat (prod. Kyu Tracks).mp4.sfk
2016-09-12 13:21 - 2016-09-12 13:21 - 21098056 _____ C:\Users\User\Downloads\Hard Rap Instrumental - Sick Trap Beat (prod. Kyu Tracks).mp4
2016-09-11 22:33 - 2016-09-11 22:33 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign29d5d5a32cfb498c
2016-09-11 22:32 - 2016-09-11 22:32 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb1906d61331a5eda
2016-09-11 22:32 - 2016-09-11 22:32 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign57d392382f0ad437
2016-09-11 22:12 - 2016-09-11 22:12 - 04717593 _____ C:\Users\User\Downloads\Satire_intro.wmv
2016-09-11 21:31 - 2016-09-11 21:31 - 26038746 _____ C:\Users\User\Documents\300 €€€ SPOT.mp4
2016-09-11 21:28 - 2016-09-11 21:28 - 04782680 _____ C:\Users\User\Documents\26.wmv.sfap0
2016-09-11 21:28 - 2016-09-11 21:28 - 00037432 _____ C:\Users\User\Documents\26.wmv.sfk
2016-09-11 21:26 - 2016-09-11 21:27 - 20277589 _____ C:\Users\User\Documents\26.wmv
2016-09-11 21:24 - 2016-09-11 21:25 - 00189440 _____ C:\Users\User\Downloads\Bones - Dirt.mp4.sfk
2016-09-11 21:23 - 2016-09-11 21:24 - 39475965 _____ C:\Users\User\Downloads\Bones - Dirt.mp4
2016-09-11 21:15 - 2016-09-12 09:21 - 00386528 _____ C:\Users\User\Documents\Suicide Squad.veg
2016-09-11 21:15 - 2016-09-12 09:17 - 00275592 _____ C:\Users\User\Documents\Suicide Squad.veg.bak
2016-09-11 12:24 - 2016-09-11 12:45 - 00041200 _____ C:\Users\User\Documents\sadawe.veg
2016-09-11 12:24 - 2016-09-11 12:44 - 00040616 _____ C:\Users\User\Documents\sadawe.veg.bak
2016-09-11 09:57 - 2016-09-11 09:59 - 00885664 _____ C:\Users\User\Downloads\fat people  fails compilations.mp4.sfk
2016-09-11 09:56 - 2016-09-11 09:56 - 46056636 _____ C:\Users\User\Downloads\fat people  fails compilations.mp4
2016-09-11 09:44 - 2016-09-11 10:50 - 00200160 _____ C:\Users\User\Documents\ToxicBG.veg.bak
2016-09-11 09:44 - 2016-09-11 10:50 - 00200160 _____ C:\Users\User\Documents\ToxicBG.veg
2016-09-11 09:41 - 2016-09-11 09:45 - 00345696 _____ C:\Users\User\Downloads\videoplayback (2).mp4.sfk
2016-09-11 09:40 - 2016-09-11 09:40 - 39366017 _____ C:\Users\User\Downloads\videoplayback (2).mp4
2016-09-10 17:05 - 2016-09-10 17:07 - 3667822511 _____ C:\Users\User\Downloads\We Happy Few.zip
2016-09-10 15:30 - 2016-09-10 15:30 - 00000000 ____D C:\Users\User\AppData\Local\Razer
2016-09-10 14:41 - 2016-09-20 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-10 14:41 - 2016-09-10 14:41 - 00001354 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2016-09-10 14:41 - 2016-08-10 14:37 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2016-09-10 14:40 - 2016-09-10 14:41 - 00000000 ____D C:\ProgramData\Razer
2016-09-10 14:40 - 2016-09-10 14:41 - 00000000 ____D C:\Program Files (x86)\Razer
2016-09-10 14:40 - 2016-05-06 20:50 - 00044144 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2016-09-10 14:37 - 2016-09-10 14:38 - 124609040 _____ (Razer Inc. ) C:\Users\User\Downloads\RazerCortexSetup_7.5.7.57.exe
2016-09-09 11:53 - 2016-09-09 11:53 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign79d270bbb6a8837a
2016-09-09 11:52 - 2016-09-09 11:52 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsigna60fb1beedda04a0
2016-09-09 11:52 - 2016-09-09 11:52 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign62439124de849741
2016-09-09 09:44 - 2016-09-09 09:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne1b7c445091f60b8
2016-09-09 09:44 - 2016-09-09 09:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3bc4a30b5241d147
2016-09-09 09:44 - 2016-09-09 09:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign2ad6e0346000b53a
2016-09-08 22:26 - 2016-09-08 22:26 - 00005430 _____ C:\Users\User\Downloads\TB_SubExport_IskrentsBG_2016-09-08.zip
2016-09-08 16:40 - 2016-09-08 16:40 - 00850856 _____ C:\Users\User\Downloads\BURIED project(3).veg
2016-09-08 14:52 - 2016-09-08 14:52 - 01047470 _____ C:\Users\User\Downloads\OFFICIAL_T3C_INTRO.mp4
2016-09-08 09:50 - 2016-09-08 14:55 - 09943432 _____ C:\Users\User\Documents\afikaed.veg
2016-09-08 09:50 - 2016-09-08 14:39 - 09943432 _____ C:\Users\User\Documents\afikaed.veg.bak
2016-09-08 09:46 - 2016-09-08 09:46 - 00258016 _____ C:\Users\User\Downloads\Tory Lanez - I'll Be There feat. Meek Mill & French Montana (Explicit).mp4.sfk
2016-09-08 09:45 - 2016-09-08 09:45 - 10938136 _____ C:\Users\User\Downloads\Tory Lanez - I'll Be There feat. Meek Mill & French Montana (Explicit).mp4
2016-09-08 07:48 - 2016-09-08 07:48 - 14724759 _____ C:\Users\User\Downloads\top166-n10-c4d324.rar
2016-09-07 22:58 - 2016-09-07 22:58 - 02988833 _____ C:\Users\User\Downloads\митко баломбата.rar
2016-09-07 21:39 - 2016-09-07 21:39 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignbffc2ea9effff84f
2016-09-07 21:39 - 2016-09-07 21:39 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7dd7d85ca402d4ba
2016-09-07 21:39 - 2016-09-07 21:39 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6e6dd2319630b935
2016-09-07 21:03 - 2016-09-07 21:03 - 00045111 _____ C:\Users\User\Downloads\Censored_Bleep_Sound_Effect (1).mp4
2016-09-07 21:01 - 2016-09-07 21:01 - 00045111 _____ C:\Users\User\Downloads\Censored_Bleep_Sound_Effect.mp4
2016-09-07 19:18 - 2016-09-07 21:02 - 00928096 _____ C:\Users\User\Downloads\THE WORST SONG IN THE HISTORY OF THE HUMAN RACE (LISTENING WILL ACTUALLY KILL YOU).mp4.sfk
2016-09-07 16:02 - 2016-09-07 16:02 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf6e60878b4b6b395
2016-09-07 16:02 - 2016-09-07 16:02 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4ffa229565ec3d16
2016-09-07 16:02 - 2016-09-07 16:02 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign150022e66e00de96
2016-09-07 16:00 - 2016-09-07 16:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignda8dafa43f4ae679
2016-09-07 16:00 - 2016-09-07 16:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign80d0aeb832ae14c0
2016-09-07 16:00 - 2016-09-07 16:00 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign05fa395cf6cb10c1
2016-09-07 12:41 - 2016-08-28 17:12 - 04128846 _____ C:\Users\User\Documents\The_Chainsmokers_-_Closer_Lyric_ft.wav
2016-09-07 12:41 - 2016-01-22 22:33 - 23884772 _____ C:\Users\User\Documents\shockwave 2.mov
2016-09-07 12:41 - 2015-06-24 14:00 - 00674270 _____ C:\Users\User\Documents\Shockwave 1.mp4
2016-09-06 23:03 - 2016-09-06 23:05 - 00648112 _____ C:\Users\User\Downloads\Imaginary Colors - Summer Collab 2016.mp4-0-4702364333-1.sfk
2016-09-06 23:02 - 2016-09-06 23:03 - 00052544 _____ C:\Users\User\Downloads\P8FH7mR7iZM.mp4.sfk
2016-09-06 20:53 - 2016-09-06 20:58 - 00048464 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv.sfk
2016-09-06 20:53 - 2016-09-06 20:53 - 06195224 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv.sfap0
2016-09-06 20:33 - 2016-09-07 09:47 - 00118080 _____ C:\Users\User\Documents\ryan.veg
2016-09-06 20:33 - 2016-09-07 09:35 - 00114736 _____ C:\Users\User\Documents\ryan.veg.bak
2016-09-06 16:31 - 2016-09-06 16:36 - 02623360 _____ C:\Users\User\Downloads\VHS Glitch - Vol. 2 - Abstract Version - Free.mp4.sfk
2016-09-06 16:18 - 2016-09-06 16:36 - 00248144 _____ C:\Users\User\Downloads\Hotline Miami Soundtrack (Full).mp4.sfk
2016-09-06 16:18 - 2016-09-06 16:18 - 06642199 _____ C:\Users\User\Downloads\Hotline Miami Soundtrack (Full).mp4
2016-09-06 16:14 - 2016-09-06 16:14 - 00006343 _____ C:\Users\User\Downloads\dock_11.zip
2016-09-06 16:13 - 2016-09-06 16:16 - 457237377 _____ C:\Users\User\Downloads\VHS Glitch - Vol. 2 - Abstract Version - Free.mp4
2016-09-06 16:02 - 2016-09-06 16:02 - 61551873 _____ C:\Users\User\Downloads\FathomFX Intro Template (1).rar
2016-09-06 15:59 - 2016-09-06 15:59 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb04c71201b2179d4
2016-09-06 15:59 - 2016-09-06 15:59 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign9982561ba256f13c
2016-09-06 15:59 - 2016-09-06 15:59 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign29a8b4155d5d1d4b
2016-09-06 15:40 - 2016-09-06 15:40 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf8dca9731080cd07
2016-09-06 15:40 - 2016-09-06 15:40 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd3f4e195abddb283
2016-09-06 15:40 - 2016-09-06 15:40 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd0e857c35d20fa5a
2016-09-06 10:04 - 2016-09-06 10:05 - 61551873 _____ C:\Users\User\Downloads\FathomFX Intro Template.rar
2016-09-05 22:49 - 2016-09-06 16:34 - 00047664 _____ C:\Users\User\Documents\waston ne e gei.veg
2016-09-05 22:49 - 2016-09-06 16:32 - 00043568 _____ C:\Users\User\Documents\waston ne e gei.veg.bak
2016-09-05 21:56 - 2016-09-05 21:56 - 23021749 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv
2016-09-05 21:07 - 2016-09-05 21:07 - 00214336 _____ C:\Users\User\Documents\OKE.veg
2016-09-05 12:06 - 2016-09-05 12:15 - 00177568 _____ C:\Users\User\Downloads\Borgore - Flex (Dubstep Mix) (Official Video).mp4.sfk
2016-09-05 12:06 - 2016-09-05 12:06 - 31669675 _____ C:\Users\User\Downloads\Borgore - Flex (Dubstep Mix) (Official Video).mp4
2016-09-05 12:00 - 2016-09-05 22:46 - 00455528 _____ C:\Users\User\Documents\Epic.veg
2016-09-05 12:00 - 2016-09-05 22:38 - 00492352 _____ C:\Users\User\Documents\Epic.veg.bak
2016-09-05 08:08 - 2016-09-05 08:08 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd88385c832cc87c1
2016-09-05 08:08 - 2016-09-05 08:08 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd0f17fff2e72f0d3
2016-09-05 08:08 - 2016-09-05 08:08 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign9dbe880dcdc36aed
2016-09-04 21:48 - 2016-09-04 21:48 - 06087272 _____ C:\Users\User\Downloads\Best of Music - 1 Hour No Copyright Sounds Mix 2016.mp3.sfk
2016-09-04 21:48 - 2016-09-04 21:48 - 00015640 _____ C:\Users\User\Documents\GTA V.veg
2016-09-04 18:20 - 2016-09-20 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-09-04 18:20 - 2016-09-04 18:20 - 00001004 _____ C:\Users\Public\Desktop\Fraps.lnk
2016-09-04 18:16 - 2016-09-04 18:16 - 00003719 _____ C:\Users\User\Downloads\Fraps 3.5.99 Build 15618 Retail.torrent
2016-09-04 18:14 - 2016-09-04 18:14 - 00000000 ____D C:\ProgramData\Steam
2016-09-04 18:14 - 2016-09-04 18:14 - 00000000 ____D C:\ProgramData\Socialclub
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignab7500634a855df1
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5ca47773051efb16
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign1a60cac7dc4eab24
2016-09-03 20:42 - 2016-09-03 20:42 - 07448293 _____ C:\Users\User\Downloads\-_veyron_-.mp4
2016-09-03 20:40 - 2016-09-03 20:40 - 00075282 _____ C:\Users\User\Downloads\13683755_1548589368784053_1622257822_n (1).mp4
2016-09-03 19:28 - 2016-09-03 19:28 - 22878524 _____ C:\Users\User\Downloads\MB AMP.rar
2016-09-03 12:37 - 2016-09-03 12:53 - 00329472 _____ C:\Users\User\Downloads\MegaCrew Collab #3.mp4.sfk
2016-09-03 12:36 - 2016-09-03 12:36 - 38042153 _____ C:\Users\User\Downloads\MegaCrew Collab #3.mp4
2016-09-03 11:40 - 2009-06-03 06:15 - 04818944 _____ C:\WINDOWS\system32\zerogs.dll
2016-09-03 11:38 - 2016-09-03 11:38 - 00513241 _____ C:\Users\User\Downloads\__32-zerogs.dll.zip
2016-09-03 10:51 - 2016-09-03 10:51 - 00000693 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-09-03 10:51 - 2016-09-03 10:51 - 00000693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2016-09-03 09:57 - 2016-09-03 13:23 - 00000327 _____ C:\Users\User\Desktop\dadadadad.txt
2016-09-02 22:54 - 2016-09-02 22:56 - 00210080 _____ C:\Users\User\Downloads\GTA SA- Come Undone - iC&BdK.mp4.sfk
2016-09-02 22:37 - 2016-09-02 22:38 - 42199818 _____ C:\Users\User\Downloads\GTA SA- Come Undone - iC&BdK.mp4
2016-09-02 21:53 - 2016-09-02 21:58 - 00148704 _____ C:\Users\User\Downloads\GTA SA- We Are The Artist -Friendly Drift Battle Rax vs MrKevin[LOST].mp4.sfk
2016-09-02 21:52 - 2016-09-02 21:53 - 19322993 _____ C:\Users\User\Downloads\GTA SA- We Are The Artist -Friendly Drift Battle Rax vs MrKevin[LOST].mp4
2016-09-02 21:48 - 2016-09-02 21:50 - 00374752 _____ C:\Users\User\Downloads\Zomboy - Invaders.mp4.sfk
2016-09-02 21:48 - 2016-09-02 21:48 - 27349686 _____ C:\Users\User\Downloads\Zomboy - Invaders.mp4
2016-09-02 21:33 - 2016-09-02 21:34 - 00041472 _____ C:\Users\User\Downloads\TRIGGERED sound effect 2.mp4.sfk
2016-09-02 21:32 - 2016-09-02 21:32 - 00606327 _____ C:\Users\User\Downloads\TRIGGERED sound effect 2.mp4
2016-09-02 20:24 - 2016-09-03 08:16 - 00338440 _____ C:\Users\User\Documents\pookie.veg
2016-09-02 20:24 - 2016-09-03 08:15 - 00338440 _____ C:\Users\User\Documents\pookie.veg.bak
2016-09-02 19:49 - 2016-09-02 19:55 - 00279344 _____ C:\Users\User\Downloads\2k14 ntall.MP4.sfk
2016-09-02 19:08 - 2016-09-02 19:24 - 436454651 _____ C:\Users\User\Downloads\2k14 ntall.MP4
2016-09-02 13:23 - 2016-09-02 23:24 - 14200084 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC] (1).mp4.crdownload
2016-09-02 13:13 - 2016-09-02 13:13 - 16270006 _____ C:\Users\User\Downloads\sa-mp-0.3.7-install.exe
2016-09-02 10:54 - 2016-09-02 10:55 - 01380488 _____ C:\Users\User\Downloads\v86938554s4920e5820.mp4.sfk
2016-09-02 10:49 - 2016-09-02 10:52 - 273368951 _____ C:\Users\User\Downloads\v86938554s4920e5820.mp4
2016-09-02 10:21 - 2016-09-02 10:22 - 00193344 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC].mp4.sfk
2016-09-02 10:13 - 2016-09-02 10:13 - 30863440 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC].mp4
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignac9e74e43fbc813f
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5d1028e91abf692c
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign17199c40ab8592c7
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc68a984752df29a1
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6656c8549d066753
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4cc9f47e511905c6
2016-09-01 19:13 - 2016-09-01 22:53 - 00013400 _____ C:\Users\User\Documents\adadweaweaw.veg
2016-09-01 19:13 - 2016-09-01 19:46 - 00061328 _____ C:\Users\User\Documents\adadweaweaw.veg.bak
2016-09-01 14:23 - 2016-09-01 14:30 - 00004960 _____ C:\Users\User\Downloads\Overlay   Data Glitch.mp4.sfk
2016-09-01 14:22 - 2016-09-01 14:22 - 00136070 _____ C:\Users\User\Downloads\Overlay   Data Glitch.mp4
2016-09-01 13:54 - 2016-09-01 13:54 - 12345499 _____ C:\Users\User\Downloads\700 Гледания на едит -О.mp4
2016-09-01 13:54 - 2016-09-01 13:54 - 00070016 _____ C:\Users\User\Downloads\700 Гледания на едит -О.mp4.sfk
2016-09-01 12:26 - 2016-09-01 12:27 - 00013888 _____ C:\Users\User\Downloads\Suck My Dick Haters.mp4.sfk
2016-09-01 12:26 - 2016-09-01 12:26 - 01859054 _____ C:\Users\User\Downloads\Suck My Dick Haters.mp4
2016-09-01 12:22 - 2016-09-01 12:23 - 00017952 _____ C:\Users\User\Downloads\Goodbye Intro Template +Free Download.mp4.sfk
2016-09-01 12:22 - 2016-09-01 12:22 - 01664840 _____ C:\Users\User\Downloads\Goodbye Intro Template +Free Download.mp4
2016-09-01 12:13 - 2016-09-01 12:15 - 127743640 _____ C:\Users\User\Downloads\Epic Sync Intro Template #340.zip
2016-09-01 12:05 - 2016-09-01 15:19 - 01759440 _____ C:\Users\User\Documents\random.veg
2016-09-01 12:05 - 2016-09-01 14:21 - 00141880 _____ C:\Users\User\Documents\random.veg.bak
2016-09-01 12:05 - 2016-09-01 12:05 - 07240075 _____ C:\Users\User\Downloads\Kraddy - Android Porn  ORIGINAL.mp4
2016-09-01 12:05 - 2016-09-01 12:05 - 00391744 _____ C:\Users\User\Downloads\Kraddy - Android Porn  ORIGINAL.mp4.sfk
2016-08-31 21:32 - 2016-08-31 22:01 - 314459161 _____ C:\Users\User\Downloads\Gran Turismo 4 (Europe, Australia) (En,Fr,De,Es,It).7z
2016-08-31 19:36 - 2016-08-31 19:36 - 00028235 _____ C:\Users\User\Downloads\AntiJoinBot.jar
2016-08-31 18:25 - 2016-09-25 22:52 - 00000000 ____D C:\ProgramData\rgt
2016-08-31 18:25 - 2015-12-03 12:57 - 13005824 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2016-08-31 18:25 - 2015-12-03 12:57 - 05640704 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2016-08-31 18:24 - 2016-08-31 18:24 - 534572732 _____ (Red Giant, LLC ) C:\Users\User\Downloads\Universe Setup 1.6 CE.exe
2016-08-31 18:24 - 2016-08-31 18:24 - 00000000 ____D C:\Program Files\Red Giant
2016-08-31 18:23 - 2016-08-31 18:23 - 00000212 _____ C:\Users\User\Downloads\VR.nfo
2016-08-31 13:46 - 2016-09-04 08:44 - 17711384 _____ C:\Users\User\Documents\PLS.veg
2016-08-31 13:46 - 2016-09-04 08:42 - 17361016 _____ C:\Users\User\Documents\PLS.veg.bak
2016-08-31 13:29 - 2016-08-31 13:29 - 09482118 _____ C:\Users\User\Downloads\High..mp4
2016-08-31 13:29 - 2016-08-31 13:29 - 00055168 _____ C:\Users\User\Downloads\High..mp4.sfk
2016-08-31 13:15 - 2016-08-31 13:27 - 00307680 _____ C:\Users\User\Downloads\Ludacris - Move Bitch (Styles&Complete Remix) [Crunkstep].mp4.sfk
2016-08-31 13:14 - 2016-08-31 13:15 - 03585625 _____ C:\Users\User\Downloads\videoplayback (1).m4a
