Jump to content

Another NanoCore victim

Heisenberg

By Heisenberg
in Resolved Malware Removal Logs

 Share

Recommended Posts

Heisenberg

Heisenberg

Posted
Posted

Dear all,


It seems I have picked up a nasty NanaCore virus and also keep getting the "Do you want to install NanoCore?" dialog.


I looked into it and it seems NanoCore is a commercially available virus/RAT.


I have run Bitdefender and it picked up nothing. I ran Malwarebytes and that picked up two trojans which I deleted. However, this dubious prompt is still coming up.


The dialog seems to be triggered by RegSvcs.exe in C:\Windows\Microsoft.NET\Framework\v4.0.30319\

I will post my FRST result below.


Any help would be seriously appreciated.
 
Thanks.

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted

FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Jason (administrator) on DESKTOP-7DO5G64 (09-12-2016 17:19:32)
Running from C:\Users\Jason\Desktop
Loaded Profiles: Jason (Available Profiles: Jason)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Side Effects Software Inc.) C:\Windows\System32\hserver.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Reprise Software Inc.) C:\Program Files\Next Limit\RealFlow 2015\rlm\rlm.exe
(Side Effects Software Inc.) C:\Windows\System32\sesinetd.exe
(Reprise Software Inc.) C:\Program Files\Next Limit\RealFlow 2015\rlm\rlm.exe
(Reprise Software Inc.) C:\Program Files (x86)\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Reprise Software Inc.) C:\Program Files (x86)\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16102.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Users\Jason\AppData\Local\Temp\66A2FEA1-51E6-47EA-A7B9-A5E13F0ABAFB\DismHost.exe
(Microsoft Corporation) C:\Users\Jason\AppData\Local\Temp\5C22429A-FF15-4023-BFF6-1D8475503FDD\DismHost.exe
(Microsoft Corporation) C:\Users\Jason\AppData\Local\Temp\C3A0FAE0-14AE-4F88-819D-578EA92FDF9D\DismHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1868472 2016-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKU\S-1-5-21-3557252084-2468944355-21857965-1001\...\Run: [EPSON Stylus SX400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f5a363ae-2735-405e-af18-9e523fc75071}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-10-27] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-10-27] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2016-10-27] (Bitdefender)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2016-10-27] (Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-08-16] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2016-10-28]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-10-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-10-23]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default [2016-12-09]
CHR Extension: (Google Slides) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-20]
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-20]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-20]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-20]
CHR Extension: (Google Sheets) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-20]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-20]
CHR Extension: (Chrome Media Router) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2016-10-06] (Bitdefender)
S2 Foundry FLEXlm Server; C:\Program Files (x86)\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [1392016 2012-10-30] (Acresso Software Inc.)
R2 Foundry License Server; C:\Program Files (x86)\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [1474560 2016-05-21] (Reprise Software Inc.) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-06-02] (SafeNet Inc.)
R2 HoudiniLicenseServer; C:\Windows\system32\sesinetd.exe [7684608 2016-11-29] (Side Effects Software Inc.) [File not signed]
R2 HoudiniServer; C:\Windows\system32\hserver.exe [3161600 2016-05-18] (Side Effects Software Inc.) [File not signed]
U4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 RLM_RF; C:\Program Files\Next Limit\RealFlow 2015\rlm\rlm.exe [2123264 2015-08-13] (Reprise Software Inc.) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [216368 2016-12-08] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1307344 2016-12-08] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1605376 2016-10-27] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-10-27] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182944 2016-11-17] (BitDefender LLC)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-06-02] (SafeNet Inc.)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [300840 2016-08-11] (Bitdefender)
R4 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-08] (Malwarebytes)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-12-08] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-09 17:19 - 2016-12-09 17:20 - 00020212 _____ C:\Users\Jason\Desktop\FRST.txt
2016-12-09 17:19 - 2016-12-09 17:19 - 00000000 ____D C:\FRST
2016-12-09 17:11 - 2016-12-09 17:11 - 06692016 _____ C:\Users\Jason\Desktop\FixDotNet20161209171021971.cab
2016-12-09 17:11 - 2016-12-09 17:11 - 00889416 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\dotNetFx40_Full_setup.exe
2016-12-09 17:09 - 2016-12-09 17:11 - 00000000 ____D C:\66e72ee2bd39e7d433db66e6a91a09
2016-12-09 17:09 - 2016-12-09 17:09 - 01274552 _____ (Microsoft Corporation) C:\Users\Jason\Downloads\NetFxRepairTool.exe
2016-12-09 17:06 - 2016-12-09 17:16 - 00001170 _____ C:\FilExile_log.txt
2016-12-09 17:05 - 2016-12-09 17:05 - 00001160 _____ C:\Users\Jason\Desktop\FilExile.lnk
2016-12-09 17:05 - 2016-12-09 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\FilExile
2016-12-09 17:05 - 2016-12-09 17:05 - 00000000 ____D C:\Program Files (x86)\FilExile
2016-12-09 17:04 - 2016-12-09 17:04 - 01332963 _____ (FilExile Team ) C:\Users\Jason\Downloads\FilExilev2.00_Setup.exe
2016-12-09 16:55 - 2016-12-09 17:18 - 02420224 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2016-12-09 12:52 - 2016-12-09 12:52 - 00584025 _____ C:\Users\Jason\Desktop\bdsyslog.zip
2016-12-09 12:23 - 2016-12-09 12:23 - 06590976 _____ (Bitdefender S.R.L) C:\Users\Jason\Downloads\BDSysLog_i.exe
2016-12-08 22:48 - 2016-12-09 03:43 - 00208818 _____ C:\Windows\ntbtlog.txt
2016-12-08 22:48 - 2016-12-08 23:19 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2016-12-08 21:44 - 2016-12-08 21:44 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-08 21:43 - 2016-12-08 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-08 21:43 - 2016-12-08 21:43 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-08 21:36 - 2016-12-08 21:42 - 51969976 _____ (Malwarebytes ) C:\Users\Jason\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-08 21:04 - 2016-12-08 21:06 - 00000000 ____D C:\Users\Jason\Downloads\Camtasia Studio
2016-12-08 20:50 - 2016-12-08 21:07 - 00000000 ____D C:\Users\Jason\Documents\Camtasia Studio
2016-12-08 20:50 - 2016-12-08 20:50 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TechSmith
2016-12-08 20:50 - 2016-12-08 20:50 - 00000000 ____D C:\Users\Jason\AppData\Local\TechSmith
2016-12-08 20:39 - 2016-12-08 20:39 - 00001150 _____ C:\Users\Public\Desktop\Camtasia 9.lnk
2016-12-08 20:39 - 2016-12-08 20:39 - 00000000 ____D C:\ProgramData\TechSmith
2016-12-08 20:39 - 2016-12-08 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-12-08 20:39 - 2016-12-08 20:39 - 00000000 ____D C:\Program Files\TechSmith
2016-12-08 20:30 - 2016-12-08 20:30 - 00003656 _____ C:\Windows\System32\Tasks\cfdrp
2016-12-08 20:30 - 2016-12-08 20:30 - 00000000 __SHD C:\Users\Jason\cfdrp
2016-12-08 20:30 - 2015-10-30 07:19 - 00045216 ___SH (Microsoft Corporation) C:\Users\Jason\RegSvcs.exe
2016-12-06 21:30 - 2016-12-06 21:30 - 00000071 _____ C:\Users\Jason\Desktop\(3) ESA DLA-PIP Info-Support Group.url
2016-12-06 21:26 - 2016-12-06 21:26 - 04468879 _____ C:\Users\Jason\Desktop\wca-handbook-july-2016.pdf
2016-12-06 21:26 - 2016-12-06 21:26 - 00119012 _____ C:\Users\Jason\Desktop\Disputing-an-Employment-and-Support-Allowance-decision-wrag-to-support-group.pdf
2016-12-06 20:25 - 2016-12-06 20:27 - 00000000 ____D C:\Users\Jason\Downloads\creative shrimp_space vfx
2016-12-06 20:25 - 2016-12-06 20:25 - 00269200 _____ C:\Users\Jason\Downloads\Creativeshrimp_Space VFX.torrent
2016-12-06 14:14 - 2016-12-06 14:14 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2016-12-06 14:14 - 2016-12-06 14:14 - 00000000 ____D C:\Users\Jason\.thumbnails
2016-12-06 14:14 - 2016-12-06 14:14 - 00000000 ____D C:\Program Files\Blender Foundation
2016-12-05 23:57 - 2016-12-05 23:57 - 01238528 _____ (Microsoft Corporation) C:\Users\Jason\AppData\Roaming\Local service.exe
2016-12-04 19:39 - 2016-12-04 19:39 - 00041891 _____ C:\Users\Jason\Downloads\skinplus.mi
2016-12-04 19:37 - 2016-12-04 19:37 - 00000000 ____D C:\Users\Jason\Desktop\troll_3dsmax
 