2016-08-31 13:14 - 2016-08-31 13:14 - 28549642 _____ C:\Users\User\Downloads\Ludacris - Move Bitch (Styles&Complete Remix) [Crunkstep].mp4
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf8efacba68bce089
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc111446a944f2b10
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb9672083ecab538a
2016-08-31 11:02 - 2016-08-31 12:59 - 00146848 _____ C:\Users\User\Downloads\glue70 - Casin.mp4.sfk
2016-08-31 11:02 - 2016-08-31 11:02 - 26058719 _____ C:\Users\User\Downloads\glue70 - Casin.mp4
2016-08-30 22:30 - 2016-08-30 22:30 - 00766784 _____ C:\Users\User\Downloads\Майнкрафт - TNT и лава.mp4.sfk
2016-08-30 22:30 - 2016-08-30 22:30 - 00129493 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (2).mp4
2016-08-30 22:29 - 2016-08-30 22:30 - 160484705 _____ C:\Users\User\Downloads\Майнкрафт - TNT и лава.mp4
2016-08-30 22:15 - 2016-08-30 22:17 - 00006960 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (1).mp4.sfk
2016-08-30 22:15 - 2016-08-30 22:15 - 00129493 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (1).mp4
2016-08-30 22:12 - 2016-08-30 22:12 - 00027656 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ).mp4.sfk
2016-08-30 22:11 - 2016-08-30 22:12 - 04782127 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ).mp4
2016-08-30 22:02 - 2016-08-30 22:59 - 00155368 _____ C:\Users\User\Documents\ANTA.veg
2016-08-30 22:02 - 2016-08-30 22:56 - 00153416 _____ C:\Users\User\Documents\ANTA.veg.bak
2016-08-30 21:37 - 2016-08-30 21:39 - 00610784 _____ C:\Users\User\Downloads\Заглавие.mp4.sfk
2016-08-30 21:36 - 2016-08-30 21:37 - 115126176 _____ C:\Users\User\Downloads\Заглавие.mp4
2016-08-30 21:31 - 2016-08-30 21:32 - 00124352 _____ C:\Users\User\Downloads\КАЧИХ СЕ ВЪРХУ БАЛОНА.mp4.sfk
2016-08-30 21:31 - 2016-08-30 21:31 - 06357686 _____ C:\Users\User\Downloads\КАЧИХ СЕ ВЪРХУ БАЛОНА.mp4
2016-08-30 21:04 - 2016-08-30 21:05 - 00468224 _____ C:\Users\User\Downloads\SHE DID WHAT....mp4.sfk
2016-08-30 21:03 - 2016-08-30 21:03 - 68225857 _____ C:\Users\User\Downloads\SHE DID WHAT....mp4
2016-08-30 21:01 - 2016-08-30 21:02 - 01353184 _____ C:\Users\User\Downloads\videoplayback (1).mp4.sfk
2016-08-30 21:00 - 2016-08-30 21:01 - 197553588 _____ C:\Users\User\Downloads\videoplayback (1).mp4
2016-08-30 17:19 - 2016-08-30 17:20 - 00008360 _____ C:\Users\User\Downloads\Ultimate Cat Vines Compilation #1 - October 2015.mp4.sfk
2016-08-30 17:19 - 2016-08-30 17:19 - 00337411 _____ C:\Users\User\Downloads\Ultimate Cat Vines Compilation #1 - October 2015.mp4
2016-08-30 17:13 - 2016-08-30 17:17 - 00008344 _____ C:\Users\User\Downloads\Funny Cat Videos - Cat Vines Compilation.mp4.sfk
2016-08-30 17:13 - 2016-08-30 17:13 - 00318241 _____ C:\Users\User\Downloads\Funny Cat Videos - Cat Vines Compilation.mp4
2016-08-30 17:09 - 2016-08-30 17:10 - 00016616 _____ C:\Users\User\Downloads\Funny Cats Compilation [Most See] Funny Cat Videos Ever Part 1.mp4.sfk
2016-08-30 17:08 - 2016-08-30 17:08 - 01751146 _____ C:\Users\User\Downloads\Funny Cats Compilation [Most See] Funny Cat Videos Ever Part 1.mp4
2016-08-30 15:28 - 2016-08-30 15:28 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignfe1e7e3f508b8437
2016-08-30 15:28 - 2016-08-30 15:28 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne8572b8fec2ded9f
2016-08-30 15:28 - 2016-08-30 15:28 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd07ebf6e20e100ad
2016-08-30 13:10 - 2016-08-30 15:22 - 00295824 _____ C:\Users\User\Documents\swagger crew.veg
2016-08-30 13:10 - 2016-08-30 15:21 - 00295424 _____ C:\Users\User\Documents\swagger crew.veg.bak
2016-08-30 12:32 - 2016-08-30 12:33 - 00050208 _____ C:\Users\User\Downloads\Daydreamer [2K].mp4.sfk
2016-08-30 12:32 - 2016-08-30 12:32 - 09770438 _____ C:\Users\User\Downloads\Daydreamer [2K].mp4
2016-08-30 10:48 - 2016-08-30 10:48 - 23720528 _____ C:\Users\User\Downloads\Plugin Pack - SKYWARS (HYPIXEL).rar
2016-08-30 10:17 - 2016-08-30 10:17 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign528762224f7541e5
2016-08-30 10:16 - 2016-08-30 10:16 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignec9eba0deef632de
2016-08-30 10:16 - 2016-08-30 10:16 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb4bf744e188a0b22
2016-08-29 14:03 - 2016-08-29 14:03 - 01100820 _____ C:\Users\User\Downloads\Template BrutalyFX (1).rar.0lu2z4z.partial
2016-08-29 12:47 - 2016-08-29 12:47 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignbd8b2eebce6f37c2
2016-08-29 12:47 - 2016-08-29 12:47 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign21533c6a30902d23
2016-08-29 12:47 - 2016-08-29 12:47 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign086ddf5386d6311a
2016-08-27 22:46 - 2016-08-27 22:47 - 12818948 _____ C:\Users\User\Downloads\rocking-red-cinema-4d-after-effects-intro-template.zip
2016-08-27 09:51 - 2016-08-27 09:51 - 10613762 _____ C:\Users\User\Downloads\Template BrutalyFX.rar
2016-08-26 20:22 - 2016-08-27 09:35 - 02690448 _____ C:\Users\User\Documents\KEEMSTAR.veg
2016-08-26 20:22 - 2016-08-27 09:35 - 02689944 _____ C:\Users\User\Documents\KEEMSTAR.veg.bak
2016-08-26 19:11 - 2016-08-26 19:12 - 00038528 _____ C:\Users\User\Documents\spot 2.MP4.sfk
2016-08-26 16:05 - 2016-08-26 16:09 - 00648128 _____ C:\Users\User\Downloads\Imaginary Colors - Summer Collab 2016.mp4.sfk
2016-08-26 16:02 - 2016-08-26 16:02 - 107614434 _____ C:\Users\User\Downloads\Imaginary Colors - Summer Collab 2016.mp4
2016-08-26 15:23 - 2016-08-26 15:24 - 00020160 _____ C:\Users\User\Downloads\DramaAlert Intro Template.mp4.sfk
2016-08-26 15:23 - 2016-08-26 15:23 - 02679270 _____ C:\Users\User\Downloads\DramaAlert Intro Template.mp4
2016-08-26 15:14 - 2016-08-26 15:18 - 00527680 _____ C:\Users\User\Downloads\Special 300 SUBS.mp4.sfk
2016-08-26 15:14 - 2016-08-26 15:14 - 76548061 _____ C:\Users\User\Downloads\Special 300 SUBS.mp4
2016-08-26 15:04 - 2016-08-26 15:04 - 01095520 _____ C:\Users\User\Downloads\R.I.P. Дайте име SMP - вижте защо и повече инфо.mp4.sfk
2016-08-26 15:03 - 2016-08-26 15:04 - 227993616 _____ C:\Users\User\Downloads\R.I.P. Дайте име SMP - вижте защо и повече инфо.mp4
2016-08-26 15:01 - 2016-08-26 22:42 - 04149672 _____ C:\Users\User\Documents\DramaAlert.veg
2016-08-26 15:01 - 2016-08-26 22:41 - 04148176 _____ C:\Users\User\Documents\DramaAlert.veg.bak
2016-08-26 14:56 - 2016-08-26 15:02 - 00194528 _____ C:\Users\User\Downloads\Movement Proposition - #DramaAlert Background Music (HD).mp4.sfk
2016-08-26 14:56 - 2016-08-26 14:56 - 02802218 _____ C:\Users\User\Downloads\Movement Proposition - #DramaAlert Background Music (HD).mp4
2016-08-26 14:35 - 2016-08-26 14:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7ba7767ebb9d39b6
2016-08-26 14:35 - 2016-08-26 14:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign2031269c22084b3a
2016-08-26 14:35 - 2016-08-26 14:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign03663ffb36275280
2016-08-26 13:26 - 2016-08-26 13:26 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd6d9858f700fad40
2016-08-26 13:26 - 2016-08-26 13:26 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign90dc4f3f34f1b899
2016-08-26 13:26 - 2016-08-26 13:26 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign02ed5e2909fae79d
2016-08-26 12:04 - 2016-08-26 12:09 - 00086784 _____ C:\Users\User\Downloads\185683093.mp4.sfk
2016-08-26 12:04 - 2016-08-26 12:04 - 17858547 _____ C:\Users\User\Downloads\185683093.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-25 22:51 - 2016-07-28 18:06 - 00000000 ____D C:\Users\User\Documents\My Cheat Tables
2016-09-25 22:31 - 2016-07-13 11:42 - 00000000 ____D C:\Users\User\AppData\Roaming\OBS
2016-09-25 22:28 - 2016-07-29 11:26 - 00000000 ____D C:\Users\User\AppData\Roaming\obs-studio
2016-09-25 22:27 - 2016-07-13 11:41 - 00000000 ____D C:\Program Files\OBS
2016-09-25 20:58 - 2016-07-12 19:52 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-25 20:58 - 2016-07-12 13:55 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-09-25 16:18 - 2016-07-12 13:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-09-25 12:06 - 2016-07-12 18:42 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2016-09-25 09:15 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-24 23:13 - 2016-07-16 09:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-24 22:43 - 2016-07-12 13:23 - 00949174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-24 22:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Branding
2016-09-24 22:36 - 2016-07-16 04:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-24 12:17 - 2016-07-14 18:19 - 00000000 ____D C:\Users\User\Desktop\Render
2016-09-24 10:02 - 2016-07-12 13:24 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-09-24 08:39 - 2016-07-12 13:39 - 00000000 ____D C:\ProgramData\Skype
2016-09-24 08:35 - 2016-07-16 09:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-23 19:23 - 2016-07-12 18:44 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-23 19:23 - 2016-07-12 18:44 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2016-09-23 19:23 - 2016-07-12 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-23 19:22 - 2016-07-12 18:44 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-23 17:15 - 2016-07-20 09:03 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-09-23 17:14 - 2016-08-12 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\discord
2016-09-23 17:05 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\SystemApps
2016-09-23 16:03 - 2015-10-30 05:24 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-23 16:02 - 2016-07-12 13:41 - 00000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2016-09-23 08:51 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-23 08:49 - 2016-07-26 19:29 - 00024152 _____ C:\Users\User\Documents\intro.veg
2016-09-23 08:48 - 2016-07-26 19:29 - 00020464 _____ C:\Users\User\Documents\intro.veg.bak
2016-09-22 22:45 - 2016-07-12 13:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2016-09-21 18:56 - 2016-07-28 17:59 - 00000000 ____D C:\Users\User\Documents\My Games
2016-09-21 18:09 - 2016-07-16 09:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-21 17:57 - 2016-07-13 18:52 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 17:49 - 2016-07-12 14:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-21 16:37 - 2016-07-14 18:03 - 00000000 ____D C:\Users\User\Documents\OFX Presets
2016-09-21 15:45 - 2016-07-12 21:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-21 08:07 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-21 08:02 - 2016-02-13 11:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-20 23:03 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-20 23:02 - 2016-07-16 12:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-20 23:02 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-20 21:34 - 2016-07-22 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\MPC-HC
2016-09-20 21:34 - 2016-07-15 20:31 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2016-09-20 21:29 - 2016-07-18 13:55 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-09-20 13:43 - 2016-07-12 13:19 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2016-09-20 13:32 - 2016-07-12 13:21 - 00002360 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-20 13:32 - 2016-07-12 13:21 - 00000000 ___RD C:\Users\User\OneDrive
2016-09-20 13:29 - 2016-07-12 20:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BACL SpeechLab 2.0
2016-09-20 13:27 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-20 13:26 - 2016-07-16 09:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-20 13:25 - 2016-07-16 12:15 - 00000000 ____D C:\WINDOWS\OCR
2016-09-20 07:48 - 2016-07-16 04:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-20 07:46 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-20 07:46 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-20 07:46 - 2015-10-30 05:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-20 07:42 - 2016-07-16 09:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-20 07:38 - 2016-08-24 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-09-20 07:38 - 2016-08-19 20:43 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2016-09-20 07:38 - 2016-08-17 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2016-09-20 07:38 - 2016-08-16 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-09-20 07:38 - 2016-08-05 12:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-09-20 07:38 - 2016-08-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2016-09-20 07:38 - 2016-07-29 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-09-20 07:38 - 2016-07-28 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
2016-09-20 07:38 - 2016-07-20 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
2016-09-20 07:38 - 2016-07-19 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
2016-09-20 07:38 - 2016-07-18 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
2016-09-20 07:38 - 2016-07-15 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-09-20 07:38 - 2016-07-13 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-09-20 07:38 - 2016-07-13 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-09-20 07:38 - 2016-07-13 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX
2016-09-20 07:38 - 2016-07-12 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-09-20 07:38 - 2016-07-12 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-20 07:38 - 2016-07-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-09-20 07:38 - 2016-07-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-09-20 07:38 - 2016-07-12 13:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-20 07:38 - 2016-07-12 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-20 07:38 - 2016-07-12 13:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-09-20 07:38 - 2016-02-13 11:04 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-20 07:36 - 2015-10-30 04:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-20 07:35 - 2016-08-10 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2016-09-20 07:35 - 2016-07-20 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-20 07:35 - 2016-07-12 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-09-20 07:34 - 2016-08-12 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-09-20 07:32 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-20 07:30 - 2016-07-16 12:31 - 00000000 ____D C:\Users\User\Desktop\ContactSupport_cw5n1h2txyewy
2016-09-20 07:30 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-20 07:30 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-19 23:01 - 2016-07-16 13:17 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-19 22:55 - 2016-07-12 21:40 - 00000418 _____ C:\WINDOWS\Tasks\update-sys.job
2016-09-19 22:52 - 2016-07-12 13:41 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-19 22:08 - 2016-07-12 13:41 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-19 21:55 - 2016-07-12 21:40 - 00000418 _____ C:\WINDOWS\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001.job
2016-09-19 21:22 - 2016-08-10 15:47 - 00000000 ____D C:\Program Files\NewBlue
2016-09-19 21:22 - 2016-08-10 15:47 - 00000000 ____D C:\Program Files (x86)\NewBlue
2016-09-19 21:17 - 2016-07-15 10:41 - 111866238 _____ C:\Users\User\Downloads\NewBlue Cracks.rar
2016-09-19 06:58 - 2016-08-16 12:19 - 00000000 ____D C:\Users\User\AppData\Local\ManyCam
2016-09-14 22:32 - 2016-07-12 13:55 - 291640437 _____ C:\Users\User\Downloads\VGA(v15.40.10.64.4300).zip
2016-09-14 22:16 - 2016-07-23 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2016-09-14 22:16 - 2016-07-12 13:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-14 10:50 - 2016-07-12 18:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 10:45 - 2016-07-12 18:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-09 19:57 - 2016-07-12 21:47 - 00000000 ____D C:\Users\User\Documents\Lightshot
2016-09-08 06:54 - 2016-07-12 13:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-07 14:32 - 2016-07-16 09:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 14:32 - 2016-07-16 09:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-03 12:20 - 2016-07-14 12:17 - 00000080 _____ C:\Users\User\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-09-03 11:54 - 2016-08-24 22:57 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-09-02 13:31 - 2016-07-18 16:00 - 00000000 ____D C:\Users\User\Desktop\Braz HDRI + MaterialPack V.2_
2016-08-30 18:00 - 2016-08-13 10:59 - 00000000 ____D C:\Users\User\AppData\Local\TotalVPN
2016-08-26 12:49 - 2016-08-23 10:02 - 03386256 _____ C:\Users\User\Documents\Cines.veg
2016-08-26 12:48 - 2016-08-23 10:02 - 03382712 _____ C:\Users\User\Documents\Cines.veg.bak

==================== Files in the root of some directories =======

2016-07-23 21:21 - 2016-07-23 21:21 - 20982175 _____ () C:\Users\User\AppData\Roaming\xulrunner.zip
2016-08-04 19:16 - 2016-08-04 19:16 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-07-23 21:50 - 2016-08-03 18:43 - 0007628 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2016-07-12 21:40 - 2016-07-12 21:40 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log
2016-07-12 21:40 - 2016-07-12 21:40 - 0000424 _____ () C:\Users\User\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-20 07:27

==================== End of FRST.txt ============================

MalwareBytes 0 malwares

 

 




 

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....

Let me see those logs, also tell me if there are any remaining issues or concerns..

Thank you,

Kevin...

Fixlist.txt

Link to post
Share on other sites

Zemana AntiMalware 2.50.2.67 (Инсталираната версия)

-------------------------------------------------------
Резултат от проверката          : Завършено
Дата на проверка                : 2016.9.26
Операционна система             : Windows 10 64-bit
Процесор                        : 4X Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Модел BIOS                      : Legacy
CUID                            : 12F950F1C99A121740AB9A
Тип на сканиране                : Пълна проверка
Продължителност                 : 46m 14s
Проверени обекти                : 336326
Намерени вредоносни обекти      : 49
Изключения                      : 0
Режим за четене                 : Normal
Качване в облака                : Enabled
Detect All Extensions           : Disabled
Проверявай документи            : Disabled
Информация за домейна           : WORKGROUP,0,2

Намерени вредоносни обекти
-------------------------------------------------------

Firefox Shortcut
Статус                 : Проверено
Обект                  : http://9o0gle.com/
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Firefox Shortcut

Chrome Shortcut
Статус                 : Проверено
Обект                  : http://9o0gle.com/
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Chrome Shortcut

Chrome Shortcut
Статус                 : Проверено
Обект                  : --load-extension="C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Chrome Shortcut

Chrome Shortcut
Статус                 : Проверено
Обект                  : --profile-directory=ChromeDefaultData
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Chrome Shortcut

Chrome Shortcut
Статус                 : Проверено
Обект                  : http://9o0gle.com/
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Chrome Shortcut

Chrome Shortcut
Статус                 : Проверено
Обект                  : --load-extension="C:\Users\User\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Подозрителна настройка на браузъра
Операция за почистване : Поправи
Related Objects        :
                Настройка на браузъра - Chrome Shortcut

Ethernet
Статус                 : Проверено
Обект                  : Ethernet 188.120.239.115
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Изменен е DNS
Операция за почистване : Поправи
Related Objects        :
                DNS сървър - Ethernet : 188.120.239.115

WMIMalware
Статус                 : Проверено
Обект                  : ASEC
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Trojan:Win32/WMIGhost
Операция за почистване : Поправи
Related Objects        :
                "Безплътен" злонамерен софтуер - WMIMalware : WMI::Root\Subscription\ASEC.mof

phuwlerpr.dll
Статус                 : Проверено
Обект                  : %programfiles%\anagosh\phuwlerpr.dll
MD5                    : 58315341EF8A78F9F56AFBC429F0962B
Издател                : -
Размер                 : 278528
Версия                 : -
Намерени               : Malware:Win32/Vorniac.A!Alrm
Операция за почистване : Карантина
Related Objects        :
                Файл - %programfiles%\anagosh\phuwlerpr.dll
                DLL - 2744 - C:\Windows\SysWOW64\svchost.exe
                Ключ на регистъра - HKLM\System\CurrentControlSet\Services\Arohary\Parameters\ServiceDll = C:\Program Files (x86)\Anagosh\PhuwleRpr.dll

KZipShell.dll
Статус                 : Проверено
Обект                  : %programw6432%\їмс№\x64\kzipshell.dll
MD5                    : 816E0CD3D92E70E4D3508422FDD48E3C
Издател                : 上海广乐网络科技有限公司
Размер                 : 338368
Версия                 : 2.8.0.4
Намерени               : Adware:Win32/OutBrowse!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %programw6432%\їмс№\x64\kzipshell.dll
                DLL - 6132 - C:\Windows\explorer.exe
                DLL - 9716 - C:\Windows\explorer.exe
                DLL - 3428 - C:\Windows\explorer.exe
                Ключ на регистъра - HKLM\SOFTWARE\Classes\CLSID\{C9487131-EF4C-40D9-BA70-E85356CAF67E}\InprocServer32\@ = C:\Program Files\їмС№\X64\KZipShell.dll
                Ключ на регистъра - HKLM\SOFTWARE\Classes\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}\InprocServer32\@ = C:\Program Files\їмС№\X64\KZipShell.dll
                Ключ на регистъра - HKLM\SOFTWARE\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E}\InprocServer32\@ = C:\Program Files\їмС№\X64\KZipShell.dll
                Ключ на регистъра - HKLM\SOFTWARE\Classes\CLSID\{3DCCD550-7586-40D2-A51D-D2F98EC06B3C}\InprocServer32\@ = C:\Program Files\їмС№\X64\KZipShell.dll
                Ключ на регистъра - HKLM\SOFTWARE\Classes\CLSID\{2FB831EA-DA68-4A66-8E31-A2D976A6296C}\InprocServer32\@ = C:\Program Files\їмС№\X64\KZipShell.dll
                Ключ на регистъра - HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers\{2FB831EA-DA68-4A66-8E31-A2D976A6296C}\@ = C:\Program Files\їмС№\X64\KZipShell.dll

Keygen.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\sony vegas pro v13.0 build 453 (x64)\keygen.exe
MD5                    : 151D86D7D69E487880623B3B0A6AD8B3
Издател                : -
Размер                 : 4002304
Версия                 : -
Намерени               : PUA:Win32/SoftCrack.Gen
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\sony vegas pro v13.0 build 453 (x64)\keygen.exe

Flame Stresser[v1.5.1].exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\flame stresser[v1.5.1]\flame stresser[v1.5.1].exe
MD5                    : 021A7FC44A6CE914875D2CC4E851E895
Издател                : -
Размер                 : 3947520
Версия                 : 1.5.1.0
Намерени               : TrojanCryptor:Win32/Generic
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\flame stresser[v1.5.1]\flame stresser[v1.5.1].exe

NewBlue - Multikeygen Reloaded.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\newblue - multikeygen reloaded.exe
MD5                    : 48850A17887F33DCABE06B707C0D35D9
Издател                : -
Размер                 : 167424
Версия                 : -
Намерени               : PUA:Win32/SoftCrack.Gen
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\newblue - multikeygen reloaded.exe

Hotspot Shield Elite Universal Crack.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\flame stresser[v1.5.1]\hotspot shield elite universal crack.exe
MD5                    : 443057856CFEB3A52F74F2C248433542
Издател                : -
Размер                 : 1545216
Версия                 : 1.0.0.0
Намерени               : PUA:Win32/SoftCrack.Gen
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\flame stresser[v1.5.1]\hotspot shield elite universal crack.exe

Marbuendy Transiciones.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\marbuendy transiciones.exe
MD5                    : 287CF51D04E850E8A956A8BD49DF0EA8
Издател                : -
Размер                 : 92160
Версия                 : 1.1.0.0
Намерени               : Malware:Win32/Thracia.A!Kaec
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\marbuendy transiciones.exe

ManyCamWebInstaller.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\manycamwebinstaller.exe
MD5                    : 08630D51370E61AA2F34831DD900CBC8
Издател                : Visicom Media Inc.
Размер                 : 603640
Версия                 : 1.2.0.3
Намерени               : Adware:Win32/VisicomToolbar!Ep
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\manycamwebinstaller.exe

setup.exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\counter-strike global offensive v1.35.1.6\setup.exe
MD5                    : 316D04865E6FB463BAF9D9846E9BC6D1
Издател                : -
Размер                 : 2240512
Версия                 : 1.35.1.6
Намерени               : Malware:Win32/Tamaca!Irae
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\counter-strike global offensive v1.35.1.6\setup.exe

Universal Adobe Patcher (2015) v1.5-PainteR .exe
Статус                 : Проверено
Обект                  : %userprofile%\downloads\adobe after effects cc 2015.2 13.7.0.124\universal adobe patcher (2015) v1.5-painter .exe
MD5                    : 0D9B7ABE952D6C1DC24750BF47969132
Издател                : -
Размер                 : 631808
Версия                 : 1.5.0.0
Намерени               : PUA:Win32/SoftCrack.Gen
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %userprofile%\downloads\adobe after effects cc 2015.2 13.7.0.124\universal adobe patcher (2015) v1.5-painter .exe

KuaiZipDrive.sys
Статус                 : Проверено
Обект                  : %systemroot%\system32\drivers\kuaizipdrive.sys
MD5                    : 31CBF3DB2E83C988728F792EC27F51ED
Издател                : 上海广乐网络科技有限公司
Размер                 : 92872
Версия                 : 3.5.0.0
Намерени               : Adware:Win32/OutBrowse!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %systemroot%\system32\drivers\kuaizipdrive.sys

TunMirror2.exe
Статус                 : Проверено
Обект                  : %allusersprofile%\kmsautos\bin\tunmirror2.exe
MD5                    : 3B33E3AB6E91806DF4CAE19405AB8846
Издател                : WZT
Размер                 : 14464
Версия                 : 1.0.0.0
Намерени               : Adware:Win32/AutoBulk.c3eddc!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %allusersprofile%\kmsautos\bin\tunmirror2.exe

TunMirror.exe
Статус                 : Проверено
Обект                  : %allusersprofile%\kmsautos\bin\tunmirror.exe
MD5                    : FB5F055633E4F7890004972E108A07CD
Издател                : WZT
Размер                 : 14464
Версия                 : 1.0.0.0
Намерени               : Adware:Win32/AutoBulk.c3eddc!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %allusersprofile%\kmsautos\bin\tunmirror.exe

FakeClient.exe
Статус                 : Проверено
Обект                  : %allusersprofile%\kmsautos\bin\driver\x64wdv\fakeclient.exe
MD5                    : B85F4CE841F3AE1EBDF76835D2EADBEF
Издател                : WZT
Размер                 : 13440
Версия                 : -
Намерени               : Adware:Win32/AutoBulk.c3eddc!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %allusersprofile%\kmsautos\bin\driver\x64wdv\fakeclient.exe

browsing_data_remover.exe
Статус                 : Проверено
Обект                  : %programfiles%\ucbrowser\temp\source8024_18365\chrome-bin\5.7.15319.5\browsing_data_remover.exe
MD5                    : 237F95738474D82C255FC4B6F9F3B922
Издател                : TAOBAO (CHINA) SOFTWARE CO.,LTD.
Размер                 : 261808
Версия                 : -
Намерени               : Adware:Win32/UCBrowser-DJ!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %programfiles%\ucbrowser\temp\source8024_18365\chrome-bin\5.7.15319.5\browsing_data_remover.exe

UCBrowser.exe
Статус                 : Проверено
Обект                  : %programfiles%\ucbrowser\temp\source8024_18365\chrome-bin\5.7.15319.5\backup\ucbrowser.exe
MD5                    : 499D97B9958DC5B168DCE9F4A88F453A
Издател                : TAOBAO (CHINA) SOFTWARE CO.,LTD.
Размер                 : 1121064
Версия                 : 5.7.15319.5
Намерени               : Adware:Win32/UCBrowser-DJ!Ep
Операция за почистване : Карантина
Related Objects        :
                Файл - %programfiles%\ucbrowser\temp\source8024_18365\chrome-bin\5.7.15319.5\backup\ucbrowser.exe

Bind.exe
Статус                 : Проверено
Обект                  : %programfiles%\sbqh\bind.exe
MD5                    : EB918E59B9C662DD4170B6F54FA8F507
Издател                : -
Размер                 : 110592
Версия                 : -
Намерени               : PUA:Win32/Batrock.A!Eelt
Операция за почистване : Карантина
Related Objects        :
                Файл - %programfiles%\sbqh\bind.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials vi for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials vi for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials iv for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials iv for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials v for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials v for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials iii for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials iii for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials ii for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials ii for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\video essentials for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\video essentials for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\paint effects for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\paint effects for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\motion effects for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\motion effects for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\light effects for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\light effects for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\film effects for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\film effects for windows\manageactivation32.exe

ManageActivation32.exe
Статус                 : Проверено
Обект                  : %programw6432%\newblue\art effects for windows\manageactivation32.exe
MD5                    : 0FBFEA44CD3B4A25D8BA74B09BCEABD2
Издател                : -
Размер                 : 136192
Версия                 : -
Намерени               : Malware:Win32/Nevoros.B!Leai
Операция за почистване : Отбележи като безопасен
Related Objects        :
                Файл - %programw6432%\newblue\art effects for windows\manageactivation32.exe

1.bat
Статус                 : Проверено
Обект                  : NE->c:\program files (x86)\sbqh\1.bat
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : PUA:Win32/UCBrowser.E!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

mini_downloadlib
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

odawmdaznja=
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

c7gu
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\c7gu
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

version_3_2_1_42
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

profiles
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\profiles
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

asyn_frame.dat
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\profiles\asyn_frame.dat
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

download.cfg
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\profiles\download.cfg
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

error.dat
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\profiles\error.dat
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

stat.dat
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\profiles\stat.dat
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

temp
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\temp
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

download_log
Статус                 : Проверено
Обект                  : NE->c:\users\public\thunder network\mini_downloadlib\odawmdaznja=\version_3_2_1_42\temp\download_log
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : Adware:Win32/Thunder Network.B!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)

kuaizipdrive.sys
Статус                 : Проверено
Обект                  : NE->c:\windows\system32\drivers\kuaizipdrive.sys
MD5                    : -
Издател                : -
Размер                 : -
Версия                 : -
Намерени               : PUA:Win32/KuaiZip.D!Neng
Операция за почистване : Карантина
Related Objects        :
                (null) - (null)


Резултат от почистването
-------------------------------------------------------
Изтрито                    : 30
Отбелязано като безопасни  : 19
Грешки                     : 0
 

 

Sophos detected 3 viruses but I had blackout and i couldn't get the log

Fixlog.txt

AdwCleaner[S0].txt

Link to post
Share on other sites

The clean function has not been used on AdwCleaner, the log only shows found entries.. Those entries do require removing. Run AdwCleaner again and use the cleaning option when ready.

Did Sophos remove the detected virus, if not because of the blackout you will need to run Sophos again....

Also let me know if there ae any remaining issues or concerns..

Thank you,

Kevin

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by User (28-09-2016 07:17:24)
Running from C:\Users\User\Desktop\Malware Fighting tools
Windows 10 Pro Version 1607 (X64) (2016-09-20 09:49:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-691218479-2863476526-4080224816-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-691218479-2863476526-4080224816-503 - Limited - Disabled)
Guest (S-1-5-21-691218479-2863476526-4080224816-501 - Limited - Disabled)
User (S-1-5-21-691218479-2863476526-4080224816-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Charles 4.0 (HKLM\...\{E0A65A42-FEA8-4BF1-AB8E-B28821357268}) (Version: 4.0.0.19 - XK72 Ltd)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Counter-Strike CSS Edition 1.6 (HKLM-x32\...\Counter-Strike CSS Edition 1.6) (Version:  - )
Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.35.1.6 - Valve Software)
Crack NewBlue ColorFast 3.0 build 121113 (HKLM-x32\...\Crack NewBlue ColorFast 3.0 build 121113_is1) (Version:  - )
Crack NewBlue Creative Effects V3.0 Build 121113 (HKLM-x32\...\Crack NewBlue Creative Effects V3.0 Build 121113_is1) (Version:  - )
Crack NewBlue Transitions Pack v3.0 build 121113 (HKLM-x32\...\Crack NewBlue Transitions Pack v3.0 build 121113_is1) (Version:  - )
Crack NewBlue Video Essentials Tools V3.0 Build 121113I (x86) (HKLM-x32\...\Crack NewBlue Video Essentials Tools V3.0 Build ~EFB930F3_is1) (Version:  - )
Discord (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
FileZilla Client 3.19.0 (HKLM-x32\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
K-Lite Mega Codec Pack 10.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.3.1 (HKLM-x32\...\ManyCam) (Version: 5.3.1 - Visicom Media Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 48.0.2 (x86 bg) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 bg)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version:  - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version:  - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version:  - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue)
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version:  - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version:  - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.15.4 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
qBittorrent 3.3.3 (HKLM-x32\...\qBittorrent) (Version: 3.3.3 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.5.7.57 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7647 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.8.1 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
SpeechLab (HKLM-x32\...\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}) (Version: 1.0.0 - BACL)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
Trapcode Suite v13.0.3 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.3 - Red Giant, LLC)
Universe (HKLM\...\Universe Premium_is1) (Version: 1.6.0 CE - Team V.R)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Windscribe version 1.59 build 10 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.59 build 10 - Windscribe)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.67 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023C0AD7-B8B0-44DE-B167-9658D6458804} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {033C4581-6095-4955-AE1D-18B48EA2D001} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {0E67BFAA-FC80-4A34-89B0-509C7B1036B4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {3E227C52-5776-41E5-83D0-58A653549B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {468DC828-22D4-4C44-8EE2-26F9B960E9E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4CEB3BB4-8F2F-486A-A6B7-C84499DF5F71} - System32\Tasks\{5C066DAE-FB13-483C-BE23-A69C5C4EC109} => pcalua.exe -a "C:\Users\User\Downloads\SpeechLab 2.0 [Stichy]\SpeakText.exe" -d "C:\Users\User\Downloads\SpeechLab 2.0 [Stichy]"
Task: {5040FFC9-E11A-48AB-AB1B-A2A692E84741} - System32\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] ()
Task: {50ED5B82-A852-4BB0-A583-633B1598D607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {6170626D-3C5D-4C9F-B2E9-34F61090ADEB} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-13] (Microsoft Corporation)
Task: {6221933B-222E-45E3-8E8E-3AD711C62F71} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2016-02-08] ()
Task: {8C5BE969-824E-4986-AFC2-31FA2B374CB8} - System32\Tasks\Ladacultferdoch Reports => C:\Program Files (x86)\Anagosh\kjit.exe
Task: {92333B72-C092-4CED-83F0-7946F94CD656} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {99868715-6BE5-4495-B53F-C3CFE389FBE8} - System32\Tasks\SafeZone scheduled Autoupdate 1474658096 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {F6801EA8-9497-48D3-B5CA-A616D2A10CDF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {FB3E981A-AA84-4FF4-84DD-F8309D93B584} - System32\Tasks\{179AE184-A649-4CA8-A3D0-6C614864584D} => pcalua.exe -a "C:\Users\User\Downloads\Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5-3DM\Installers\Social Club v1.1.5.8 Setup.exe" -d C:\Users\User\Downloads\Grand.Theft.Auto.V.Update.5(v1.0.350.2).and.Crack.v5-3DM\Installers

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Loaded Modules (Whitelisted) ==============