2016-12-04 02:09 - 2016-12-04 02:21 - 960198527 ____R C:\Users\Jason\Downloads\ITV.How.To.Remember.Everything.720p.HDTV.x264.AAC.MVGroup.org.mp4
2016-12-04 02:09 - 2016-12-04 02:09 - 00018890 _____ C:\Users\Jason\Downloads\ITV.How.To.Remember.Everything.720p.HDTV.x264.AAC.MVGroup.org.mp4-[rarbg.com].torrent
2016-12-03 20:16 - 2016-12-03 20:16 - 00000000 ____D C:\Users\Jason\Documents\realflow_cinema4d
2016-12-03 19:44 - 2016-12-03 19:44 - 80994185 ____R C:\Users\Jason\Downloads\Silhouettefx.Silhouette.v6.0.CE.rar
2016-12-03 19:24 - 2016-12-03 19:24 - 00000000 ____D C:\Users\Jason\AppData\Roaming\RealFlow
2016-12-03 19:19 - 2016-12-03 19:19 - 00001023 _____ C:\Users\Jason\Desktop\RealFlow 10.lnk
2016-12-02 11:35 - 2016-12-02 11:35 - 00000088 _____ C:\Users\Jason\Desktop\GMC - Communicating information.url
2016-12-02 00:46 - 2016-12-02 00:48 - 00000000 ____D C:\Users\Jason\Desktop\Zbrush Starter Kit
2016-12-01 18:35 - 2016-12-01 18:35 - 01966505 _____ C:\Users\Jason\Desktop\ESA113.pdf
2016-12-01 14:24 - 2016-12-01 14:24 - 30089208 ____R C:\Users\Jason\Downloads\3D Artist - Issue 101 2016.pdf
2016-11-30 18:55 - 2016-11-30 18:55 - 00000000 ____D C:\Windows\keys
2016-11-30 18:45 - 2016-11-30 18:59 - 00000000 ____D C:\Users\Jason\Documents\houdini15.5
2016-11-30 18:42 - 2016-11-30 18:42 - 00001162 _____ C:\Users\Public\Desktop\Houdini FX 15.5.480.lnk
2016-11-30 18:42 - 2016-11-30 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Side Effects Software
2016-11-30 18:36 - 2016-11-30 18:36 - 00000000 ____D C:\Program Files\Side Effects Software
2016-11-30 18:21 - 2016-11-30 18:21 - 00326955 _____ C:\Users\Jason\Desktop\Authority.pdf
2016-11-30 12:54 - 2016-11-30 12:54 - 34874855 ____R C:\Users\Jason\Downloads\3D World - January 2017.pdf
2016-11-29 19:33 - 2016-11-29 19:33 - 00000000 ____D C:\Users\Jason\Documents\World Machine Documents
2016-11-29 19:33 - 2016-11-29 19:33 - 00000000 ____D C:\Users\Jason\AppData\Roaming\World Machine 2.2 Professional
2016-11-29 19:32 - 2016-11-29 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World Machine 2 Professional Edition
2016-11-29 19:32 - 2016-11-29 19:32 - 00000000 ____D C:\Program Files (x86)\World Machine 2 Professional
2016-11-29 19:26 - 2016-11-29 19:26 - 00052185 _____ C:\Windows\RFC4DPluginUninstall.exe
2016-11-29 19:19 - 2016-11-29 19:19 - 00000000 ____D C:\Users\Jason\Downloads\VA - UK Top 40 Singles Chart The Official 28 October 2016 [Mp3~320kbps]
2016-11-29 19:17 - 2016-11-29 19:20 - 00000000 ____D C:\Users\Jason\Downloads\A Tribe Called Quest - We got it from Here... (2016) 320
2016-11-29 19:16 - 2016-11-29 19:16 - 00000000 ____D C:\Users\Jason\Downloads\Alicia Keys - HERE (2016) [WEB 320]
2016-11-29 18:45 - 2016-11-29 18:45 - 00000000 ____D C:\Users\Jason\AppData\Local\lightmap
2016-11-29 18:40 - 2016-11-29 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightmap
2016-11-29 18:39 - 2016-11-29 18:39 - 00000000 ____D C:\Program Files\Lightmap
2016-11-29 17:56 - 2016-11-29 17:56 - 00001249 _____ C:\Users\Jason\Desktop\Megascans Studio.lnk
2016-11-29 17:49 - 2016-11-29 18:00 - 00000000 ____D C:\Users\Jason\Downloads\Megascan
2016-11-26 21:17 - 2016-11-26 21:17 - 00000000 ____D C:\Users\Jason\AppData\Roaming\previewer
2016-11-26 21:16 - 2016-11-26 21:17 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Quixel SUITE
2016-11-26 21:16 - 2016-11-26 21:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Quixel
2016-11-26 20:37 - 2016-11-26 20:37 - 00000000 ____D C:\Users\Jason\AppData\Roaming\MPC-HC
2016-11-26 20:36 - 2016-11-26 20:36 - 00002790 _____ C:\Windows\System32\Tasks\klcp_update
2016-11-26 20:36 - 2016-11-26 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-11-26 20:36 - 2016-11-26 20:36 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-11-26 20:32 - 2016-11-26 20:32 - 14741884 _____ ( ) C:\Users\Jason\Downloads\klcp_update_1261_20161122.exe
2016-11-26 20:02 - 2016-10-29 00:21 - 00001179 _____ C:\Users\Jason\Desktop\Substance Painter 2.lnk
2016-11-26 19:39 - 2016-11-26 19:40 - 00000000 ____D C:\Users\Jason\Desktop\Website Templates
2016-11-26 14:48 - 2016-11-26 14:48 - 00000153 _____ C:\Users\Jason\Desktop\Dreamcatcher Luxury Fleece Heated Washable Electric Blanket Throw, Chocolate Brown, Large Overblanket 160 x 120cm, Timer, 9 Control Settings- Amazon.co.uk- Kitchen & Home.url
2016-11-26 14:35 - 2016-11-26 14:35 - 00000140 _____ C:\Users\Jason\Desktop\Velvety Heated Throw - Costs 1p to run for 7h! (135x180cm) With Auto Shut-Off- Amazon.co.uk- Kitchen & Home.url
2016-11-26 12:53 - 2016-11-26 12:53 - 00036126 _____ C:\Users\Jason\Desktop\Letter to Dr John Park - 26 November 2016.pdf
2016-11-25 10:19 - 2016-11-25 10:19 - 00065647 _____ C:\Users\Jason\Downloads\356415909865_3564120000_20161124_bill_222.pdf
2016-11-23 23:51 - 2016-11-23 23:51 - 00679764 _____ C:\Users\Jason\Desktop\Assessment Request.pdf
2016-11-23 20:23 - 2016-11-23 20:23 - 00485415 _____ C:\Users\Jason\Desktop\Letter from the Waterfield Practice - 16 November 2016.pdf
2016-11-23 16:36 - 2016-11-23 16:36 - 22867183 _____ C:\Users\Jason\Downloads\PMQs 23 November 2016 - HD.mp4
2016-11-22 22:16 - 2016-11-22 22:16 - 00000077 _____ C:\Users\Jason\Desktop\Best Portfolio Websites - Web Design Inspiration.url
2016-11-21 12:27 - 2016-11-29 18:40 - 00000000 ____D C:\rlm
2016-11-21 12:23 - 2016-11-21 12:23 - 00000000 ____D C:\Program Files\JoeAlter
2016-11-20 11:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-11-20 11:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-11-20 11:22 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-11-20 11:22 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-11-20 11:22 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-11-20 11:22 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-11-20 11:22 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-11-20 11:22 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-11-20 11:22 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-11-20 11:22 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-11-20 11:22 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-11-20 11:22 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-11-20 11:22 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-11-20 11:22 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-11-20 11:22 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-11-20 11:22 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-11-20 11:22 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-11-20 11:22 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-11-20 11:22 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-11-20 11:22 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-11-20 11:22 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-11-20 11:22 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-11-20 11:22 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-11-20 11:22 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-11-20 11:22 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-11-20 11:22 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-11-20 11:22 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-11-20 11:22 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-11-20 11:22 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-11-20 11:22 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-11-20 11:22 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-11-20 11:22 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-11-20 11:22 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-11-20 11:22 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-11-20 11:21 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-11-20 11:21 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-11-20 11:21 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-11-20 11:21 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-11-20 11:21 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-11-20 11:21 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-11-20 11:21 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-11-20 11:21 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-11-20 11:21 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-11-20 11:21 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-11-20 11:21 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-11-20 11:21 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-11-20 11:21 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-11-20 11:21 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-11-20 11:21 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-11-20 11:21 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-11-20 11:21 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-11-20 11:21 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-11-20 11:21 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-11-20 11:21 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-11-20 