2016-07-19 22:10 - 2016-07-19 22:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-08-02 20:04 - 2016-07-24 02:38 - 00047208 _____ () C:\Program Files (x86)\Windscribe\WindscribeService.exe
2016-07-16 09:42 - 2016-07-16 09:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-30 06:23 - 2016-06-30 06:23 - 00592384 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-20 13:31 - 2016-09-20 13:31 - 01864384 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-20 21:51 - 2016-09-07 02:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-20 21:49 - 2016-09-07 02:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-02 20:04 - 2016-07-24 02:38 - 07647848 _____ () C:\Program Files (x86)\Windscribe\Windscribe.exe
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-09-23 16:36 - 2016-09-23 16:36 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-23 16:36 - 2016-09-23 16:36 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-27 19:05 - 2016-09-27 19:05 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092701\algo.dll
2016-09-27 23:07 - 2016-09-27 23:07 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092702\algo.dll
2016-06-30 09:24 - 2016-06-30 09:24 - 00564224 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll
2015-07-31 05:00 - 2015-07-31 05:00 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-16 10:58 - 2016-08-16 10:58 - 00045056 _____ () C:\Program Files (x86)\BACL\SpeechLab\keyhook.dll
2016-09-17 07:10 - 2016-09-13 22:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 07:10 - 2016-09-13 22:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-20 13:31 - 2016-09-20 13:31 - 01383616 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-20 13:32 - 2016-09-20 13:32 - 00118976 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-07-12 19:53 - 2016-09-08 01:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-12 19:53 - 2016-09-20 17:28 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-12 19:53 - 2016-01-27 05:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-12 19:53 - 2016-08-31 23:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-12 19:53 - 2016-09-20 17:28 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-12 19:53 - 2016-07-04 20:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-07-16 09:42 - 2016-07-16 09:42 - 00638976 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSLoc_OneCore.DLL
2016-08-02 20:04 - 2016-04-26 23:04 - 01264128 _____ () C:\Program Files (x86)\Windscribe\libGLESv2.dll
2016-08-25 10:38 - 2016-08-24 17:49 - 01950392 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-08-25 10:39 - 2016-08-25 10:39 - 01050296 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-08-25 10:39 - 2016-08-25 10:39 - 03793080 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-08-25 10:39 - 2016-08-25 10:39 - 00894136 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-08-25 10:39 - 2016-08-25 10:39 - 01119416 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2014-10-01 07:23 - 2014-10-01 07:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 07:25 - 2014-10-01 07:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 07:24 - 2014-10-01 07:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2016-08-16 10:58 - 2016-08-16 10:58 - 00045056 _____ () C:\Program Files (x86)\BACL\SpeechLab\SpeakTextCom.dll
2016-05-31 04:46 - 2016-05-31 04:46 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-09-23 16:36 - 2016-09-23 16:36 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-10 14:41 - 2016-08-01 14:20 - 00149352 _____ () C:\Program Files (x86)\Razer\Razer Cortex\SimbaDeviceControl.dll
2016-05-12 22:37 - 2016-05-12 22:37 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00120832 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-05-12 22:37 - 2016-05-12 22:37 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-31 04:40 - 2016-05-31 04:40 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-12 22:37 - 2016-05-12 22:37 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-08-25 10:38 - 2016-08-24 17:49 - 02230456 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-08-25 10:38 - 2016-08-24 17:49 - 00088760 _____ () C:\Users\User\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-09-28 07:07 - 2016-09-28 07:07 - 00170496 _____ () \\?\C:\Users\User\AppData\Local\Temp\5DA8.tmp.node
2016-09-02 08:48 - 2016-09-10 08:46 - 02022072 _____ () \\?\C:\Users\User\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node
2016-07-12 19:53 - 2016-08-04 18:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 05:24 - 2016-09-26 23:09 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-691218479-2863476526-4080224816-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1 - 198.41.0.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{21308788-6515-4DE3-8BF5-B770B4AE0DF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{DBDCB109-955C-4942-8527-AFA42960EAAA}D:\james\choit\charles.exe] => (Allow) D:\james\choit\charles.exe
FirewallRules: [TCP Query User{8CE20F01-1CCD-4410-86B0-C4CF7FEA37C6}D:\james\choit\charles.exe] => (Allow) D:\james\choit\charles.exe
FirewallRules: [{E011C6A1-7651-4FAD-8E09-99F7CEA118CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4BADF7BF-E48F-4A25-AB9F-5A14C5CC32E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2C01EF1C-35D0-49D4-8CC5-55319149F0E0}D:\james\jitia pet\fae\grand theft auto v\gta5.exe] => (Allow) D:\james\jitia pet\fae\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{D3D2C64C-6231-4D41-B3C0-4AC77359CF41}D:\james\jitia pet\fae\grand theft auto v\gta5.exe] => (Allow) D:\james\jitia pet\fae\grand theft auto v\gta5.exe
FirewallRules: [{47F4AEF8-48EE-4EB3-AC9C-03CA0B2D102B}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5951E8A7-DDDC-4B36-B326-2D087F9AC8E5}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{4ED8F7F7-A7A5-4001-B42A-942424D97E81}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [{BBCD2C6D-E774-476B-90AE-69FBE65BA5C7}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E3341384-1A64-4E4F-9416-5D1BDA6D1B61}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\revLoader.exe
FirewallRules: [{427714CC-A96E-44D7-9E0D-1A39057908CC}] => (Allow) C:\Program Files (x86)\Counter-Strike Global Offensive\Run_CSGO.exe
FirewallRules: [UDP Query User{4D6D4A2D-2A13-4E51-A557-167F84D23718}C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe] => (Allow) C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe
FirewallRules: [TCP Query User{5F96416E-CDE2-48EC-ADC1-9733174C8067}C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe] => (Allow) C:\users\user\desktop\igg-shoppe.keep.v1.2\shoppe keep.exe
FirewallRules: [UDP Query User{E1FEF267-D6E7-4419-9C1A-3F0CD63167C6}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{5AC975BD-BEBB-4554-A782-B852B0DDF0A7}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{D07A55E2-534B-4A79-8E28-54AC84E14FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DB2F543D-4785-4122-8FFC-D448EE29778F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{AB3946FD-4208-4E40-870F-42E1DCA1BA36}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [TCP Query User{98A40DD3-8AA4-4736-B9CF-CD9D98F012FF}C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2015.3\support files\afterfx.exe
FirewallRules: [UDP Query User{04005185-2EF0-489A-8FDE-F323FE07816D}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{924ACA3C-A74E-4D08-9199-8B8F546148B2}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{120C565E-B894-4C86-BF94-0B0B50185252}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{33A206E9-2C9D-417A-9DBF-1C94A4DE156D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{E4F6FF23-1439-492F-8A75-B97B11CECAD7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{98C53AF6-FF7D-48B4-8DF4-1B696CDB64CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AB8580D-6BE2-45B9-B646-92B65C3C2374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{987D3D80-BA00-4C26-8003-3E93F727F82E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1865D1D6-89F6-4CBF-AF67-8A024D3E36DA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9FED75D9-A3B1-474A-B0FC-BB05F83A15FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A682E27-8475-4089-BB91-E8AC431B06E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{75A964A0-82AB-4766-8BB2-F53CFDF6E874}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{04595A0D-32AF-4023-953A-118169CA1F02}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{89446BC2-5F21-4756-BF54-223F2B6BF3B6}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{23F75D1A-A81E-4982-84CD-224F413EA478}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [{F607EE37-6B9B-4443-860C-91715CFBAA1E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{E12B1A35-4636-449D-987F-670928EA3D31}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{3801F88B-5471-4857-9768-26364727A9C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{15D60289-A385-4F45-9728-6B03FEB46E0E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{DE4C9ED2-C757-4710-A881-BEB4A7C62DA8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{303C1E4B-DA58-42E7-9404-785D806BE847}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{C6083222-6B6A-4432-8C02-42B0600CFE5C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{D475B9C9-FD81-445D-807D-69F396B0EB5E}] => (Allow) D:\James\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A999C29A-E1DB-4E85-8AAF-43497101F34F}] => (Allow) D:\James\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{D0263CE3-8D4B-4A11-B90A-8A70C51504B2}] => (Allow) C:\Users\User\AppData\Local\Temp\is-N3OMN.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{7B18ED13-B200-4925-A189-70EEAEE2FCFE}] => (Allow) C:\Users\User\AppData\Local\Temp\00013811\inst_buychannel_37.exe
FirewallRules: [{5AF9732A-0B32-48C8-8DBE-8298B12133F5}] => (Allow) C:\Users\User\AppData\Local\Temp\00013811\inst_buychannel_37.exe
FirewallRules: [{47D684F7-14F2-4E50-A538-6A6BE2D92370}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
FirewallRules: [{D34F7BAF-5BF1-47AC-BA10-86190911031D}] => (Allow) C:\Program Files (x86)\GreatMaker\MaohaWiFi\DrvUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/28/2016 07:07:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:38 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (09/28/2016 07:06:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:06:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/28/2016 07:01:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/27/2016 11:08:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF75065)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024629 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (09/28/2016 07:07:52 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (09/28/2016 07:06:41 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:39 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:37 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:35 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:33 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:31 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/28/2016 07:06:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 11:08:13 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/27/2016 10:24:14 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-EF75065)
Description: Unable to start a DCOM Server: CortanaUI as Unavailable/Unavailable. The error:
"267"
Happened while starting this command:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca


CodeIntegrity:
===================================
  Date: 2016-09-26 20:02:25.876
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-26 20:02:25.864
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-26 19:27:12.509
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-26 18:55:23.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-25 22:31:25.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-25 22:30:01.725
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-24 12:25:33.961
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-24 09:19:02.495
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 19:50:25.424
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-09-23 17:30:21.692
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 44%
Total physical RAM: 7863.55 MB
Available physical RAM: 4382.61 MB
Total Virtual: 15799.55 MB
Available Virtual: 11450.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.65 GB) (Free:10.6 GB) NTFS
Drive d: () (Fixed) (Total:687.37 GB) (Free:480.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4B4E1C60)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=243.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by User (administrator) on DESKTOP-EF75065 (28-09-2016 07:16:03)
Running from C:\Users\User\Desktop\Malware Fighting tools
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Zemana Ltd.) D:\Niche - a genetics survival game v0.0.7\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Zemana Ltd.) D:\Niche - a genetics survival game v0.0.7\Zemana AntiMalware\ZAM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
() C:\Program Files (x86)\Windscribe\Windscribe.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Българска асоциация за компютърна лингвистика) C:\Program Files (x86)\BACL\SpeechLab\TTSProfileDlg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-30] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => D:\Niche - a genetics survival game v0.0.7\Zemana AntiMalware\ZAM.exe [13733616 2016-09-23] (Zemana Ltd.)
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe [41600 2015-09-14] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-05-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-08-19] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-23] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [7647848 2016-07-24] ()
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10252624 2016-08-10] (Visicom Media Inc.)
HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-23] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Configure Bulgarian Speech.lnk [2016-09-20]
ShortcutTarget: Configure Bulgarian Speech.lnk -> C:\Users\User\AppData\Roaming\Microsoft\Installer\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}\_5af141bb.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 198.41.0.4
Tcpip\..\Interfaces\{89a31647-e35c-41e6-954a-95b1caae8c97}: [DhcpNameServer] 192.168.100.1 198.41.0.4

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-23] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-23] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-05-31] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-05-31] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default\searchplugins\google-avast.xml [2016-09-23]
FF Extension: (Firefox Hotfix) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uq6to8j3.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-23]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-09-28] <==== ATTENTION
CHR Extension: (Google Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-27]
CHR Extension: (Google Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-27]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-27]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-27]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-27]
CHR Extension: (Електронни таблици от Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-27]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-27]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-27]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-27]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-27]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-09-26]
CHR Extension: (Easy Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-07-27]
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-12]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-12]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-09-09]
CHR Extension: (TubeBuddy for YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-12]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-05-31] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-23] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [449112 2016-07-28] (Intel Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-19] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-07-28] (Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-30] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-08-01] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [47208 2016-07-24] ()
R2 ZAMSvc; D:\Niche - a genetics survival game v0.0.7\Zemana AntiMalware\ZAM.exe [13733616 2016-09-23] (Zemana Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-23] (AVAST Software)
R3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-06] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-08-10] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 V0770Vid; C:\Windows\system32\DRIVERS\V0770Vid.sys [388616 2015-09-14] (Creative Technology Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-09-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-26] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-27 20:16 - 2016-09-27 20:16 - 01339160 _____ C:\Users\User\Downloads\Satire_intro.wmv.sfap0
2016-09-27 20:16 - 2016-09-27 20:16 - 00023680 _____ C:\Users\User\Downloads\OFFICIAL_T3C_INTRO.mp4.sfk
2016-09-27 20:16 - 2016-09-27 20:16 - 00010528 _____ C:\Users\User\Downloads\Satire_intro.wmv.sfk
2016-09-27 19:04 - 2016-09-27 19:04 - 00024352 _____ C:\Users\User\Downloads\'BOI WE' By iC.Rufflexos.mp4.sfk
2016-09-27 19:02 - 2016-09-27 19:02 - 05374060 _____ C:\Users\User\Downloads\'BOI WE' By iC.Rufflexos.mp4
2016-09-27 16:18 - 2016-09-27 16:18 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc0d1e112b721b6c7
2016-09-27 16:18 - 2016-09-27 16:18 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5fa3ad605f744c46
2016-09-27 16:18 - 2016-09-27 16:18 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign2d9ad05c26f160a3
2016-09-27 13:29 - 2016-09-27 13:29 - 06662856 _____ (Tim Kosse) C:\Users\User\Downloads\FileZilla_3.21.0_win64-setup.exe
2016-09-26 23:01 - 2016-09-26 23:01 - 00009704 _____ C:\Users\User\Downloads\Fixlist.txt
2016-09-26 23:00 - 2016-09-26 23:00 - 00000000 ____D C:\ProgramData\Sophos
2016-09-26 22:50 - 2016-09-26 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-09-26 22:50 - 2016-09-26 22:50 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-09-26 22:17 - 2016-09-26 22:17 - 01752983 _____ C:\Users\User\Downloads\изтеглен файл.htm
2016-09-26 18:52 - 2016-09-28 07:16 - 00288960 _____ C:\WINDOWS\ZAM.krnl.trace
2016-09-26 18:52 - 2016-09-28 07:16 - 00253230 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-09-26 18:52 - 2016-09-26 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-09-26 18:52 - 2016-09-26 18:52 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-09-26 18:52 - 2016-09-26 18:52 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2016-09-26 18:52 - 2016-09-26 18:52 - 00001070 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-26 18:52 - 2016-09-26 18:52 - 00000000 ____D C:\Users\User\AppData\Local\Zemana
2016-09-26 18:40 - 2016-09-26 18:52 - 05312312 _____ ( ) C:\Users\User\Downloads\Zemana.AntiMalware.Setup.exe
2016-09-26 16:38 - 2016-09-26 16:38 - 00337400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-26 14:22 - 2016-09-26 14:22 - 00000000 ____D C:\Users\User\AppData\LocalLow\Team Niche
2016-09-26 14:14 - 2016-09-26 14:15 - 174228931 _____ C:\Users\User\Downloads\Niche.v0.0.7.rar
2016-09-26 14:04 - 2016-09-26 14:05 - 00064032 _____ C:\Users\User\Downloads\ ' [ SA-MP ].mp4.sfk
2016-09-26 13:58 - 2016-09-26 13:58 - 19718623 _____ C:\Users\User\Downloads\ ' [ SA-MP ].mp4
2016-09-26 13:46 - 2016-09-27 19:51 - 00000000 ____D C:\AdwCleaner
2016-09-25 22:56 - 2016-09-25 22:58 - 00059463 _____ C:\Users\User\Downloads\Addition.txt
2016-09-25 22:52 - 2016-09-28 07:16 - 00000000 ____D C:\FRST
2016-09-25 22:52 - 2016-09-25 22:58 - 00167012 _____ C:\Users\User\Downloads\FRST.txt
2016-09-25 22:27 - 2016-09-25 22:28 - 00000000 ____D C:\Program Files (x86)\OBS
2016-09-25 22:27 - 2016-09-25 22:27 - 00001004 _____ C:\Users\User\Desktop\Open Broadcaster Software.lnk
2016-09-25 22:27 - 2016-09-25 22:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-09-25 22:22 - 2016-09-25 22:23 - 68582904 _____ (obsproject.com) C:\Users\User\Downloads\OBS_0_659b_With_Browser_Installer.exe
2016-09-25 22:21 - 2016-09-28 07:16 - 00000000 ____D C:\Users\User\Desktop\Malware Fighting tools
2016-09-25 22:18 - 2016-09-25 22:19 - 00003940 _____ C:\Users\User\Desktop\Rkill.txt
2016-09-25 13:27 - 2016-09-25 13:28 - 97255680 _____ C:\Users\User\Downloads\OBS-Studio-0.15.4-With-Browser-Installer (1).exe
2016-09-25 13:25 - 2016-09-25 13:26 - 97255680 _____ C:\Users\User\Downloads\OBS-Studio-0.15.4-With-Browser-Installer.exe
2016-09-25 12:08 - 2016-09-25 12:08 - 00000721 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-09-25 12:08 - 2016-09-25 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-25 12:05 - 2016-09-25 12:05 - 02314240 _____ C:\Users\User\Downloads\MinecraftInstaller (1).msi
2016-09-24 21:53 - 2016-09-24 21:53 - 02127043 _____ C:\Users\User\Downloads\slab sum c-.mp4
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsigne3e8058735946a80
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6fef53786064a66c
2016-09-24 12:20 - 2016-09-24 12:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6139386055fa04c6
2016-09-24 11:28 - 2016-09-24 11:29 - 00736512 _____ C:\Users\User\Downloads\FREE TO USE OVERWATCH DAY 0 EARLY GAMEPLAY- OVERWATCH GAMEPLAY WITH NO VOICE.mp4.sfk
2016-09-24 11:27 - 2016-09-24 11:28 - 149628805 _____ C:\Users\User\Downloads\FREE TO USE OVERWATCH DAY 0 EARLY GAMEPLAY- OVERWATCH GAMEPLAY WITH NO VOICE.mp4
2016-09-24 09:16 - 2016-09-28 07:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-24 09:14 - 2016-09-24 09:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-24 09:14 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-24 09:14 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-24 09:14 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-24 09:13 - 2016-09-24 09:13 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-24 08:44 - 2016-09-24 08:46 - 00049088 _____ C:\Users\User\Downloads\ANTARCTICA [READ DESC].mp4.sfk
2016-09-24 08:43 - 2016-09-24 08:43 - 06374058 _____ C:\Users\User\Downloads\ANTARCTICA [READ DESC].mp4
2016-09-24 08:43 - 2016-09-24 08:43 - 00566514 _____ C:\Users\User\Downloads\videoplayback (2).m4a
2016-09-23 17:14 - 2016-09-23 19:38 - 00004020 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474658096
2016-09-23 17:14 - 2016-09-23 19:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-23 17:14 - 2016-09-23 17:14 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-09-23 17:14 - 2016-09-23 17:13 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-09-23 17:04 - 2016-09-23 17:06 - 00000000 ____D C:\WINDOWS\SystemApps.bak
2016-09-23 17:03 - 2016-09-23 17:03 - 00000622 _____ C:\Users\User\Downloads\TakeOwnership.zip
2016-09-23 16:38 - 2016-09-23 16:38 - 00000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2016-09-23 16:37 - 2016-09-23 16:37 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-09-23 16:37 - 2016-09-23 16:37 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-09-23 16:37 - 2016-09-23 16:37 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-09-23 16:37 - 2016-09-23 16:37 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-09-23 16:37 - 2016-09-23 16:37 - 00000350 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-09-23 16:37 - 2016-09-23 16:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-09-23 16:37 - 2016-09-23 16:36 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-09-23 16:36 - 2016-09-23 17:13 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-23 16:36 - 2016-09-23 16:36 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-09-23 16:36 - 2016-09-23 16:36 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-09-23 16:35 - 2016-09-23 16:36 - 06253640 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_cnet_2 (1).exe
2016-09-23 16:27 - 2016-09-23 16:27 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-23 16:09 - 2016-09-26 23:10 - 00000008 __RSH C:\Users\User\ntuser.pol
2016-09-23 16:08 - 2016-09-23 16:08 - 00000000 ____D C:\WINDOWS\Panther
2016-09-23 16:07 - 2016-09-23 17:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-23 16:05 - 2016-09-23 16:05 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-09-23 16:04 - 2016-09-23 16:05 - 06253640 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2016-09-23 16:03 - 2016-09-26 23:10 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-23 16:02 - 2016-09-26 20:27 - 00001237 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-09-23 16:02 - 2016-09-26 20:27 - 00001052 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk
2016-09-23 16:02 - 2016-09-23 16:02 - 00000000 _____ C:\TOSTACK
2016-09-23 16:01 - 2016-09-23 17:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-23 16:01 - 2016-09-23 16:01 - 00008934 _____ C:\WINDOWS\System32\Tasks\Ladacultferdoch Reports
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\Users\User\AppData\Local\Pluqery
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\ProgramData\Avira
2016-09-23 16:01 - 2016-09-23 16:01 - 00000000 ____D C:\ProgramData\Avg
2016-09-23 14:20 - 2016-09-23 14:20 - 00001385 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-09-23 14:20 - 2016-09-23 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-09-23 13:21 - 2016-09-23 13:24 - 31336304 _____ (Riot Games) C:\Users\User\Downloads\LeagueofLegends_EUNE_Installer_2016_05_13 (1).exe
2016-09-23 08:10 - 2016-09-23 08:22 - 00027680 _____ C:\Users\User\Downloads\TOP 10 Intro Templates #173 Sony Vegas Pro + Free Download.mp3.sfk
2016-09-22 22:56 - 2016-09-22 22:58 - 00036144 _____ C:\Users\User\Documents\samoubiima.veg
2016-09-22 22:56 - 2016-09-22 22:56 - 00033600 _____ C:\Users\User\Documents\samoubiima.veg.bak
2016-09-22 19:52 - 2016-09-22 20:15 - 00091800 _____ C:\Users\User\Documents\edita.veg
2016-09-22 19:52 - 2016-09-22 20:14 - 00091400 _____ C:\Users\User\Documents\edita.veg.bak
2016-09-21 18:56 - 2016-09-21 18:57 - 00000000 ____D C:\Users\User\AppData\Local\HirezLauncherUI
2016-09-21 18:49 - 2016-09-21 18:50 - 00028640 _____ C:\Users\User\Downloads\HBD TO ME.mp4.sfk
2016-09-21 18:49 - 2016-09-21 18:49 - 05011743 _____ C:\Users\User\Downloads\HBD TO ME.mp4
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files\MSBuild
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-21 18:09 - 2016-09-21 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-21 18:05 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-21 18:05 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-21 18:05 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-21 17:50 - 2016-09-21 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-21 17:50 - 2016-09-21 17:50 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-09-21 17:49 - 2016-09-26 23:10 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-09-21 16:26 - 2016-09-21 16:27 - 00025728 _____ C:\Users\User\Downloads\FOREVER.mp4.sfk
2016-09-21 16:25 - 2016-09-21 16:25 - 04079089 _____ C:\Users\User\Downloads\FOREVER.mp4
2016-09-21 16:12 - 2016-09-21 19:13 - 00081816 _____ C:\Users\User\Documents\gei.veg
2016-09-21 16:12 - 2016-09-21 19:11 - 00081888 _____ C:\Users\User\Documents\gei.veg.bak
2016-09-21 16:09 - 2016-09-21 16:22 - 00031584 _____ C:\Users\User\Downloads\- DESTRUCTION [1080p60].mp4.sfk
2016-09-21 16:03 - 2016-09-21 16:03 - 05710616 _____ C:\Users\User\Downloads\- DESTRUCTION [1080p60].mp4
2016-09-21 15:45 - 2016-09-21 15:45 - 00000222 _____ C:\Users\User\Desktop\Paladins.url
2016-09-21 14:55 - 2016-09-21 14:55 - 00003520 _____ C:\Users\User\Downloads\Repair.jar
2016-09-21 14:33 - 2016-09-21 14:33 - 00027274 _____ C:\Users\User\Downloads\RepairMan-0.3.2.jar
2016-09-21 13:12 - 2016-09-21 15:06 - 00083288 _____ C:\Users\User\Documents\gayy.veg
2016-09-21 13:12 - 2016-09-21 14:57 - 00022552 _____ C:\Users\User\Documents\gayy.veg.bak
2016-09-21 11:25 - 2016-09-21 11:25 - 00965083 _____ C:\Users\User\Downloads\#12.wmv
2016-09-20 23:02 - 2016-09-20 23:02 - 00000000 ____D C:\Program Files\CMAK
2016-09-20 23:02 - 2016-09-20 23:02 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignffe0c00f90266638
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf8fc6ef0d58f08d2
2016-09-20 22:29 - 2016-09-20 22:29 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign7a2912fbe51e8eb8
2016-09-20 22:12 - 2016-09-07 03:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-20 22:12 - 2016-09-07 03:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-20 22:12 - 2016-09-07 03:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-20 22:12 - 2016-09-07 03:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-20 22:12 - 2016-09-07 03:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-20 22:12 - 2016-09-07 02:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-20 22:12 - 2016-09-07 02:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-20 22:12 - 2016-09-07 02:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-20 22:12 - 2016-09-07 02:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-20 22:12 - 2016-09-07 02:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-20 22:12 - 2016-09-07 02:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-20 22:12 - 2016-09-07 02:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-20 22:12 - 2016-09-07 02:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-20 22:12 - 2016-09-07 02:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-20 22:12 - 2016-09-07 02:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-20 22:12 - 2016-09-07 02:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-20 22:12 - 2016-09-07 02:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-20 22:12 - 2016-09-07 02:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-20 22:12 - 2016-09-07 02:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-20 22:12 - 2016-09-07 02:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-20 22:12 - 2016-09-07 02:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-20 22:12 - 2016-09-07 02:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-20 22:12 - 2016-09-07 02:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-20 22:12 - 2016-09-07 02:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-20 22:12 - 2016-09-07 02:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-20 22:12 - 2016-09-07 02:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-20 22:12 - 2016-09-07 02:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-20 22:12 - 2016-09-07 02:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-20 22:12 - 2016-09-07 02:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-20 22:12 - 2016-08-20 03:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-20 22:12 - 2016-08-20 03:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-20 22:12 - 2016-08-20 03:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-20 22:12 - 2016-08-20 03:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-20 22:12 - 2016-08-20 03:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-20 22:12 - 2016-08-20 03:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-20 22:12 - 2016-08-20 03:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-20 22:12 - 2016-08-20 02:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-20 22:12 - 2016-08-06 02:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-20 22:12 - 2016-08-06 01:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-20 22:12 - 2016-08-06 01:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-20 22:12 - 2016-08-06 01:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-20 22:12 - 2016-08-06 01:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-20 22:12 - 2016-08-06 01:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-20 22:12 - 2016-08-06 01:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-20 22:12 - 2016-08-06 01:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-20 22:12 - 2016-08-06 01:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-20 22:12 - 2016-08-06 01:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-20 22:12 - 2016-08-02 06:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-20 22:11 - 2016-09-07 03:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-20 22:11 - 2016-09-07 03:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-20 22:11 - 2016-09-07 03:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-20 22:11 - 2016-09-07 03:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-20 22:11 - 2016-09-07 03:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-20 22:11 - 2016-09-07 03:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-20 22:11 - 2016-09-07 03:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-20 22:11 - 2016-09-07 03:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-20 22:11 - 2016-09-07 03:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-20 22:11 - 2016-09-07 03:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-20 22:11 - 2016-09-07 03:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-20 22:11 - 2016-09-07 03:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-20 22:11 - 2016-09-07 03:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-20 22:11 - 2016-09-07 03:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-20 22:11 - 2016-09-07 03:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-20 22:11 - 2016-09-07 03:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-20 22:11 - 2016-09-07 02:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-20 22:11 - 2016-09-07 02:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-20 22:11 - 2016-09-07 02:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-20 22:11 - 2016-09-07 02:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-20 22:11 - 2016-09-07 02:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-20 22:11 - 2016-09-07 02:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-20 22:11 - 2016-09-07 02:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-20 22:11 - 2016-09-07 02:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-20 22:11 - 2016-09-07 02:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-20 22:11 - 2016-09-07 02:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-20 22:11 - 2016-09-07 02:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-20 22:11 - 2016-09-07 02:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-20 22:11 - 2016-09-07 02:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-20 22:11 - 2016-09-07 02:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-20 22:11 - 2016-09-07 02:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-20 22:11 - 2016-09-07 02:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-20 22:11 - 2016-09-07 02:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-20 22:11 - 2016-09-07 02:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-20 22:11 - 2016-09-07 02:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-20 22:11 - 2016-09-07 02:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-20 22:11 - 2016-09-07 02:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-20 22:11 - 2016-09-07 02:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-20 22:11 - 2016-09-07 02:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-20 22:11 - 2016-09-07 02:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-20 22:11 - 2016-09-07 02:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-20 22:11 - 2016-09-07 02:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-20 22:11 - 2016-09-07 02:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-20 22:11 - 2016-09-07 02:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-20 22:11 - 2016-09-07 02:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-20 22:11 - 2016-08-20 03:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-20 22:11 - 2016-08-20 03:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-20 22:11 - 2016-08-20 03:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-20 22:11 - 2016-08-20 03:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-20 22:11 - 2016-08-20 03:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-20 22:11 - 2016-08-20 03:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-20 22:11 - 2016-08-20 03:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-20 22:11 - 2016-08-20 03:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-20 22:11 - 2016-08-20 02:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-20 22:11 - 2016-08-06 02:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-20 22:11 - 2016-08-06 02:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-20 22:11 - 2016-08-06 01:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-20 22:11 - 2016-08-06 01:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-20 22:11 - 2016-08-06 01:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-20 22:11 - 2016-08-06 01:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-20 22:11 - 2016-08-06 01:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-20 22:11 - 2016-08-06 01:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-20 22:11 - 2016-08-06 01:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-20 22:11 - 2016-08-06 01:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-20 22:11 - 2016-08-06 01:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-20 22:11 - 2016-08-06 01:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-20 22:11 - 2016-08-06 01:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-20 22:11 - 2016-08-06 01:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-20 22:11 - 2016-08-06 01:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-20 