11:21 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-11-20 11:21 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-11-20 11:21 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-11-20 11:21 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-11-20 11:21 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-11-20 11:21 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-11-20 11:21 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-11-20 11:21 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-11-20 11:21 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-11-20 11:21 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-11-20 11:21 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-11-20 11:21 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-11-20 11:21 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-11-20 11:21 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-11-20 11:21 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-11-20 11:21 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-11-20 11:21 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-11-20 11:21 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-11-20 11:21 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-11-20 11:21 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-11-20 11:21 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-11-20 11:21 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-11-20 11:21 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-11-20 11:21 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-11-20 11:21 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-11-20 11:21 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-11-20 11:21 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-11-20 11:21 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-11-20 11:21 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-11-20 11:21 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-11-20 11:21 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-11-20 11:21 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-11-20 11:21 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-11-20 11:21 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-11-20 11:21 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-11-20 11:21 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-11-20 11:21 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-11-20 11:21 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-11-20 11:21 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-11-20 11:21 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-11-20 11:21 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-11-20 11:21 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-11-20 11:21 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-11-20 11:21 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-11-20 11:21 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-11-20 11:21 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-11-20 11:21 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-11-20 11:21 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-11-20 11:21 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-11-20 11:21 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-11-20 11:21 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-11-20 11:21 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-11-20 11:21 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-11-20 11:21 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-11-20 11:21 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-11-20 11:21 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-11-20 11:21 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-11-20 11:21 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-11-20 11:17 - 2016-11-20 11:17 - 00000973 _____ C:\Users\Jason\Desktop\ShaderMap 3.lnk
2016-11-20 11:17 - 2016-11-20 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShaderMap 3
2016-11-20 11:17 - 2016-11-20 11:17 - 00000000 ____D C:\Program Files\ShaderMap 3
2016-11-20 11:15 - 2016-11-20 11:16 - 00000000 ____D C:\Users\Jason\AppData\Roaming\SM3
2016-11-20 11:15 - 2016-11-20 11:15 - 00000000 ____D C:\Users\Jason\Documents\ShaderMap
2016-11-20 10:58 - 2016-11-20 10:58 - 00002724 _____ C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-11-20 10:57 - 2016-11-22 11:46 - 00000000 ____D C:\Users\Jason\AppData\Roaming\BitTorrent
2016-11-20 10:33 - 2016-11-20 10:33 - 00001206 _____ C:\Users\Public\Desktop\Quixel SUITE 2.0.lnk
2016-11-20 10:33 - 2016-11-20 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quixel SUITE 2.0
2016-11-20 10:28 - 2016-11-20 10:34 - 00000000 ____D C:\Program Files\Quixel SUITE 2.0
2016-11-20 09:51 - 2016-11-26 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Anarchy
2016-11-20 09:51 - 2016-11-26 14:40 - 00000000 ____D C:\ProgramData\Digital Anarchy
2016-11-20 02:32 - 2015-10-30 07:18 - 00001134 _____ C:\Users\Jason\Desktop\Snipping Tool.lnk
2016-11-18 15:14 - 2016-11-18 15:14 - 00040026 _____ C:\ProgramData\dm.1479482036.bdinstall.bin
2016-11-18 15:13 - 2016-11-18 15:13 - 00028189 _____ C:\ProgramData\agent.1479482019.bdinstall.bin
2016-11-18 14:54 - 2016-11-20 02:52 - 00000000 ____D C:\Users\Jason\Desktop\StopESACut
2016-11-18 10:59 - 2016-11-26 23:41 - 00000000 ____D C:\Users\Jason\Desktop\Sample Projects
2016-11-18 09:52 - 2016-11-18 09:52 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MtoA 1.2.6.0 Maya 2016
2016-11-18 09:52 - 2016-11-18 09:52 - 00000000 ____D C:\solidangle
2016-11-18 09:37 - 2016-11-18 09:37 - 00000000 ____D C:\Users\Jason\Documents\Letter to Dr John Park - 6 November 2016
2016-11-18 07:30 - 2016-11-18 07:30 - 00000000 ____D C:\Users\Jason\Documents\Knald Technologies
2016-11-18 07:30 - 2016-11-18 07:30 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Knald Technologies
2016-11-17 00:16 - 2016-11-17 00:16 - 00000073 _____ C:\Users\Jason\Desktop\BBC iPlayer - Watch BBC Parliament live.url
2016-11-15 06:41 - 2016-11-13 04:06 - 03261761 _____ C:\Users\Jason\Documents\Mandatory Reconsderation - ESA.pdf
2016-11-15 06:39 - 2016-11-15 06:27 - 00001085 _____ C:\Users\Jason\Desktop\Adobe Photoshop CC 2015.lnk
2016-11-15 06:27 - 2016-11-15 06:27 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-11-15 06:23 - 2016-11-15 06:23 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-11-15 05:22 - 2016-11-15 05:29 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Apple Computer
2016-11-15 05:22 - 2016-11-15 05:22 - 00000000 ____D C:\Users\Jason\AppData\Local\Apple Computer
2016-11-15 05:22 - 2016-11-15 05:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-15 05:21 - 2016-11-15 05:22 - 00000000 ____D C:\Program Files\iTunes
2016-11-15 05:21 - 2016-11-15 05:21 - 00000000 ____D C:\ProgramData\Apple Computer
2016-11-15 05:21 - 2016-11-15 05:21 - 00000000 ____D C:\Program Files\iPod
2016-11-15 05:20 - 2016-11-15 05:20 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-11-15 05:20 - 2016-11-15 05:20 - 00000000 ____D C:\Users\Jason\AppData\Local\Apple
2016-11-15 05:20 - 2016-11-15 05:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-15 05:19 - 2016-11-15 05:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-14 05:40 - 2016-12-04 21:57 - 00000000 ____D C:\Users\Jason\Desktop\To watch
2016-11-13 12:01 - 2016-11-13 12:01 - 00860208 _____ C:\Users\Jason\Downloads\pip-assessment-guide.pdf
2016-11-13 11:34 - 2016-11-13 11:34 - 00857192 _____ C:\Users\Jason\Downloads\Personal Independence Payment Factsheet (3).pdf
2016-11-13 11:34 - 2016-11-13 11:34 - 00857192 _____ C:\Users\Jason\Downloads\Personal Independence Payment Factsheet (2).pdf
2016-11-13 00:22 - 2016-11-13 00:22 - 00000000 ____D C:\Users\Jason\AppData\Roaming\EPSON
2016-11-12 10:27 - 2014-06-02 08:47 - 04683144 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe
2016-11-12 10:27 - 2014-06-02 08:47 - 04683144 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe
2016-11-12 10:27 - 2014-06-02 08:47 - 00162264 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys
2016-11-12 10:27 - 2014-06-02 08:47 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys
2016-11-12 10:26 - 2014-06-02 08:47 - 00331608 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys
2016-11-12 10:26 - 2014-06-02 08:47 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2016-11-12 10:25 - 2016-11-12 10:25 - 00000000 ____D C:\Users\Public\Documents\CLO-ENTERPRISE
2016-11-12 04:58 - 2016-11-12 04:58 - 00000000 ____D C:\Users\Jason\Desktop\MaxToC4D
2016-11-12 04:39 - 2016-11-12 04:39 - 00000128 _____ C:\Windows\CTA2PIPEET.BIN
2016-11-12 04:37 - 2016-11-12 04:37 - 00000130 __RSH C:\Windows\CTA2STET.BIN
2016-11-12 04:37 - 2016-11-12 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrazyTalk Animator 2
2016-11-12 04:35 - 2016-11-12 04:35 - 00000000 ____D C:\Program Files (x86)\Reallusion