22:11 - 2016-08-06 01:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-20 22:11 - 2016-08-06 01:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-20 22:11 - 2016-08-06 01:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-20 22:11 - 2016-08-06 01:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-20 22:11 - 2016-08-06 01:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-20 22:11 - 2016-08-06 01:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-20 22:11 - 2016-08-02 06:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-20 22:11 - 2016-08-02 02:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-20 22:11 - 2016-07-21 23:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-20 22:11 - 2016-07-21 22:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-20 22:10 - 2016-09-07 03:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-20 22:10 - 2016-09-07 03:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-20 22:10 - 2016-09-07 03:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-20 22:10 - 2016-09-07 03:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-20 22:10 - 2016-09-07 03:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-20 22:10 - 2016-09-07 03:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-20 22:10 - 2016-09-07 03:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-20 22:10 - 2016-09-07 03:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-20 22:10 - 2016-09-07 03:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-20 22:10 - 2016-09-07 03:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-20 22:10 - 2016-09-07 03:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-20 22:10 - 2016-09-07 03:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-20 22:10 - 2016-09-07 03:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-20 22:10 - 2016-09-07 03:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-20 22:10 - 2016-09-07 03:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-20 22:10 - 2016-09-07 03:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-20 22:10 - 2016-09-07 03:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-20 22:10 - 2016-09-07 02:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-20 22:10 - 2016-09-07 02:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-20 22:10 - 2016-09-07 02:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-20 22:10 - 2016-09-07 02:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-20 22:10 - 2016-09-07 02:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-20 22:10 - 2016-09-07 02:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-20 22:10 - 2016-09-07 02:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-20 22:10 - 2016-09-07 02:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-20 22:10 - 2016-09-07 02:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-20 22:10 - 2016-09-07 02:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-20 22:10 - 2016-09-07 02:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-20 22:10 - 2016-09-07 02:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-20 22:10 - 2016-09-07 02:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-20 22:10 - 2016-08-20 04:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-20 22:10 - 2016-08-20 03:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-20 22:10 - 2016-08-20 03:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-20 22:10 - 2016-08-20 03:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-20 22:10 - 2016-08-20 03:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-20 22:10 - 2016-08-20 03:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-20 22:10 - 2016-08-20 03:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-20 22:10 - 2016-08-20 03:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-20 22:10 - 2016-08-20 02:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-20 22:10 - 2016-08-20 02:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-20 22:10 - 2016-08-20 02:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-20 22:10 - 2016-08-20 02:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-20 22:10 - 2016-07-21 23:25 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-20 22:10 - 2016-07-21 23:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-20 22:10 - 2016-07-21 22:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-20 22:08 - 2016-09-07 02:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-20 22:06 - 2016-09-07 03:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-20 22:06 - 2016-09-07 03:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-20 22:06 - 2016-09-07 03:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-20 22:06 - 2016-09-07 02:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-20 22:06 - 2016-08-06 01:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-20 22:04 - 2016-09-07 03:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-20 22:04 - 2016-09-07 03:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-20 22:04 - 2016-09-07 02:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-20 21:53 - 2016-09-07 03:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-20 21:53 - 2016-09-07 03:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-20 21:53 - 2016-09-07 03:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-20 21:53 - 2016-09-07 03:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-20 21:53 - 2016-09-07 02:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-20 21:53 - 2016-09-07 02:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-20 21:53 - 2016-09-07 02:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-20 21:53 - 2016-09-07 02:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-20 21:53 - 2016-09-07 02:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-20 21:53 - 2016-09-07 02:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-20 21:53 - 2016-09-07 02:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-20 21:53 - 2016-09-07 02:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-20 21:53 - 2016-09-07 02:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-20 21:53 - 2016-08-20 03:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-20 21:53 - 2016-08-20 02:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-20 21:53 - 2016-08-06 02:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-20 21:53 - 2016-08-06 02:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-20 21:53 - 2016-08-06 01:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-20 21:53 - 2016-08-06 01:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-20 21:53 - 2016-08-06 01:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-20 21:53 - 2016-07-21 23:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-20 21:52 - 2016-09-07 03:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-20 21:52 - 2016-09-07 03:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-20 21:52 - 2016-09-07 03:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-20 21:52 - 2016-09-07 03:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-20 21:52 - 2016-09-07 03:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-20 21:52 - 2016-09-07 02:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-20 21:52 - 2016-09-07 02:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-20 21:52 - 2016-09-07 02:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-20 21:52 - 2016-09-07 02:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-20 21:52 - 2016-09-07 02:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-20 21:52 - 2016-09-07 02:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-20 21:52 - 2016-09-07 02:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-20 21:52 - 2016-09-07 02:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-20 21:52 - 2016-09-07 02:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-20 21:52 - 2016-09-07 02:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-20 21:52 - 2016-09-07 02:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-20 21:52 - 2016-09-07 02:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-20 21:52 - 2016-09-07 02:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-20 21:52 - 2016-09-07 02:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-20 21:52 - 2016-09-07 02:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-20 21:52 - 2016-09-07 02:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-20 21:52 - 2016-09-07 02:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-20 21:52 - 2016-09-07 02:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-20 21:52 - 2016-09-07 02:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-20 21:52 - 2016-09-07 02:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-20 21:52 - 2016-08-20 03:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-20 21:52 - 2016-08-20 03:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-20 21:52 - 2016-08-20 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-20 21:52 - 2016-08-20 03:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-20 21:52 - 2016-08-06 02:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-20 21:52 - 2016-08-06 01:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-20 21:52 - 2016-08-06 01:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-20 21:52 - 2016-08-06 01:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-20 21:52 - 2016-08-06 01:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-20 21:52 - 2016-08-06 01:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-20 21:51 - 2016-09-07 03:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-20 21:51 - 2016-09-07 03:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-20 21:51 - 2016-09-07 03:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-20 21:51 - 2016-09-07 03:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-20 21:51 - 2016-09-07 03:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-20 21:51 - 2016-09-07 03:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-20 21:51 - 2016-09-07 02:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-20 21:51 - 2016-09-07 02:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-20 21:51 - 2016-09-07 02:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-20 21:51 - 2016-09-07 02:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-20 21:51 - 2016-09-07 02:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-20 21:51 - 2016-09-07 02:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-20 21:51 - 2016-09-07 02:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-20 21:51 - 2016-09-07 02:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-20 21:51 - 2016-09-07 02:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-20 21:51 - 2016-09-07 02:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-20 21:51 - 2016-09-07 02:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-20 21:51 - 2016-09-07 02:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-20 21:51 - 2016-09-07 02:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-20 21:51 - 2016-09-07 02:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-20 21:51 - 2016-08-20 03:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-20 21:51 - 2016-08-20 03:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-20 21:51 - 2016-08-20 03:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-20 21:51 - 2016-08-20 03:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-20 21:51 - 2016-08-20 03:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-20 21:51 - 2016-08-20 03:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-20 21:51 - 2016-08-20 03:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-20 21:51 - 2016-08-06 01:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-20 21:51 - 2016-08-06 01:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-20 21:51 - 2016-08-06 01:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-20 21:50 - 2016-09-07 03:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-20 21:50 - 2016-09-07 03:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-20 21:50 - 2016-09-07 03:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-20 21:50 - 2016-09-07 03:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-20 21:50 - 2016-09-07 03:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-20 21:50 - 2016-09-07 03:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-20 21:50 - 2016-09-07 03:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-20 21:50 - 2016-09-07 02:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-20 21:50 - 2016-09-07 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-20 21:50 - 2016-09-07 02:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-20 21:50 - 2016-09-07 02:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-20 21:50 - 2016-09-07 02:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-20 21:50 - 2016-09-07 02:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-20 21:50 - 2016-09-07 02:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-20 21:50 - 2016-09-07 02:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-20 21:50 - 2016-09-07 02:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-20 21:50 - 2016-09-07 02:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-20 21:50 - 2016-09-07 02:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-20 21:50 - 2016-09-07 02:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-20 21:50 - 2016-09-07 02:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-20 21:50 - 2016-08-18 23:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-20 21:50 - 2016-08-06 02:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-20 21:49 - 2016-09-07 03:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-20 21:49 - 2016-09-07 03:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-20 21:49 - 2016-09-07 03:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-20 21:49 - 2016-09-07 03:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-20 21:49 - 2016-09-07 03:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-20 21:49 - 2016-09-07 03:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-20 21:49 - 2016-09-07 03:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-20 21:49 - 2016-09-07 03:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-20 21:49 - 2016-09-07 03:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-20 21:49 - 2016-09-07 03:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-20 21:49 - 2016-09-07 03:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-20 21:49 - 2016-09-07 03:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-20 21:49 - 2016-09-07 03:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-20 21:49 - 2016-09-07 03:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-20 21:49 - 2016-09-07 02:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-20 21:49 - 2016-09-07 02:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-20 21:49 - 2016-09-07 02:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-20 21:49 - 2016-09-07 02:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-20 21:49 - 2016-09-07 02:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-20 21:49 - 2016-09-07 02:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-20 21:49 - 2016-09-07 02:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-20 21:49 - 2016-09-07 02:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-20 21:49 - 2016-09-07 02:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-20 21:49 - 2016-09-07 02:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-20 21:49 - 2016-09-07 02:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-20 21:49 - 2016-08-20 03:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-20 21:49 - 2016-08-20 03:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-20 21:49 - 2016-08-20 03:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-20 21:49 - 2016-08-06 02:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-20 21:49 - 2016-08-06 01:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-20 21:49 - 2016-07-21 23:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-20 21:48 - 2016-09-07 03:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-20 21:48 - 2016-09-07 03:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-20 21:48 - 2016-09-07 03:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-20 21:48 - 2016-09-07 03:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-20 21:48 - 2016-09-07 02:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-20 21:48 - 2016-09-07 02:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-20 21:48 - 2016-09-07 02:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-20 21:48 - 2016-09-07 02:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-20 21:48 - 2016-09-07 02:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-20 21:48 - 2016-09-07 02:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-20 21:48 - 2016-08-20 04:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-20 21:48 - 2016-08-06 02:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-20 21:48 - 2016-08-06 01:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-20 21:48 - 2016-07-21 23:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-20 21:47 - 2016-09-07 04:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-20 21:47 - 2016-09-07 03:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-20 21:47 - 2016-09-07 03:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-20 21:47 - 2016-09-07 03:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-20 21:47 - 2016-09-07 03:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-20 21:47 - 2016-09-07 03:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-20 21:47 - 2016-09-07 03:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-20 21:47 - 2016-09-07 03:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-20 21:47 - 2016-09-07 03:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-20 21:47 - 2016-09-07 03:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-20 21:47 - 2016-09-07 03:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-20 21:47 - 2016-09-07 03:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-20 21:47 - 2016-09-07 03:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-20 21:47 - 2016-09-07 03:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-20 21:47 - 2016-09-07 03:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-20 21:47 - 2016-09-07 03:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-20 21:47 - 2016-09-07 02:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-20 21:47 - 2016-09-07 02:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-20 21:47 - 2016-09-07 02:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-20 21:47 - 2016-09-07 02:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-20 21:47 - 2016-09-07 02:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-20 21:47 - 2016-09-07 02:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-20 21:47 - 2016-09-07 02:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-20 21:47 - 2016-09-07 02:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-20 21:47 - 2016-09-07 02:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-20 21:47 - 2016-09-07 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-20 21:47 - 2016-09-07 02:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-20 21:47 - 2016-09-07 02:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-20 21:47 - 2016-09-07 02:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-20 21:47 - 2016-09-07 02:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-20 21:47 - 2016-09-07 02:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-20 21:47 - 2016-09-07 02:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-20 21:47 - 2016-09-07 02:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-20 21:47 - 2016-09-07 02:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-20 21:47 - 2016-08-27 10:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-20 21:47 - 2016-08-27 03:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-20 21:47 - 2016-08-27 02:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-20 21:47 - 2016-08-27 02:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-20 21:47 - 2016-08-27 02:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-20 21:47 - 2016-08-20 03:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-20 21:47 - 2016-08-20 03:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-20 21:47 - 2016-08-20 03:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-20 21:47 - 2016-08-20 03:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-20 21:47 - 2016-08-06 02:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-20 21:47 - 2016-08-06 02:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-20 21:47 - 2016-08-06 02:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-20 21:47 - 2016-08-06 02:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-20 21:47 - 2016-08-06 01:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-20 21:47 - 2016-08-06 01:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-20 21:47 - 2016-08-06 01:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-20 21:47 - 2016-07-21 23:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-20 21:46 - 2016-09-07 03:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-20 21:46 - 2016-09-07 03:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-20 21:46 - 2016-09-07 03:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-20 21:46 - 2016-09-07 03:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-20 21:46 - 2016-09-07 03:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-20 21:46 - 2016-09-07 03:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-20 21:46 - 2016-09-07 03:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-20 21:46 - 2016-09-07 03:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-20 21:46 - 2016-09-07 02:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-20 21:46 - 2016-09-07 02:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-20 21:46 - 2016-09-07 02:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-20 21:46 - 2016-09-07 02:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-20 21:46 - 2016-09-07 02:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-20 21:46 - 2016-09-07 02:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-20 21:46 - 2016-09-07 02:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-09-20 21:46 - 2016-09-07 02:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-20 21:46 - 2016-09-07 02:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-20 21:46 - 2016-09-07 02:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-20 21:46 - 2016-09-07 02:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-20 21:46 - 2016-09-07 02:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-20 21:46 - 2016-09-07 02:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-20 21:46 - 2016-09-07 02:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-20 21:46 - 2016-09-07 02:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-20 21:46 - 2016-09-07 02:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-20 21:46 - 2016-09-07 02:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-20 21:46 - 2016-09-07 02:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-20 21:46 - 2016-08-27 07:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-20 21:46 - 2016-08-27 02:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-20 21:46 - 2016-08-27 02:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-20 21:46 - 2016-08-27 02:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-20 21:46 - 2016-08-20 04:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-20 21:46 - 2016-08-20 03:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-20 21:46 - 2016-08-06 02:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-20 21:46 - 2016-08-06 02:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-20 21:46 - 2016-08-06 02:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-20 21:46 - 2016-08-06 02:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-20 21:46 - 2016-08-06 02:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-20 21:46 - 2016-08-06 02:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-20 21:46 - 2016-08-06 02:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-20 21:46 - 2016-08-06 02:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-20 21:46 - 2016-08-05 07:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-20 21:46 - 2016-08-05 07:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-20 21:46 - 2016-08-05 07:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-20 21:46 - 2016-08-02 06:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-20 21:46 - 2016-08-02 06:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-20 21:46 - 2016-08-02 02:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-20 21:45 - 2016-09-07 03:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-20 21:45 - 2016-09-07 02:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-20 21:45 - 2016-09-07 02:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-20 21:45 - 2016-09-07 02:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-20 21:45 - 2016-09-07 02:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-20 21:45 - 2016-09-07 02:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-20 21:45 - 2016-09-07 02:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-20 21:45 - 2016-09-07 02:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-20 21:45 - 2016-09-07 02:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-20 21:45 - 2016-09-07 02:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-20 21:45 - 2016-09-07 02:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-20 21:45 - 2016-09-07 02:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-20 21:45 - 2016-09-07 02:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-20 21:45 - 2016-09-07 02:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-20 21:45 - 2016-09-07 02:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-20 21:45 - 2016-09-07 02:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-20 21:45 - 2016-09-07 02:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-20 21:45 - 2016-09-07 02:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-20 21:45 - 2016-09-07 02:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-20 21:45 - 2016-09-07 02:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-20 21:45 - 2016-09-07 02:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-20 21:45 - 2016-09-07 02:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-20 21:45 - 2016-09-07 02:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-20 21:45 - 2016-09-07 02:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-20 21:45 - 2016-09-07 02:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-20 21:45 - 2016-09-07 02:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-20 21:45 - 2016-09-07 02:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-20 21:45 - 2016-08-27 02:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-20 21:45 - 2016-08-27 02:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-20 21:45 - 2016-08-20 03:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-20 21:45 - 2016-08-20 03:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-20 21:45 - 2016-08-20 03:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-20 21:45 - 2016-08-20 03:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-20 21:45 - 2016-08-06 01:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-20 21:45 - 2016-08-06 01:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-20 21:45 - 2016-08-06 01:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-20 21:45 - 2016-08-06 01:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-20 21:45 - 2016-08-06 01:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-20 21:45 - 2016-08-06 01:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-20 21:45 - 2016-08-06 01:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-20 21:45 - 2016-08-06 01:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-20 21:45 - 2016-08-06 01:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-20 21:45 - 2016-08-06 01:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-20 21:45 - 2016-08-06 01:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-20 21:45 - 2016-08-06 01:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-20 21:45 - 2016-08-06 01:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-20 21:45 - 2016-08-06 01:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-20 21:45 - 2016-08-06 01:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-20 21:45 - 2016-08-06 01:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-20 21:45 - 2016-08-06 01:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-20 21:45 - 2016-08-06 01:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-20 21:45 - 2016-08-06 01:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-20 21:45 - 2016-08-06 01:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-20 21:45 - 2016-08-06 01:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-20 21:45 - 2016-08-05 06:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-20 21:45 - 2016-08-05 06:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-20 21:45 - 2016-08-05 06:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-20 21:45 - 2016-08-05 06:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-20 21:45 - 2016-08-05 06:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-20 21:45 - 2016-08-05 06:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-20 21:45 - 2016-08-05 06:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-20 21:45 - 2016-08-05 06:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-20 21:45 - 2016-08-02 06:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-20 21:45 - 2016-08-02 06:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-20 21:45 - 2016-08-02 06:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-20 21:45 - 2016-08-02 06:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-20 21:45 - 2016-08-02 02:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-20 21:45 - 2016-08-02 02:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-20 21:27 - 2016-09-20 21:27 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-20 21:27 - 2016-09-20 21:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-20 21:27 - 2016-09-20 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-20 21:27 - 2016-09-20 21:27 - 00000000 ____D C:\Program Files\CCleaner
2016-09-20 21:23 - 2016-09-20 21:27 - 08244656 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup522.exe
2016-09-20 21:01 - 2016-09-21 11:28 - 00351080 _____ C:\Users\User\Documents\bebe.veg
2016-09-20 21:01 - 2016-09-21 11:18 - 00345912 _____ C:\Users\User\Documents\bebe.veg.bak
2016-09-20 13:28 - 2016-09-20 13:28 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-20 13:27 - 2016-09-20 13:27 - 00000000 ____D C:\ProgramData\USOShared
2016-09-20 13:26 - 2016-09-20 21:24 - 00000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2016-09-20 13:26 - 2016-09-20 13:26 - 00000020 ___SH C:\Users\User\ntuser.ini
2016-09-20 13:25 - 2016-09-20 21:31 - 00000000 ____D C:\Windows.old
2016-09-20 13:25 - 2016-07-16 01:29 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2016-09-20 13:25 - 2016-07-16 01:26 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2016-09-20 13:25 - 2016-07-16 01:25 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2016-09-20 13:25 - 2016-07-16 00:45 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0002.dll
2016-09-20 13:25 - 2016-07-16 00:42 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0002.dll
2016-09-20 13:25 - 2016-07-16 00:39 - 01868800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2016-09-20 13:24 - 2016-09-20 13:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-20 13:23 - 2016-09-20 13:23 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\My Documents
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-09-20 07:48 - 2016-09-20 07:48 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-09-20 07:47 - 2016-09-20 07:48 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-20 07:47 - 2016-09-20 07:48 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-20 07:46 - 2016-09-26 23:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-20 07:46 - 2016-09-20 07:46 - 00003550 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-20 07:46 - 2016-09-20 07:46 - 00003326 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-20 07:46 - 2016-09-20 07:46 - 00003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EED9C1A5-E344-46EF-8B20-C3BDE6381A91}
2016-09-20 07:46 - 2016-09-20 07:46 - 00003050 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001
2016-09-20 07:46 - 2016-09-20 07:46 - 00002882 _____ C:\WINDOWS\System32\Tasks\Red Giant Link
2016-09-20 07:46 - 2016-09-20 07:46 - 00002820 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-20 07:46 - 2016-09-20 07:46 - 00002798 _____ C:\WINDOWS\System32\Tasks\update-sys
2016-09-20 07:46 - 2016-09-20 07:46 - 00002580 _____ C:\WINDOWS\System32\Tasks\{179AE184-A649-4CA8-A3D0-6C614864584D}
2016-09-20 07:46 - 2016-09-20 07:46 - 00002370 _____ C:\WINDOWS\System32\Tasks\{5C066DAE-FB13-483C-BE23-A69C5C4EC109}
2016-09-20 07:46 - 2016-09-20 07:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-20 07:42 - 2016-09-20 07:42 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-20 07:36 - 2016-09-20 07:36 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-20 07:34 - 2016-09-20 07:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\My Documents
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Videos
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Pictures
2016-09-20 07:33 - 2016-09-20 07:33 - 00000000 _SHDL C:\Users\User\Documents\My Music
2016-09-20 07:30 - 2016-07-28 01:27 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-20 07:30 - 2016-07-16 09:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-20 07:29 - 2016-09-28 07:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-20 07:29 - 2016-09-20 07:35 - 00000000 ____D C:\Program Files\Intel
2016-09-20 07:29 - 2016-09-20 07:29 - 00000568 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-09-20 07:29 - 2016-09-20 07:29 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 ____D C:\Program Files\Realtek
2016-09-20 07:29 - 2016-09-20 07:29 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-09-20 07:28 - 2016-09-27 23:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-20 07:28 - 2016-09-20 07:28 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-19 22:20 - 2016-09-19 22:22 - 00001536 _____ C:\Users\User\Downloads\Glitch Overlay.mp4.sfk
2016-09-19 22:20 - 2016-09-19 22:20 - 00314270 _____ C:\Users\User\Downloads\Glitch Overlay.mp4
2016-09-19 22:01 - 2016-09-19 22:02 - 00207776 _____ C:\Users\User\Downloads\Glitch Art Video.mp4.sfk
2016-09-19 22:00 - 2016-09-19 22:00 - 12944758 _____ C:\Users\User\Downloads\Glitch Art Video.mp4
2016-09-19 21:52 - 2016-09-19 21:54 - 00007072 _____ C:\Users\User\Downloads\Glitch overlay by Duczmen + Download link FREE (1).mp4.sfk
2016-09-19 21:52 - 2016-09-19 21:52 - 01477227 _____ C:\Users\User\Downloads\Glitch overlay by Duczmen + Download link FREE (1).mp4
2016-09-19 21:28 - 2016-09-19 22:19 - 00299568 _____ C:\Users\User\Documents\basi.veg.tmp
2016-09-19 21:28 - 2016-09-19 22:19 - 00299568 _____ C:\Users\User\Documents\basi.veg.bak
2016-09-19 21:26 - 2016-09-19 21:32 - 00396640 _____ C:\Users\User\Downloads\Qualmsound - Breath (Blynk Remix).mp4.sfk
2016-09-19 21:26 - 2016-09-19 21:26 - 18697673 _____ C:\Users\User\Downloads\Qualmsound - Breath (Blynk Remix).mp4
2016-09-19 21:12 - 2016-09-19 21:22 - 00000044 _____ C:\Users\User\Documents\pooshock.ru.url
2016-09-19 18:39 - 2016-09-19 18:50 - 00267744 _____ C:\Users\User\Downloads\MarCrew REOPPENED !.mp4.sfk
2016-09-19 18:39 - 2016-09-19 18:39 - 29852481 _____ C:\Users\User\Downloads\MarCrew REOPPENED !.mp4
2016-09-19 17:11 - 2016-09-19 17:11 - 58906114 _____ C:\Users\User\Downloads\Драма 2.mp4
2016-09-19 17:07 - 2016-09-19 17:10 - 533484853 _____ C:\Users\User\Downloads\ДРАМА.mp4
2016-09-19 14:15 - 2016-09-19 14:15 - 00028424 _____ C:\Users\User\Documents\testeaweaw.veg
2016-09-19 14:06 - 2016-09-19 14:10 - 00013920 _____ C:\Users\User\Downloads\Free Blue Sync Intro Template [C4,AE] #14.mp4.sfk
2016-09-19 14:05 - 2016-09-19 14:05 - 03225955 _____ C:\Users\User\Downloads\Free Blue Sync Intro Template [C4,AE] #14.mp4
2016-09-19 14:03 - 2016-09-19 14:03 - 24068500 _____ C:\Users\User\Downloads\MerkzzFx End of 2015 intro template.zip
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign75384d03ca01ba6a
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3bf565f523dbc71d
2016-09-18 22:35 - 2016-09-18 22:35 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign385b943bf9cddf7b
2016-09-18 12:56 - 2016-09-18 12:56 - 40254473 _____ C:\Users\User\Downloads\Открития на нацистите, откраднати от САЩ след войната.mp4
2016-09-17 22:38 - 2016-09-17 22:38 - 00012928 _____ C:\Users\User\Documents\тест.veg
2016-09-17 19:47 - 2016-09-17 19:49 - 221498696 _____ C:\Users\User\Downloads\900 subs giftpack by Hasel.rar
2016-09-16 22:20 - 2016-09-16 22:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign39983a584c625489
2016-09-16 22:19 - 2016-09-16 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd46f29e432adafb3
2016-09-16 22:19 - 2016-09-16 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4744c9725b67c423
2016-09-16 21:20 - 2016-09-16 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign58d080d745fad1f4
2016-09-16 21:20 - 2016-09-16 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3fad890414530d69
2016-09-16 21:19 - 2016-09-16 21:19 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign128dad34647a6984
2016-09-16 20:07 - 2016-09-16 21:01 - 00000000 ____D C:\Users\User\Desktop\Cringe
2016-09-16 19:55 - 2016-09-16 21:30 - 00071104 _____ C:\Users\User\Documents\cringe.veg
2016-09-16 19:55 - 2016-09-16 21:29 - 00068448 _____ C:\Users\User\Documents\cringe.veg.bak
2016-09-16 19:42 - 2016-09-16 19:44 - 00752864 _____ C:\Users\User\Downloads\КАК ДА СИ ХВАНЕМ ГАДЖЕ.mp4.sfk
2016-09-16 19:42 - 2016-09-16 19:42 - 102753911 _____ C:\Users\User\Downloads\КАК ДА СИ ХВАНЕМ ГАДЖЕ.mp4
2016-09-16 18:36 - 2016-09-17 22:33 - 00319768 _____ C:\Users\User\Documents\Sci - Fi.veg
2016-09-16 18:36 - 2016-09-17 21:37 - 00319768 _____ C:\Users\User\Documents\Sci - Fi.veg.bak
2016-09-16 18:31 - 2016-09-16 18:46 - 00220576 _____ C:\Users\User\Downloads\Chris Travis - Sci - Fi.mp4.sfk
2016-09-16 18:31 - 2016-09-16 18:31 - 37198160 _____ C:\Users\User\Downloads\Chris Travis - Sci - Fi.mp4
2016-09-16 17:36 - 2016-09-16 17:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Charles
2016-09-16 17:02 - 2016-09-20 07:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Charles
2016-09-16 16:59 - 2016-09-16 17:01 - 78958592 _____ C:\Users\User\Downloads\charles-proxy-4.0-win64.msi
2016-09-15 20:16 - 2016-09-15 20:16 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign57398b4eafcd1c23
2016-09-15 20:15 - 2016-09-15 20:15 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb20d906f49468e85
2016-09-15 20:15 - 2016-09-15 20:15 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign3a7d68bf9db899f0
2016-09-15 20:09 - 2016-09-15 20:42 - 00096384 _____ C:\Users\User\Downloads\HBD Rufflexos [DESC].mp4.sfk
2016-09-15 20:08 - 2016-09-15 20:08 - 15906182 _____ C:\Users\User\Downloads\HBD Rufflexos [DESC].mp4
2016-09-15 16:19 - 2016-09-15 16:19 - 00012888 _____ C:\Users\User\Documents\tree.veg
2016-09-15 13:23 - 2016-09-15 13:27 - 00826944 _____ C:\Users\User\Downloads\YouTube loading screen.mp4.sfk
2016-09-15 13:22 - 2016-09-15 13:22 - 10114516 _____ C:\Users\User\Downloads\YouTube loading screen.mp4
2016-09-15 11:40 - 2016-09-15 14:48 - 16104576 _____ C:\Users\User\Documents\bobi duo.veg
2016-09-15 11:40 - 2016-09-15 14:46 - 16104576 _____ C:\Users\User\Documents\bobi duo.veg.bak
2016-09-15 11:34 - 2016-09-15 11:35 - 00055944 _____ C:\Users\User\Documents\nigga.sfk
2016-09-15 11:30 - 2016-09-15 11:31 - 07152104 _____ C:\Users\User\Documents\nigga.wav
2016-09-14 22:16 - 2016-09-14 22:22 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2016-09-14 22:16 - 2016-09-14 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-14 18:31 - 2016-09-14 18:31 - 00149864 _____ C:\Users\User\Downloads\Star Wars BattleFront II.torrent
2016-09-13 20:53 - 2016-09-13 20:53 - 00025792 _____ C:\Users\User\Documents\thesark.veg
2016-09-13 20:46 - 2016-09-13 20:54 - 00302656 _____ C:\Users\User\Downloads\The Chainsmokers - Don't Let Me Down (Illenium Remix) (1).mp4.sfk
2016-09-13 20:31 - 2016-09-13 20:31 - 56659041 _____ C:\Users\User\Downloads\The Chainsmokers - Don't Let Me Down (Illenium Remix) (1).mp4
2016-09-13 14:23 - 2016-09-13 14:25 - 188834405 _____ C:\Users\User\Downloads\Template (1).rar
2016-09-13 14:23 - 2016-09-13 14:23 - 349144087 _____ C:\Users\User\Downloads\INTRO TEMPLATE 4.rar
2016-09-13 13:53 - 2016-09-13 14:13 - 00091688 _____ C:\Users\User\Documents\reaction.veg
2016-09-13 13:53 - 2016-09-13 14:13 - 00087848 _____ C:\Users\User\Documents\reaction.veg.bak
2016-09-13 09:33 - 2016-09-13 12:57 - 00065856 _____ C:\Users\User\Documents\weeqweqweqweqwe.veg
2016-09-13 09:33 - 2016-09-13 12:48 - 00053488 _____ C:\Users\User\Documents\weeqweqweqweqwe.veg.bak
2016-09-13 09:31 - 2016-09-13 09:32 - 00044544 _____ C:\Users\User\Downloads\SET FIRE - DUO W- BLACKOUT [DESC].mp4.sfk
2016-09-13 09:31 - 2016-09-13 09:31 - 06714761 _____ C:\Users\User\Downloads\SET FIRE - DUO W- BLACKOUT [DESC].mp4
2016-09-12 20:56 - 2016-09-12 23:20 - 00317920 _____ C:\Users\User\Downloads\ERA - Ameno.mp4.sfk
2016-09-12 20:48 - 2016-09-12 20:48 - 16054646 _____ C:\Users\User\Downloads\ERA - Ameno.mp4
2016-09-12 20:39 - 2016-09-12 21:54 - 00192112 _____ C:\Users\User\Documents\LOL.veg
2016-09-12 20:39 - 2016-09-12 21:40 - 00134272 _____ C:\Users\User\Documents\LOL.veg.bak
2016-09-12 20:36 - 2016-09-12 20:39 - 00006592 _____ C:\Users\User\Downloads\Keemstar is a meme.mp4.sfk
2016-09-12 20:32 - 2016-09-12 20:32 - 00215636 _____ C:\Users\User\Downloads\Keemstar is a meme.mp4
2016-09-12 20:30 - 2016-09-12 20:31 - 91013140 _____ C:\Users\User\Downloads\хейт към българските ютубъри _)_.mp4
2016-09-12 19:09 - 2016-09-12 19:11 - 83243180 _____ C:\Users\User\Downloads\500SUBS INTRO TEMPLATE  by BattiArts.rar
2016-09-12 18:38 - 2016-09-12 18:38 - 00251168 _____ C:\Users\User\Downloads\SLIGHT - tsunami.mp4.sfk
2016-09-12 18:37 - 2016-09-12 18:37 - 47292442 _____ C:\Users\User\Downloads\SLIGHT - tsunami.mp4
2016-09-12 17:40 - 2016-09-12 17:41 - 00037568 _____ C:\Users\User\Downloads\-_veyron_-.mp4.sfk
2016-09-12 17:05 - 2016-09-12 17:06 - 00021888 _____ C:\Users\User\Documents\300 €€€ SPOT.mp4.sfk
2016-09-12 13:21 - 2016-09-12 13:23 - 00165696 _____ C:\Users\User\Downloads\Hard Rap Instrumental - Sick Trap Beat (prod. Kyu Tracks).mp4.sfk
2016-09-12 13:21 - 2016-09-12 13:21 - 21098056 _____ C:\Users\User\Downloads\Hard Rap Instrumental - Sick Trap Beat (prod. Kyu Tracks).mp4
2016-09-11 22:12 - 2016-09-11 22:12 - 04717593 _____ C:\Users\User\Downloads\Satire_intro.wmv
2016-09-11 21:31 - 2016-09-11 21:31 - 26038746 _____ C:\Users\User\Documents\300 €€€ SPOT.mp4
2016-09-11 21:28 - 2016-09-11 21:28 - 04782680 _____ C:\Users\User\Documents\26.wmv.sfap0
2016-09-11 21:28 - 2016-09-11 21:28 - 00037432 _____ C:\Users\User\Documents\26.wmv.sfk
2016-09-11 21:26 - 2016-09-11 21:27 - 20277589 _____ C:\Users\User\Documents\26.wmv
2016-09-11 21:24 - 2016-09-11 21:25 - 00189440 _____ C:\Users\User\Downloads\Bones - Dirt.mp4.sfk
2016-09-11 21:23 - 2016-09-11 21:24 - 39475965 _____ C:\Users\User\Downloads\Bones - Dirt.mp4
2016-09-11 21:15 - 2016-09-12 09:21 - 00386528 _____ C:\Users\User\Documents\Suicide Squad.veg
2016-09-11 21:15 - 2016-09-12 09:17 - 00275592 _____ C:\Users\User\Documents\Suicide Squad.veg.bak
2016-09-11 12:24 - 2016-09-11 12:45 - 00041200 _____ C:\Users\User\Documents\sadawe.veg
2016-09-11 12:24 - 2016-09-11 12:44 - 00040616 _____ C:\Users\User\Documents\sadawe.veg.bak
2016-09-11 09:57 - 2016-09-11 09:59 - 00885664 _____ C:\Users\User\Downloads\fat people  fails compilations.mp4.sfk
2016-09-11 09:56 - 2016-09-11 09:56 - 46056636 _____ C:\Users\User\Downloads\fat people  fails compilations.mp4
2016-09-11 09:44 - 2016-09-11 10:50 - 00200160 _____ C:\Users\User\Documents\ToxicBG.veg.bak
2016-09-11 09:44 - 2016-09-11 10:50 - 00200160 _____ C:\Users\User\Documents\ToxicBG.veg
2016-09-11 09:41 - 2016-09-11 09:45 - 00345696 _____ C:\Users\User\Downloads\videoplayback (2).mp4.sfk
2016-09-11 09:40 - 2016-09-11 09:40 - 39366017 _____ C:\Users\User\Downloads\videoplayback (2).mp4
2016-09-10 17:05 - 2016-09-10 17:07 - 3667822511 _____ C:\Users\User\Downloads\We Happy Few.zip
2016-09-10 15:30 - 2016-09-10 15:30 - 00000000 ____D C:\Users\User\AppData\Local\Razer
2016-09-10 14:41 - 2016-09-20 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-10 14:41 - 2016-09-10 14:41 - 00001354 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2016-09-10 14:41 - 2016-08-10 14:37 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2016-09-10 14:40 - 2016-09-10 14:41 - 00000000 ____D C:\ProgramData\Razer
2016-09-10 14:40 - 2016-09-10 14:41 - 00000000 ____D C:\Program Files (x86)\Razer
2016-09-10 14:40 - 2016-05-06 20:50 - 00044144 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2016-09-10 14:37 - 2016-09-10 14:38 - 124609040 _____ (Razer Inc. ) C:\Users\User\Downloads\RazerCortexSetup_7.5.7.57.exe
2016-09-08 22:26 - 2016-09-08 22:26 - 00005430 _____ C:\Users\User\Downloads\TB_SubExport_IskrentsBG_2016-09-08.zip
2016-09-08 16:40 - 2016-09-08 16:40 - 00850856 _____ C:\Users\User\Downloads\BURIED project(3).veg
2016-09-08 14:52 - 2016-09-08 14:52 - 01047470 _____ C:\Users\User\Downloads\OFFICIAL_T3C_INTRO.mp4
2016-09-08 09:50 - 2016-09-08 14:55 - 09943432 _____ C:\Users\User\Documents\afikaed.veg
2016-09-08 09:50 - 2016-09-08 14:39 - 09943432 _____ C:\Users\User\Documents\afikaed.veg.bak
2016-09-08 09:46 - 2016-09-08 09:46 - 00258016 _____ C:\Users\User\Downloads\Tory Lanez - I'll Be There feat. Meek Mill & French Montana (Explicit).mp4.sfk
2016-09-08 09:45 - 2016-09-08 09:45 - 10938136 _____ C:\Users\User\Downloads\Tory Lanez - I'll Be There feat. Meek Mill & French Montana (Explicit).mp4
2016-09-08 07:48 - 2016-09-08 07:48 - 14724759 _____ C:\Users\User\Downloads\top166-n10-c4d324.rar
2016-09-07 22:58 - 2016-09-07 22:58 - 02988833 _____ C:\Users\User\Downloads\митко баломбата.rar
2016-09-07 21:03 - 2016-09-07 21:03 - 00045111 _____ C:\Users\User\Downloads\Censored_Bleep_Sound_Effect (1).mp4
2016-09-07 21:01 - 2016-09-07 21:01 - 00045111 _____ C:\Users\User\Downloads\Censored_Bleep_Sound_Effect.mp4
2016-09-07 19:18 - 2016-09-07 21:02 - 00928096 _____ C:\Users\User\Downloads\THE WORST SONG IN THE HISTORY OF THE HUMAN RACE (LISTENING WILL ACTUALLY KILL YOU).mp4.sfk
2016-09-07 12:41 - 2016-08-28 17:12 - 04128846 _____ C:\Users\User\Documents\The_Chainsmokers_-_Closer_Lyric_ft.wav
2016-09-07 12:41 - 2016-01-22 22:33 - 23884772 _____ C:\Users\User\Documents\shockwave 2.mov
2016-09-07 12:41 - 2015-06-24 14:00 - 00674270 _____ C:\Users\User\Documents\Shockwave 1.mp4
2016-09-06 23:03 - 2016-09-06 23:05 - 00648112 _____ C:\Users\User\Downloads\Imaginary Colors - Summer Collab 2016.mp4-0-4702364333-1.sfk
2016-09-06 23:02 - 2016-09-06 23:03 - 00052544 _____ C:\Users\User\Downloads\P8FH7mR7iZM.mp4.sfk
2016-09-06 20:53 - 2016-09-06 20:58 - 00048464 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv.sfk
2016-09-06 20:53 - 2016-09-06 20:53 - 06195224 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv.sfap0
2016-09-06 20:33 - 2016-09-07 09:47 - 00118080 _____ C:\Users\User\Documents\ryan.veg
2016-09-06 20:33 - 2016-09-07 09:35 - 00114736 _____ C:\Users\User\Documents\ryan.veg.bak
2016-09-06 16:31 - 2016-09-06 16:36 - 02623360 _____ C:\Users\User\Downloads\VHS Glitch - Vol. 2 - Abstract Version - Free.mp4.sfk
2016-09-06 16:18 - 2016-09-06 16:36 - 00248144 _____ C:\Users\User\Downloads\Hotline Miami Soundtrack (Full).mp4.sfk
2016-09-06 16:18 - 2016-09-06 16:18 - 06642199 _____ C:\Users\User\Downloads\Hotline Miami Soundtrack (Full).mp4
2016-09-06 16:14 - 2016-09-06 16:14 - 00006343 _____ C:\Users\User\Downloads\dock_11.zip
2016-09-06 16:13 - 2016-09-06 16:16 - 457237377 _____ C:\Users\User\Downloads\VHS Glitch - Vol. 2 - Abstract Version - Free.mp4
2016-09-06 16:02 - 2016-09-06 16:02 - 61551873 _____ C:\Users\User\Downloads\FathomFX Intro Template (1).rar
2016-09-06 10:04 - 2016-09-06 10:05 - 61551873 _____ C:\Users\User\Downloads\FathomFX Intro Template.rar
2016-09-05 22:49 - 2016-09-06 16:34 - 00047664 _____ C:\Users\User\Documents\waston ne e gei.veg
2016-09-05 22:49 - 2016-09-06 16:32 - 00043568 _____ C:\Users\User\Documents\waston ne e gei.veg.bak
2016-09-05 21:56 - 2016-09-05 21:56 - 23021749 _____ C:\Users\User\Downloads\skapan ne6tasnik.wmv
2016-09-05 21:07 - 2016-09-05 21:07 - 00214336 _____ C:\Users\User\Documents\OKE.veg
2016-09-05 12:06 - 2016-09-05 12:15 - 00177568 _____ C:\Users\User\Downloads\Borgore - Flex (Dubstep Mix) (Official Video).mp4.sfk
2016-09-05 12:06 - 2016-09-05 12:06 - 31669675 _____ C:\Users\User\Downloads\Borgore - Flex (Dubstep Mix) (Official Video).mp4
2016-09-05 12:00 - 2016-09-05 22:46 - 00455528 _____ C:\Users\User\Documents\Epic.veg
2016-09-05 12:00 - 2016-09-05 22:38 - 00492352 _____ C:\Users\User\Documents\Epic.veg.bak
2016-09-05 08:08 - 2016-09-05 08:08 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignd88385c832cc87c1
2016-09-04 21:48 - 2016-09-04 21:48 - 06087272 _____ C:\Users\User\Downloads\Best of Music - 1 Hour No Copyright Sounds Mix 2016.mp3.sfk
2016-09-04 21:48 - 2016-09-04 21:48 - 00015640 _____ C:\Users\User\Documents\GTA V.veg
2016-09-04 18:20 - 2016-09-20 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-09-04 18:20 - 2016-09-04 18:20 - 00001004 _____ C:\Users\Public\Desktop\Fraps.lnk
2016-09-04 18:16 - 2016-09-04 18:16 - 00003719 _____ C:\Users\User\Downloads\Fraps 3.5.99 Build 15618 Retail.torrent
2016-09-04 18:14 - 2016-09-04 18:14 - 00000000 ____D C:\ProgramData\Steam
2016-09-04 18:14 - 2016-09-04 18:14 - 00000000 ____D C:\ProgramData\Socialclub
2016-09-03 20:42 - 2016-09-03 20:42 - 07448293 _____ C:\Users\User\Downloads\-_veyron_-.mp4
2016-09-03 20:40 - 2016-09-03 20:40 - 00075282 _____ C:\Users\User\Downloads\13683755_1548589368784053_1622257822_n (1).mp4
2016-09-03 19:28 - 2016-09-03 19:28 - 22878524 _____ C:\Users\User\Downloads\MB AMP.rar
2016-09-03 12:37 - 2016-09-03 12:53 - 00329472 _____ C:\Users\User\Downloads\MegaCrew Collab #3.mp4.sfk
2016-09-03 12:36 - 2016-09-03 12:36 - 38042153 _____ C:\Users\User\Downloads\MegaCrew Collab #3.mp4
2016-09-03 11:40 - 2009-06-03 06:15 - 04818944 _____ C:\WINDOWS\system32\zerogs.dll
2016-09-03 11:38 - 2016-09-03 11:38 - 00513241 _____ C:\Users\User\Downloads\__32-zerogs.dll.zip
2016-09-03 10:51 - 2016-09-03 10:51 - 00000693 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-09-03 10:51 - 2016-09-03 10:51 - 00000693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2016-09-03 09:57 - 2016-09-03 13:23 - 00000327 _____ C:\Users\User\Desktop\dadadadad.txt
2016-09-02 22:54 - 2016-09-02 22:56 - 00210080 _____ C:\Users\User\Downloads\GTA SA- Come Undone - iC&BdK.mp4.sfk
2016-09-02 22:37 - 2016-09-02 22:38 - 42199818 _____ C:\Users\User\Downloads\GTA SA- Come Undone - iC&BdK.mp4
2016-09-02 21:53 - 2016-09-02 21:58 - 00148704 _____ C:\Users\User\Downloads\GTA SA- We Are The Artist -Friendly Drift Battle Rax vs MrKevin[LOST].mp4.sfk
2016-09-02 21:52 - 2016-09-02 21:53 - 19322993 _____ C:\Users\User\Downloads\GTA SA- We Are The Artist -Friendly Drift Battle Rax vs MrKevin[LOST].mp4
2016-09-02 21:48 - 2016-09-02 21:50 - 00374752 _____ C:\Users\User\Downloads\Zomboy - Invaders.mp4.sfk
2016-09-02 21:48 - 2016-09-02 21:48 - 27349686 _____ C:\Users\User\Downloads\Zomboy - Invaders.mp4
2016-09-02 21:33 - 2016-09-02 21:34 - 00041472 _____ C:\Users\User\Downloads\TRIGGERED sound effect 2.mp4.sfk
2016-09-02 21:32 - 2016-09-02 21:32 - 00606327 _____ C:\Users\User\Downloads\TRIGGERED sound effect 2.mp4
2016-09-02 20:24 - 2016-09-03 08:16 - 00338440 _____ C:\Users\User\Documents\pookie.veg
2016-09-02 20:24 - 2016-09-03 08:15 - 00338440 _____ C:\Users\User\Documents\pookie.veg.bak
2016-09-02 19:49 - 2016-09-02 19:55 - 00279344 _____ C:\Users\User\Downloads\2k14 ntall.MP4.sfk
2016-09-02 19:08 - 2016-09-02 19:24 - 436454651 _____ C:\Users\User\Downloads\2k14 ntall.MP4
2016-09-02 13:23 - 2016-09-02 23:24 - 14200084 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC] (1).mp4.crdownload
2016-09-02 13:13 - 2016-09-02 13:13 - 16270006 _____ C:\Users\User\Downloads\sa-mp-0.3.7-install.exe
2016-09-02 10:54 - 2016-09-02 10:55 - 01380488 _____ C:\Users\User\Downloads\v86938554s4920e5820.mp4.sfk
2016-09-02 10:49 - 2016-09-02 10:52 - 273368951 _____ C:\Users\User\Downloads\v86938554s4920e5820.mp4
2016-09-02 10:21 - 2016-09-02 10:22 - 00193344 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC].mp4.sfk
2016-09-02 10:13 - 2016-09-02 10:13 - 30863440 _____ C:\Users\User\Downloads\MONEY EDITORS Collab [DESC].mp4
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignac9e74e43fbc813f
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign5d1028e91abf692c
2016-09-01 22:46 - 2016-09-01 22:46 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign17199c40ab8592c7
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc68a984752df29a1
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign6656c8549d066753
2016-09-01 22:44 - 2016-09-01 22:44 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsign4cc9f47e511905c6
2016-09-01 19:13 - 2016-09-01 22:53 - 00013400 _____ C:\Users\User\Documents\adadweaweaw.veg
2016-09-01 19:13 - 2016-09-01 19:46 - 00061328 _____ C:\Users\User\Documents\adadweaweaw.veg.bak
2016-09-01 14:23 - 2016-09-01 14:30 - 00004960 _____ C:\Users\User\Downloads\Overlay   Data Glitch.mp4.sfk
2016-09-01 14:22 - 2016-09-01 14:22 - 00136070 _____ C:\Users\User\Downloads\Overlay   Data Glitch.mp4
2016-09-01 13:54 - 2016-09-01 13:54 - 12345499 _____ C:\Users\User\Downloads\700 Гледания на едит -О.mp4
2016-09-01 13:54 - 2016-09-01 13:54 - 00070016 _____ C:\Users\User\Downloads\700 Гледания на едит -О.mp4.sfk
2016-09-01 12:26 - 2016-09-01 12:27 - 00013888 _____ C:\Users\User\Downloads\Suck My Dick Haters.mp4.sfk
2016-09-01 12:26 - 2016-09-01 12:26 - 01859054 _____ C:\Users\User\Downloads\Suck My Dick Haters.mp4
2016-09-01 12:22 - 2016-09-01 12:23 - 00017952 _____ C:\Users\User\Downloads\Goodbye Intro Template +Free Download.mp4.sfk
2016-09-01 12:22 - 2016-09-01 12:22 - 01664840 _____ C:\Users\User\Downloads\Goodbye Intro Template +Free Download.mp4
2016-09-01 12:13 - 2016-09-01 12:15 - 127743640 _____ C:\Users\User\Downloads\Epic Sync Intro Template #340.zip
2016-09-01 12:05 - 2016-09-01 15:19 - 01759440 _____ C:\Users\User\Documents\random.veg
2016-09-01 12:05 - 2016-09-01 14:21 - 00141880 _____ C:\Users\User\Documents\random.veg.bak
2016-09-01 12:05 - 2016-09-01 12:05 - 07240075 _____ C:\Users\User\Downloads\Kraddy - Android Porn  ORIGINAL.mp4
2016-09-01 12:05 - 2016-09-01 12:05 - 00391744 _____ C:\Users\User\Downloads\Kraddy - Android Porn  ORIGINAL.mp4.sfk
2016-08-31 21:32 - 2016-08-31 22:01 - 314459161 _____ C:\Users\User\Downloads\Gran Turismo 4 (Europe, Australia) (En,Fr,De,Es,It).7z
2016-08-31 19:36 - 2016-08-31 19:36 - 00028235 _____ C:\Users\User\Downloads\AntiJoinBot.jar
2016-08-31 18:25 - 2016-09-27 23:08 - 00000000 ____D C:\ProgramData\rgt
2016-08-31 18:25 - 2015-12-03 12:57 - 13005824 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll
2016-08-31 18:25 - 2015-12-03 12:57 - 05640704 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll
2016-08-31 18:24 - 2016-08-31 18:24 - 534572732 _____ (Red Giant, LLC ) C:\Users\User\Downloads\Universe Setup 1.6 CE.exe
2016-08-31 18:24 - 2016-08-31 18:24 - 00000000 ____D C:\Program Files\Red Giant
2016-08-31 18:23 - 2016-08-31 18:23 - 00000212 _____ C:\Users\User\Downloads\VR.nfo
2016-08-31 13:46 - 2016-09-04 08:44 - 17711384 _____ C:\Users\User\Documents\PLS.veg
2016-08-31 13:46 - 2016-09-04 08:42 - 17361016 _____ C:\Users\User\Documents\PLS.veg.bak
2016-08-31 13:29 - 2016-08-31 13:29 - 09482118 _____ C:\Users\User\Downloads\High..mp4
2016-08-31 13:29 - 2016-08-31 13:29 - 00055168 _____ C:\Users\User\Downloads\High..mp4.sfk
2016-08-31 13:15 - 2016-08-31 13:27 - 00307680 _____ C:\Users\User\Downloads\Ludacris - Move Bitch (Styles&Complete Remix) [Crunkstep].mp4.sfk
2016-08-31 13:14 - 2016-08-31 13:15 - 03585625 _____ C:\Users\User\Downloads\videoplayback (1).m4a
2016-08-31 13:14 - 2016-08-31 13:14 - 28549642 _____ C:\Users\User\Downloads\Ludacris - Move Bitch (Styles&Complete Remix) [Crunkstep].mp4
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignf8efacba68bce089
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignc111446a944f2b10
2016-08-31 12:06 - 2016-08-31 12:06 - 00000000 ____D C:\Users\User\AppData\Local\Tempzxpsignb9672083ecab538a
2016-08-31 11:02 - 2016-08-31 12:59 - 00146848 _____ C:\Users\User\Downloads\glue70 - Casin.mp4.sfk
2016-08-31 11:02 - 2016-08-31 11:02 - 26058719 _____ C:\Users\User\Downloads\glue70 - Casin.mp4
2016-08-30 22:30 - 2016-08-30 22:30 - 00766784 _____ C:\Users\User\Downloads\Майнкрафт - TNT и лава.mp4.sfk
2016-08-30 22:30 - 2016-08-30 22:30 - 00129493 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (2).mp4
2016-08-30 22:29 - 2016-08-30 22:30 - 160484705 _____ C:\Users\User\Downloads\Майнкрафт - TNT и лава.mp4
2016-08-30 22:15 - 2016-08-30 22:17 - 00006960 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (1).mp4.sfk
2016-08-30 22:15 - 2016-08-30 22:15 - 00129493 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ) (1).mp4
2016-08-30 22:12 - 2016-08-30 22:12 - 00027656 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ).mp4.sfk
2016-08-30 22:11 - 2016-08-30 22:12 - 04782127 _____ C:\Users\User\Downloads\НАЙ-ДОБРИЯТ ПРОФЕСОР(РАНТ).mp4
2016-08-30 22:02 - 2016-08-30 22:59 - 00155368 _____ C:\Users\User\Documents\ANTA.veg
2016-08-30 22:02 - 2016-08-30 22:56 - 00153416 _____ C:\Users\User\Documents\ANTA.veg.bak
2016-08-30 21:37 - 2016-08-30 21:39 - 00610784 _____ C:\Users\User\Downloads\Заглавие.mp4.sfk
2016-08-30 21:36 - 2016-08-30 21:37 - 115126176 _____ C:\Users\User\Downloads\Заглавие.mp4
2016-08-30 21:31 - 2016-08-30 21:32 - 00124352 _____ C:\Users\User\Downloads\КАЧИХ СЕ ВЪРХУ БАЛОНА.mp4.sfk
2016-08-30 21:31 - 2016-08-30 21:31 - 06357686 _____ C:\Users\User\Downloads\КАЧИХ СЕ ВЪРХУ БАЛОНА.mp4
2016-08-30 21:04 - 2016-08-30 21:05 - 00468224 _____ C:\Users\User\Downloads\SHE DID WHAT....mp4.sfk
2016-08-30 21:03 - 2016-08-30 21:03 - 68225857 _____ C:\Users\User\Downloads\SHE DID WHAT....mp4
2016-08-30 21:01 - 2016-08-30 21:02 - 01353184 _____ C:\Users\User\Downloads\videoplayback (1).mp4.sfk
2016-08-30 21:00 - 2016-08-30 21:01 - 197553588 _____ C:\Users\User\Downloads\videoplayback (1).mp4
2016-08-30 17:19 - 2016-08-30 17:20 - 00008360 _____ C:\Users\User\Downloads\Ultimate Cat Vines Compilation #1 - October 2015.mp4.sfk
2016-08-30 17:19 - 2016-08-30 17:19 - 00337411 _____ C:\Users\User\Downloads\Ultimate Cat Vines Compilation #1 - October 2015.mp4
2016-08-30 17:13 - 2016-08-30 17:17 - 00008344 _____ C:\Users\User\Downloads\Funny Cat Videos - Cat Vines Compilation.mp4.sfk
2016-08-30 17:13 - 2016-08-30 17:13 - 00318241 _____ C:\Users\User\Downloads\Funny Cat Videos - Cat Vines Compilation.mp4
2016-08-30 17:09 - 2016-08-30 17:10 - 00016616 _____ C:\Users\User\Downloads\Funny Cats Compilation [Most See] Funny Cat Videos Ever Part 1.mp4.sfk
2016-08-30 17:08 - 2016-08-30 17:08 - 01751146 _____ C:\Users\User\Downloads\Funny Cats Compilation [Most See] Funny Cat Videos Ever Part 1.mp4
2016-08-30 13:10 - 2016-08-30 15:22 - 00295824 _____ C:\Users\User\Documents\swagger crew.veg
2016-08-30 13:10 - 2016-08-30 15:21 - 00295424 _____ C:\Users\User\Documents\swagger crew.veg.bak
2016-08-30 12:32 - 2016-08-30 12:33 - 00050208 _____ C:\Users\User\Downloads\Daydreamer [2K].mp4.sfk
2016-08-30 12:32 - 2016-08-30 12:32 - 09770438 _____ C:\Users\User\Downloads\Daydreamer [2K].mp4
2016-08-30 10:48 - 2016-08-30 10:48 - 23720528 _____ C:\Users\User\Downloads\Plugin Pack - SKYWARS (HYPIXEL).rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-28 07:13 - 2016-07-16 09:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-28 07:13 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-28 07:06 - 2016-07-12 19:52 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-28 07:06 - 2016-07-12 13:55 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-09-27 23:07 - 2016-07-28 18:06 - 00000000 ____D C:\Users\User\Documents\My Cheat Tables
2016-09-27 23:07 - 2016-07-15 20:31 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2016-09-27 23:07 - 2016-07-12 13:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-09-27 22:38 - 2016-07-12 18:42 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2016-09-27 14:56 - 2016-07-17 20:03 - 00000000 ____D C:\Users\User\Downloads\Counter-Strike Global Offensive v1.35.1.6
2016-09-27 07:49 - 2016-07-16 09:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-27 07:15 - 2016-07-13 11:42 - 00000000 ____D C:\Users\User\AppData\Roaming\OBS
2016-09-26 23:17 - 2016-07-12 13:23 - 00974994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-26 23:09 - 2016-07-16 04:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-26 23:09 - 2015-10-30 05:24 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-26 23:00 - 2016-07-29 11:26 - 00000000 ____D C:\Users\User\AppData\Roaming\obs-studio
2016-09-26 19:38 - 2016-07-12 13:19 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2016-09-26 16:33 - 2016-07-12 13:41 - 00000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2016-09-25 22:27 - 2016-07-13 11:41 - 00000000 ____D C:\Program Files\OBS
2016-09-24 23:13 - 2016-07-16 09:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-24 22:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Branding
2016-09-24 22:26 - 2016-08-17 15:57 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Global Offensive
2016-09-24 12:17 - 2016-07-14 18:19 - 00000000 ____D C:\Users\User\Desktop\Render
2016-09-24 10:02 - 2016-07-12 13:24 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-09-24 08:39 - 2016-07-12 13:39 - 00000000 ____D C:\ProgramData\Skype
2016-09-23 19:23 - 2016-07-12 18:44 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-23 19:23 - 2016-07-12 18:44 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2016-09-23 19:23 - 2016-07-12 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-23 19:22 - 2016-07-12 18:44 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-23 17:15 - 2016-07-20 09:03 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-09-23 17:14 - 2016-08-12 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\discord
2016-09-23 17:05 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\SystemApps
2016-09-23 08:51 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-23 08:49 - 2016-07-26 19:29 - 00024152 _____ C:\Users\User\Documents\intro.veg
2016-09-23 08:48 - 2016-07-26 19:29 - 00020464 _____ C:\Users\User\Documents\intro.veg.bak
2016-09-22 22:45 - 2016-07-12 13:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2016-09-21 18:56 - 2016-07-28 17:59 - 00000000 ____D C:\Users\User\Documents\My Games
2016-09-21 17:57 - 2016-07-13 18:52 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 17:49 - 2016-07-12 14:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-21 16:37 - 2016-07-14 18:03 - 00000000 ____D C:\Users\User\Documents\OFX Presets
2016-09-21 15:45 - 2016-07-12 21:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-21 08:07 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-21 08:02 - 2016-02-13 11:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-20 23:03 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-20 23:02 - 2016-07-16 12:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-20 23:02 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-20 23:02 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-20 21:34 - 2016-07-22 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\MPC-HC
2016-09-20 21:29 - 2016-07-18 13:55 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-09-20 13:32 - 2016-07-12 13:21 - 00002360 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-20 13:32 - 2016-07-12 13:21 - 00000000 ___RD C:\Users\User\OneDrive
2016-09-20 13:29 - 2016-07-12 20:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BACL SpeechLab 2.0
2016-09-20 13:27 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-20 13:26 - 2016-07-16 09:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-20 13:25 - 2016-07-16 12:15 - 00000000 ____D C:\WINDOWS\OCR
2016-09-20 07:48 - 2016-07-16 04:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-20 07:46 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-20 07:46 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-20 07:46 - 2015-10-30 05:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-20 07:42 - 2016-07-16 09:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-20 07:38 - 2016-08-24 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-09-20 07:38 - 2016-08-19 20:43 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2016-09-20 07:38 - 2016-08-17 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2016-09-20 07:38 - 2016-08-16 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-09-20 07:38 - 2016-08-05 12:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-09-20 07:38 - 2016-08-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2016-09-20 07:38 - 2016-07-29 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-09-20 07:38 - 2016-07-28 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
2016-09-20 07:38 - 2016-07-20 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
2016-09-20 07:38 - 2016-07-19 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
2016-09-20 07:38 - 2016-07-18 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReelSmart Motion Blur 4, After Effects-compatible plugin set
2016-09-20 07:38 - 2016-07-15 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-09-20 07:38 - 2016-07-13 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2016-09-20 07:38 - 2016-07-13 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-09-20 07:38 - 2016-07-13 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX
2016-09-20 07:38 - 2016-07-12 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-09-20 07:38 - 2016-07-12 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-20 07:38 - 2016-07-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-09-20 07:38 - 2016-07-12 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-09-20 07:38 - 2016-07-12 13:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-20 07:38 - 2016-07-12 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-20 07:38 - 2016-07-12 13:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-09-20 07:38 - 2016-02-13 11:04 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-20 07:36 - 2015-10-30 04:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-20 07:35 - 2016-08-10 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2016-09-20 07:35 - 2016-07-20 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-09-20 07:35 - 2016-07-16 09:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-20 07:35 - 2016-07-12 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-09-20 07:34 - 2016-08-12 18:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-09-20 07:32 - 2016-07-16 04:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-20 07:30 - 2016-07-16 12:31 - 00000000 ____D C:\Users\User\Desktop\ContactSupport_cw5n1h2txyewy
2016-09-20 07:30 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-20 07:30 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-19 23:01 - 2016-07-16 13:17 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-19 22:55 - 2016-07-12 21:40 - 00000418 _____ C:\WINDOWS\Tasks\update-sys.job
2016-09-19 22:52 - 2016-07-12 13:41 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-19 22:08 - 2016-07-12 13:41 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-19 21:55 - 2016-07-12 21:40 - 00000418 _____ C:\WINDOWS\Tasks\update-S-1-5-21-691218479-2863476526-4080224816-1001.job
2016-09-19 21:22 - 2016-08-10 15:47 - 00000000 ____D C:\Program Files\NewBlue
2016-09-19 21:22 - 2016-08-10 15:47 - 00000000 ____D C:\Program Files (x86)\NewBlue
2016-09-19 21:17 - 2016-07-15 10:41 - 111866238 _____ C:\Users\User\Downloads\NewBlue Cracks.rar
2016-09-19 06:58 - 2016-08-16 12:19 - 00000000 ____D C:\Users\User\AppData\Local\ManyCam
2016-09-14 22:32 - 2016-07-12 13:55 - 291640437 _____ C:\Users\User\Downloads\VGA(v15.40.10.64.4300).zip
2016-09-14 22:16 - 2016-07-23 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2016-09-14 22:16 - 2016-07-12 13:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-14 10:50 - 2016-07-12 18:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 10:45 - 2016-07-12 18:02 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-09 19:57 - 2016-07-12 21:47 - 00000000 ____D C:\Users\User\Documents\Lightshot
2016-09-08 06:54 - 2016-07-12 13:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-07 14:32 - 2016-07-16 09:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 14:32 - 2016-07-16 09:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-03 11:54 - 2016-08-24 22:57 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-09-02 13:31 - 2016-07-18 16:00 - 00000000 ____D C:\Users\User\Desktop\Braz HDRI + MaterialPack V.2_
2016-08-30 18:00 - 2016-08-13 10:59 - 00000000 ____D C:\Users\User\AppData\Local\TotalVPN

==================== Files in the root of some directories =======

2016-07-23 21:21 - 2016-07-23 21:21 - 20982175 _____ () C:\Users\User\AppData\Roaming\xulrunner.zip
2016-08-04 19:16 - 2016-08-04 19:16 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-07-23 21:50 - 2016-08-03 18:43 - 0007628 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2016-07-12 21:40 - 2016-07-12 21:40 - 0000003 _____ () C:\Users\User\AppData\Local\updater.log
2016-07-12 21:40 - 2016-07-12 21:40 - 0000424 _____ () C:\Users\User\AppData\Local\UserProducts.xml

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

Link to post
Share on other sites