2016-11-12 04:25 - 2016-11-12 04:25 - 00055173 _____ C:\ProgramData\dm.1478924713.bdinstall.bin
2016-11-12 03:58 - 2016-11-12 04:38 - 00000000 ____D C:\ProgramData\Reallusion
2016-11-12 03:58 - 2016-11-12 03:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion
2016-11-12 03:58 - 2016-11-12 03:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrazyTalk 8
2016-11-12 03:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-12 03:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-11-12 03:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-12 03:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-11-12 03:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-11-12 03:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-11-12 03:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-11-12 03:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-11-12 03:57 - 2016-11-12 03:58 - 00000000 ____D C:\Users\Public\Documents\Reallusion
2016-11-12 03:56 - 2016-11-12 03:56 - 00000000 ____D C:\Program Files\Reallusion
2016-11-12 03:52 - 2016-11-12 03:52 - 00000000 ___SD C:\Users\Jason\Documents\My Shapes
2016-11-12 03:43 - 2016-11-12 03:43 - 00000000 ____D C:\ProgramData\Digieffect
2016-11-12 03:38 - 2016-11-12 03:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Continuum Complete AE 10
2016-11-12 03:38 - 2016-11-12 03:38 - 00000000 ____D C:\Program Files\Boris FX, Inc
2016-11-12 02:41 - 2016-11-12 02:41 - 00000000 ____D C:\Users\Jason\Documents\Mari
2016-11-12 02:41 - 2016-11-12 02:41 - 00000000 ____D C:\Users\Jason\.mari
2016-11-12 02:30 - 2016-11-12 02:30 - 00000000 ____D C:\ProgramData\Macrovision
2016-11-12 02:30 - 2016-11-12 02:30 - 00000000 ____D C:\Program Files (x86)\The Foundry
2016-11-12 02:29 - 2016-11-12 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Foundry
2016-11-12 02:29 - 2016-11-12 02:29 - 00001952 _____ C:\Users\Jason\Desktop\Mari 3.0v3.lnk
2016-11-12 02:27 - 2016-11-12 02:30 - 00000000 ____D C:\ProgramData\The Foundry
2016-11-12 02:27 - 2016-11-12 02:29 - 00000000 ____D C:\Program Files\Mari3.0v3
2016-11-12 02:27 - 2016-11-12 02:27 - 00000000 ____D C:\Program Files\The Foundry
2016-11-12 01:01 - 2016-11-12 00:56 - 00001202 _____ C:\Users\Jason\Desktop\CINEMA 4D R18.lnk
2016-11-11 08:42 - 2016-11-11 08:43 - 45109433 ____R C:\Users\Jason\Downloads\The 3D Art & Design Annual Volume 2, 2016.pdf
2016-11-10 23:02 - 2016-11-10 23:02 - 00269117 _____ C:\Users\Jason\Downloads\11-Mandatory-Recon-sample-letter-PIP.pdf
2016-11-10 23:02 - 2016-11-10 23:02 - 00269117 _____ C:\Users\Jason\Desktop\11-Mandatory-Recon-sample-letter-PIP.pdf
2016-11-10 22:57 - 2016-11-10 22:57 - 00000130 _____ C:\Users\Jason\Desktop\Challenging decisions when you're unhappy - Equal Lives.url
2016-11-10 22:50 - 2016-11-10 22:50 - 00250208 _____ C:\Users\Jason\Downloads\Factsheet-B18-Reconsiderations-and-appeals-2.pdf
2016-11-10 12:33 - 2016-11-10 12:33 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-11-10 12:33 - 2016-11-10 12:33 - 00000000 ____D C:\Windows\system32\BestPractices
2016-11-10 04:33 - 2016-11-10 04:33 - 00013126 _____ C:\Users\Jason\Downloads\request-for-personal-information (1).odt
2016-11-10 04:11 - 2016-11-10 04:11 - 00013126 _____ C:\Users\Jason\Downloads\request-for-personal-information.odt
2016-11-10 04:10 - 2016-11-10 04:10 - 00000051 _____ C:\Users\Jason\Desktop\http---www.youreable.com.url
2016-11-09 23:11 - 2016-11-09 23:11 - 00639188 _____ C:\Users\Jason\Downloads\how_to_win_a_PIP_appeal_final(lo).pdf
2016-11-09 20:08 - 2016-11-18 10:48 - 00000000 ____D C:\Users\Jason\Desktop\PIP Dispute
2016-11-09 13:23 - 2016-11-02 13:32 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 13:23 - 2016-11-02 13:31 - 00546968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-11-09 13:23 - 2016-10-25 09:34 - 00454496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-11-09 13:23 - 2016-10-25 08:32 - 01862000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-11-09 13:23 - 2016-10-25 08:32 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 13:23 - 2016-10-25 08:32 - 00845568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-11-09 13:23 - 2016-10-25 08:32 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2016-11-09 13:23 - 2016-10-25 08:28 - 01083648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2016-11-09 13:23 - 2016-10-25 08:05 - 00712032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 13:23 - 2016-10-25 07:45 - 00032096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-11-09 13:23 - 2016-10-25 07:39 - 00306840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 02180128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 01349632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-11-09 13:23 - 2016-10-25 07:37 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 13:23 - 2016-10-25 07:31 - 01824272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-11-09 13:23 - 2016-10-25 07:31 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 13:23 - 2016-10-25 07:30 - 02938920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 13:23 - 2016-10-25 07:30 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-11-09 13:23 - 2016-10-25 07:27 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-09 13:23 - 2016-10-25 07:27 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-11-09 13:23 - 2016-10-25 07:27 - 00256704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-11-09 13:23 - 2016-10-25 07:26 - 05240952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-11-09 13:23 - 2016-10-25 07:26 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-09 13:23 - 2016-10-25 07:26 - 01355344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-11-09 13:23 - 2016-10-25 07:26 - 00836752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-11-09 13:23 - 2016-10-25 07:26 - 00569752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-11-09 13:23 - 2016-10-25 07:22 - 00268040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-09 13:23 - 2016-10-25 07:19 - 00295776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 13:23 - 2016-10-25 07:18 - 01536088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-09 13:23 - 2016-10-25 06:56 - 02195640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-11-09 13:23 - 2016-10-25 06:56 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2016-11-09 13:23 - 2016-10-25 06:54 - 01522160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-11-09 13:23 - 2016-10-25 06:54 - 00273760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 13:23 - 2016-10-25 06:53 - 01174008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 13:23 - 2016-10-25 06:27 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-11-09 13:23 - 2016-10-25 06:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 13:23 - 2016-10-25 06:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-11-09 13:23 - 2016-10-25 06:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-11-09 13:23 - 2016-10-25 06:08 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-11-09 13:23 - 2016-10-25 06:06 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-11-09 13:23 - 2016-10-25 06:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2016-11-09 13:23 - 2016-10-25 05:51 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2016-11-09 13:23 - 2016-10-25 05:50 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 13:23 - 2016-10-25 05:49 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-11-09 13:23 - 2016-10-25 05:48 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-09 13:23 - 2016-10-25 05:45 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-11-09 13:23 - 2016-10-25 05:45 - 00294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneOm.dll
2016-11-09 13:23 - 2016-10-25 05:44 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 13:23 - 2016-10-25 05:43 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\filemgmt.dll
2016-11-09 13:23 - 2016-10-25 05:42 - 00361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-11-09 13:23 - 2016-10-25 05:41 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-11-09 13:23 - 2016-10-25 05:40 - 01336832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2016-11-09 13:23 - 2016-10-25 05:39 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-09 13:23 - 2016-10-25 05:39 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe
2016-11-09 13:23 - 2016-10-25 05:37 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2016-11-09 13:23 - 2016-10-25 05:37 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-11-09 13:23 - 2016-10-25 05:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-11-09 13:23 - 2016-10-25 05:36 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-11-09 13:23 - 2016-10-25 05:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2016-11-09 13:23 - 2016-10-25 05:35 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-11-09 13:23 - 2016-10-25 05:32 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-11-09 13:23 - 2016-10-25 05:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-11-09 13:23 - 2016-10-25 05:30 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-11-09 13:23 - 2016-10-25 05:29 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-11-09 13:23 - 2016-10-25 05:29 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-11-09 13:23 - 2016-10-25 05:29 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-11-09 13:23 - 2016-10-25 05:28 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-11-09 13:23 - 2016-10-25 05:28 - 00885248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 13:23 - 2016-10-25 05:28 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-11-09 13:23 - 2016-10-25 05:28 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-11-09 13:23 - 2016-10-25 05:28 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-11-09 13:23 - 2016-10-25 05:27 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-11-09 13:23 - 2016-10-25 05:26 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-11-09 13:23 - 2016-10-25 05:25 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2016-11-09 13:23 - 2016-10-25 05:25 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-11-09 13:23 - 2016-10-25 05:25 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-11-09 13:23 - 2016-10-25 05:25 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-11-09 13:23 - 2016-10-25 05:23 - 02362880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 13:23 - 2016-10-25 05:23 - 00964096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-11-09 13:23 - 2016-10-25 05:22 - 01562624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2016-11-09 13:23 - 2016-10-25 05:21 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-11-09 13:23 - 2016-10-25 05:21 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-11-09 13:23 - 2016-10-25 05:17 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-11-09 13:23 - 2016-10-25 05:11 - 04078592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-11-09 13:23 - 2016-10-25 05:11 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-11-09 13:23 - 2016-10-25 05:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-11-09 13:23 - 2016-10-25 05:04 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-11-09 13:23 - 2016-10-25 05:03 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 13:23 - 2016-10-25 05:01 - 02361856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2016-11-09 13:23 - 2016-10-25 05:00 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-11-09 13:23 - 2016-10-25 05:00 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-11-09 13:23 - 2016-10-25 05:00 - 02555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 13:23 - 2016-10-25 05:00 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-11-09 13:23 - 2016-10-25 05:00 - 01708032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-11-09 13:23 - 2016-10-25 04:59 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-11-09 13:23 - 2016-10-25 04:59 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2016-11-09 13:23 - 2016-10-25 04:58 - 09920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-11-09 13:23 - 2016-10-25 04:57 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-11-09 13:23 - 2016-10-25 04:56 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-11-09 13:23 - 2016-10-25 04:55 - 02001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-11-09 13:23 - 2016-10-25 04:55 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2016-11-09 13:23 - 2016-10-25 04:54 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-11-09 13:23 - 2016-10-25 04:53 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-11-09 13:23 - 2016-10-25 04:47 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-11-09 13:23 - 2016-10-25 04:46 - 02771968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-11-09 13:23 - 2016-10-25 04:45 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-11-09 13:23 - 2016-10-25 04:44 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-11-09 13:23 - 2016-10-25 04:43 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-11-09 13:23 - 2016-10-25 04:40 - 05325824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-11-09 13:23 - 2016-10-25 04:38 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 13:23 - 2016-10-25 04:37 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-11-09 13:23 - 2016-10-25 04:36 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-09 13:23 - 2016-10-25 04:35 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-11-09 13:23 - 2016-10-25 04:35 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-11-09 13:23 - 2016-10-25 04:34 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-11-09 13:23 - 2016-10-25 04:34 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-11-09 13:23 - 2016-10-25 04:34 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-11-09 13:23 - 2016-10-25 04:32 - 06743040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-09 13:23 - 2016-10-25 04:27 - 03065344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-09 13:23 - 2016-10-25 04:23 - 00712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-11-09 13:23 - 2016-10-25 04:21 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-11-09 13:22 - 2016-11-02 12:51 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 13:22 - 2016-10-25 09:24 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-11-09 13:22 - 2016-10-25 09:18 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-09 13:22 - 2016-10-25 08:49 - 00588328 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2016-11-09 13:22 - 2016-10-25 08:49 - 00245840 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 02544256 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 01017024 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-11-09 13:22 - 2016-10-25 08:48 - 00847648 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 13:22 - 2016-10-25 08:42 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-11-09 13:22 - 2016-10-25 08:39 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-11-09 13:22 - 2016-10-25 08:38 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-09 13:22 - 2016-10-25 08:37 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-11-09 13:22 - 2016-10-25 08:37 - 01040792 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-11-09 13:22 - 2016-10-25 08:35 - 06536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-11-09 13:22 - 2016-10-25 08:32 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 13:22 - 2016-10-25 08:30 - 00360288 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 13:22 - 2016-10-25 07:47 - 28851216 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2016-11-09 13:22 - 2016-10-25 07:47 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2016-11-09 13:22 - 2016-10-25 07:47 - 00305808 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-11-09 13:22 - 2016-10-25 07:46 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-11-09 13:22 - 2016-10-25 07:40 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-11-09 13:22 - 2016-10-25 07:40 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-11-09 13:22 - 2016-10-25 07:35 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-11-09 13:22 - 2016-10-25 07:33 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\genericusbfn.sys
2016-11-09 13:22 - 2016-10-25 07:32 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-11-09 13:22 - 2016-10-25 07:31 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2016-11-09 13:22 - 2016-10-25 07:30 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-09 13:22 - 2016-10-25 07:29 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-11-09 13:22 - 2016-10-25 07:26 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2016-11-09 13:22 - 2016-10-25 07:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-11-09 13:22 - 2016-10-25 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2016-11-09 13:22 - 2016-10-25 07:20 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-11-09 13:22 - 2016-10-25 07:18 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-11-09 13:22 - 2016-10-25 07:14 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-11-09 13:22 - 2016-10-25 07:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-11-09 13:22 - 2016-10-25 07:12 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2016-11-09 13:22 - 2016-10-25 07:12 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-11-09 13:22 - 2016-10-25 07:10 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2016-11-09 13:22 - 2016-10-25 07:06 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-11-09 13:22 - 2016-10-25 07:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2016-11-09 13:22 - 2016-10-25 07:05 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-11-09 13:22 - 2016-10-25 07:04 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe
2016-11-09 13:22 - 2016-10-25 07:01 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2016-11-09 13:22 - 2016-10-25 06:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-11-09 13:22 - 2016-10-25 06:56 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-11-09 13:22 - 2016-10-25 06:53 - 00813056 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll
2016-11-09 13:22 - 2016-10-25 06:52 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2016-11-09 13:22 - 2016-10-25 06:51 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-11-09 13:22 - 2016-10-25 06:51 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2016-11-09 13:22 - 2016-10-25 06:50 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-11-09 13:22 - 2016-10-25 06:50 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-11-09 13:22 - 2016-10-25 06:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 13:22 - 2016-10-25 06:49 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-11-09 13:22 - 2016-10-25 06:49 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2016-11-09 13:22 - 2016-10-25 06:48 - 00639488 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2016-11-09 13:22 - 2016-10-25 06:46 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2016-11-09 13:22 - 2016-10-25 06:43 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-11-09 13:22 - 2016-10-25 06:43 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 13:22 - 2016-10-25 06:42 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-09 13:22 - 2016-10-25 06:41 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-11-09 13:22 - 2016-10-25 06:41 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2016-11-09 13:22 - 2016-10-25 06:40 - 02331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2016-11-09 13:22 - 2016-10-25 06:40 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-11-09 13:22 - 2016-10-25 06:40 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2016-11-09 13:22 - 2016-10-25 06:40 - 00253088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-11-09 13:22 - 2016-10-25 06:39 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-11-09 13:22 - 2016-10-25 06:39 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-11-09 13:22 - 2016-10-25 06:39 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2016-11-09 13:22 - 2016-10-25 06:39 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2016-11-09 13:22 - 2016-10-25 06:38 - 02088960 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-11-09 13:22 - 2016-10-25 06:38 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2016-11-09 13:22 - 2016-10-25 06:38 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-11-09 13:22 - 2016-10-25 06:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-09 13:22 - 2016-10-25 06:37 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-11-09 13:22 - 2016-10-25 06:37 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2016-11-09 13:22 - 2016-10-25 06:35 - 01434112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-11-09 13:22 - 2016-10-25 06:35 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-11-09 13:22 - 2016-10-25 06:34 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-11-09 13:22 - 2016-10-25 06:33 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-11-09 13:22 - 2016-10-25 06:33 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll
2016-11-09 13:22 - 2016-10-25 06:32 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-11-09 13:22 - 2016-10-25 06:29 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-11-09 13:22 - 2016-10-25 06:28 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-11-09 13:22 - 2016-10-25 06:27 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2016-11-09 13:22 - 2016-10-25 06:27 - 01466368 _____ (Microsoft Corporation) C:\Windows\system32\Pimstore.dll
2016-11-09 13:22 - 2016-10-25 06:27 - 01346048 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2016-11-09 13:22 - 2016-10-25 06:27 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-11-09 13:22 - 2016-10-25 06:23 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-11-09 13:22 - 2016-10-25 06:22 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-11-09 13:22 - 2016-10-25 06:19 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-11-09 13:22 - 2016-10-25 06:18 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2016-11-09 13:22 - 2016-10-25 06:16 - 01965568 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2016-11-09 13:22 - 2016-10-25 06:12 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-11-09 13:22 - 2016-10-25 06:07 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-09 13:22 - 2016-10-25 06:05 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2016-11-09 13:22 - 2016-10-25 06:05 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2016-11-09 13:22 - 2016-10-25 06:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 13:22 - 2016-10-25 06:03 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-11-09 13:22 - 2016-10-25 06:03 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-11-09 13:22 - 2016-10-25 06:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SCardDlg.dll
2016-11-09 13:22 - 2016-10-25 06:01 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-09 13:22 - 2016-10-25 06:01 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSMDesktopProvider.dll
2016-11-09 13:22 - 2016-10-25 06:00 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2016-11-09 13:22 - 2016-10-25 06:00 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2016-11-09 13:22 - 2016-10-25 05:59 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-11-09 13:22 - 2016-10-25 05:59 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2016-11-09 13:22 - 2016-10-25 05:57 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-11-09 13:22 - 2016-10-25 05:57 - 00833536 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-09 13:22 - 2016-10-25 05:56 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2016-11-09 13:22 - 2016-10-25 05:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-11-09 13:22 - 2016-10-25 05:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-11-09 13:22 - 2016-10-25 05:53 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-09 13:22 - 2016-10-25 05:50 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2016-11-09 13:22 - 2016-10-25 05:50 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2016-11-09 13:22 - 2016-10-25 05:50 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-11-09 13:22 - 2016-10-25 05:49 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2016-11-09 13:22 - 2016-10-25 05:48 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-11-09 13:22 - 2016-10-25 05:46 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2016-11-09 13:22 - 2016-10-25 05:45 - 07977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-11-09 13:22 - 2016-10-25 05:45 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-11-09 13:22 - 2016-10-25 05:45 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-11-09 13:22 - 2016-10-25 05:43 - 00520704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2016-11-09 13:22 - 2016-10-25 05:42 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-11-09 13:22 - 2016-10-25 05:41 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2016-11-09 13:22 - 2016-10-25 05:39 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 13:22 - 2016-10-25 05:37 - 04143104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2016-11-09 13:22 - 2016-10-25 05:37 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-11-09 13:22 - 2016-10-25 05:36 - 04646400 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2016-11-09 13:22 - 2016-10-25 05:36 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2016-11-09 13:22 - 2016-10-25 05:36 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-11-09 13:22 - 2016-10-25 05:36 - 00475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2016-11-09 13:22 - 2016-10-25 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2016-11-09 13:22 - 2016-10-25 05:36 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2016-11-09 13:22 - 2016-10-25 05:35 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-11-09 13:22 - 2016-10-25 05:35 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-09 13:22 - 2016-10-25 05:35 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-11-09 13:22 - 2016-10-25 05:34 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-11-09 13:22 - 2016-10-25 05:33 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-11-09 13:22 - 2016-10-25 05:33 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-11-09 13:22 - 2016-10-25 05:32 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-11-09 13:22 - 2016-10-25 05:32 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-11-09 13:22 - 2016-10-25 05:32 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll
2016-11-09 13:22 - 2016-10-25 05:28 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-11-09 13:22 - 2016-10-25 05:28 - 01186816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2016-11-09 13:22 - 2016-10-25 05:28 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-11-09 13:22 - 2016-10-25 05:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2016-11-09 13:22 - 2016-10-25 05:25 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-11-09 13:22 - 2016-10-25 05:25 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-11-09 13:22 - 2016-10-25 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-11-09 13:22 - 2016-10-25 05:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2016-11-09 13:22 - 2016-10-25 05:23 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-11-09 13:22 - 2016-10-25 05:14 - 02911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-11-09 13:22 - 2016-10-25 05:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-11-09 13:22 - 2016-10-25 05:11 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-11-09 13:22 - 2016-10-25 05:09 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2016-11-09 13:22 - 2016-10-25 05:07 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-11-09 13:22 - 2016-10-25 05:05 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-11-09 13:22 - 2016-10-25 05:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-11-09 13:22 - 2016-10-25 05:05 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-11-09 13:22 - 2016-10-25 04:59 - 14258688 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-09 13:22 - 2016-10-25 04:58 - 07536128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-09 13:22 - 2016-10-25 04:55 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-11-09 13:22 - 2016-10-25 04:55 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-11-09 13:22 - 2016-10-25 04:53 - 03294208 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-09 13:22 - 2016-10-25 04:53 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-11-09 13:22 - 2016-10-25 04:52 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2016-11-09 13:22 - 2016-10-25 04:52 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-11-09 13:22 - 2016-10-25 04:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll
2016-11-09 13:22 - 2016-10-25 04:50 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2016-11-09 13:22 - 2016-10-25 04:48 - 00958976 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-11-09 13:22 - 2016-10-25 04:41 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-11-09 13:22 - 2016-10-25 04:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-11-09 13:22 - 2016-10-25 04:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2016-11-09 13:22 - 2016-10-25 04:32 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 13:22 - 2016-10-25 04:30 - 12590080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-09 13:22 - 2016-10-25 04:29 - 00515584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2016-11-09 13:22 - 2016-10-25 04:07 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-11-09 13:21 - 2016-11-02 15:08 - 00636296 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-11-09 13:21 - 2016-10-25 09:44 - 00875480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-11-09 13:21 - 2016-10-25 09:42 - 07468384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 13:21 - 2016-10-25 09:42 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2016-11-09 13:21 - 2016-10-25 09:42 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 13:21 - 2016-10-25 09:42 - 01142560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-09 13:21 - 2016-10-25 09:42 - 01098648 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-11-09 13:21 - 2016-10-25 09:42 - 00125280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-11-09 13:21 - 2016-10-25 09:41 - 01819208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 13:21 - 2016-10-25 09:40 - 00384864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 13:21 - 2016-10-25 09:25 - 01637216 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 13:21 - 2016-10-25 09:19 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-11-09 13:21 - 2016-10-25 08:51 - 00538632 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-11-09 13:21 - 2016-10-25 08:50 - 00439136 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-11-09 13:21 - 2016-10-25 08:42 - 02607336 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-11-09 13:21 - 2016-10-25 08:42 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 13:21 - 2016-10-25 08:41 - 03694088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 13:21 - 2016-10-25 08:39 - 00730352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-11-09 13:21 - 2016-10-25 08:39 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-11-09 13:21 - 2016-10-25 08:38 - 00565600 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-11-09 13:21 - 2016-10-25 08:37 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-09 13:21 - 2016-10-25 08:30 - 01848072 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-09 13:21 - 2016-10-25 08:03 - 02549456 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-11-09 13:21 - 2016-10-25 08:03 - 01988440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-11-09 13:21 - 2016-10-25 08:02 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-11-09 13:21 - 2016-10-25 08:02 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-11-09 13:21 - 2016-10-25 08:01 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-11-09 13:21 - 2016-10-25 08:01 - 01415200 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 13:21 - 2016-10-25 07:45 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2016-11-09 13:21 - 2016-10-25 07:31 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 13:21 - 2016-10-25 07:30 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2016-11-09 13:21 - 2016-10-25 07:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 13:21 - 2016-10-25 07:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-11-09 13:21 - 2016-10-25 07:16 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 13:21 - 2016-10-25 07:12 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2016-11-09 13:21 - 2016-10-25 07:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-11-09 13:21 - 2016-10-25 07:10 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2016-11-09 13:21 - 2016-10-25 07:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2016-11-09 13:21 - 2016-10-25 07:08 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-11-09 13:21 - 2016-10-25 07:02 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 13:21 - 2016-10-25 07:02 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 13:21 - 2016-10-25 07:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 13:21 - 2016-10-25 06:59 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 13:21 - 2016-10-25 06:58 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-11-09 13:21 - 2016-10-25 06:57 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-11-09 13:21 - 2016-10-25 06:56 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2016-11-09 13:21 - 2016-10-25 06:56 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 13:21 - 2016-10-25 06:55 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-11-09 13:21 - 2016-10-25 06:55 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2016-11-09 13:21 - 2016-10-25 06:55 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-09 13:21 - 2016-10-25 06:54 - 00752128 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2016-11-09 13:21 - 2016-10-25 06:53 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-11-09 13:21 - 2016-10-25 06:53 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-11-09 13:21 - 2016-10-25 06:53 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-11-09 13:21 - 2016-10-25 06:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2016-11-09 13:21 - 2016-10-25 06:52 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2016-11-09 13:21 - 2016-10-25 06:52 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 13:21 - 2016-10-25 06:52 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll
2016-11-09 13:21 - 2016-10-25 06:51 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2016-11-09 13:21 - 2016-10-25 06:51 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2016-11-09 13:21 - 2016-10-25 06:50 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\PhoneOm.dll
2016-11-09 13:21 - 2016-10-25 06:49 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2016-11-09 13:21 - 2016-10-25 06:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2016-11-09 13:21 - 2016-10-25 06:47 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-11-09 13:21 - 2016-10-25 06:46 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2016-11-09 13:21 - 2016-10-25 06:46 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-11-09 13:21 - 2016-10-25 06:43 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-11-09 13:21 - 2016-10-25 06:42 - 01813504 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-11-09 13:21 - 2016-10-25 06:42 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2016-11-09 13:21 - 2016-10-25 06:41 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2016-11-09 13:21 - 2016-10-25 06:40 - 00607232 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll
2016-11-09 13:21 - 2016-10-25 06:40 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-11-09 13:21 - 2016-10-25 06:40 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-11-09 13:21 - 2016-10-25 06:39 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2016-11-09 13:21 - 2016-10-25 06:39 - 00791552 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-11-09 13:21 - 2016-10-25 06:39 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-11-09 13:21 - 2016-10-25 06:39 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2016-11-09 13:21 - 2016-10-25 06:38 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2016-11-09 13:21 - 2016-10-25 06:36 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-11-09 13:21 - 2016-10-25 06:36 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-11-09 13:21 - 2016-10-25 06:36 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 13:21 - 2016-10-25 06:35 - 01132544 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-11-09 13:21 - 2016-10-25 06:35 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 13:21 - 2016-10-25 06:34 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-11-09 13:21 - 2016-10-25 06:33 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 13:21 - 2016-10-25 06:32 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-11-09 13:21 - 2016-10-25 06:32 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll
2016-11-09 13:21 - 2016-10-25 06:32 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-09 13:21 - 2016-10-25 06:30 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-11-09 13:21 - 2016-10-25 06:30 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-11-09 13:21 - 2016-10-25 06:29 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-11-09 13:21 - 2016-10-25 06:29 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-11-09 13:21 - 2016-10-25 06:28 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 13:21 - 2016-10-25 06:27 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 13:21 - 2016-10-25 06:27 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-11-09 13:21 - 2016-10-25 06:26 - 02103296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-11-09 13:21 - 2016-10-25 06:25 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-11-09 13:21 - 2016-10-25 06:25 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-11-09 13:21 - 2016-10-25 06:25 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-11-09 13:21 - 2016-10-25 06:24 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-11-09 13:21 - 2016-10-25 06:22 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2016-11-09 13:21 - 2016-10-25 06:21 - 02054144 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-11-09 13:21 - 2016-10-25 06:21 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-11-09 13:21 - 2016-10-25 06:20 - 03549696 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 13:21 - 2016-10-25 06:17 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-11-09 13:21 - 2016-10-25 06:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-11-09 13:21 - 2016-10-25 06:05 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-11-09 13:21 - 2016-10-25 06:05 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-11-09 13:21 - 2016-10-25 06:03 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 13:21 - 2016-10-25 06:01 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-11-09 13:21 - 2016-10-25 05:54 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-11-09 13:21 - 2016-10-25 05:54 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-11-09 13:21 - 2016-10-25 05:54 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 13:21 - 2016-10-25 05:53 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 13:21 - 2016-10-25 05:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 13:21 - 2016-10-25 05:52 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-11-09 13:21 - 2016-10-25 05:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 13:21 - 2016-10-25 05:51 - 02175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-11-09 13:21 - 2016-10-25 05:50 - 02874880 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2016-11-09 13:21 - 2016-10-25 05:49 - 03081216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 13:21 - 2016-10-25 05:49 - 01997312 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-11-09 13:21 - 2016-10-25 05:48 - 04826624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-11-09 13:21 - 2016-10-25 05:46 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2016-11-09 13:21 - 2016-10-25 05:46 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 13:21 - 2016-10-25 05:43 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-11-09 13:21 - 2016-10-25 05:41 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-11-09 13:21 - 2016-10-25 05:39 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-11-09 13:21 - 2016-10-25 05:38 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-09 13:21 - 2016-10-25 05:37 - 00765952 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-11-09 13:21 - 2016-10-25 05:34 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-11-09 13:21 - 2016-10-25 05:34 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 13:21 - 2016-10-25 05:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 13:21 - 2016-10-25 05:32 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 13:21 - 2016-10-25 05:30 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 13:21 - 2016-10-25 05:28 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-11-09 13:21 - 2016-10-25 05:28 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 13:21 - 2016-10-25 05:19 - 16984576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-11-09 13:21 - 2016-10-25 05:17 - 04895744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 13:21 - 2016-10-25 05:14 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2016-11-09 13:21 - 2016-10-25 05:13 - 22375936 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-11-09 13:21 - 2016-10-25 05:12 - 11544576 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-11-09 13:21 - 2016-10-25 05:10 - 01568256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-11-09 13:21 - 2016-10-25 05:05 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-11-09 13:21 - 2016-10-25 05:02 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 13:21 - 2016-10-25 05:02 - 06976512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-11-09 13:21 - 2016-10-25 05:02 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-11-09 13:21 - 2016-10-25 05:02 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-11-09 13:21 - 2016-10-25 05:01 - 13392384 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 13:21 - 2016-10-25 04:48 - 07838208 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-11-09 13:21 - 2016-10-25 04:45 - 18673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-11-09 13:21 - 2016-10-25 04:44 - 19348480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 13:21 - 2016-10-25 04:44 - 12134400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 13:21 - 2016-10-25 04:43 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 13:21 - 2016-10-25 04:26 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-11-09 13:21 - 2016-10-25 02:19 - 00775336 _____ C:\Windows\SysWOW64\locale.nls
2016-11-09 13:21 - 2016-10-25 02:19 - 00775336 _____ C:\Windows\system32\locale.nls
2016-11-09 13:21 - 2016-10-25 01:47 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 13:21 - 2016-09-07 05:22 - 00604920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-11-09 13:21 - 2016-01-05 01:45 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2016-11-09 13:20 - 2016-11-02 15:12 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 13:20 - 2016-11-02 14:25 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 13:20 - 2016-10-25 09:44 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 13:20 - 2016-10-25 09:42 - 00037744 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-11-09 13:20 - 2016-10-25 09:39 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2016-11-09 13:20 - 2016-10-25 09:39 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-11-09 13:20 - 2016-10-25 09:26 - 00528736 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-09 13:20 - 2016-10-25 08:38 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-11-09 13:20 - 2016-10-25 08:37 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-11-09 13:20 - 2016-10-25 08:37 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-11-09 13:20 - 2016-10-25 08:36 - 01540216 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-11-09 13:20 - 2016-10-25 08:36 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-11-09 13:20 - 2016-10-25 08:34 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-11-09 13:20 - 2016-10-25 08:34 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-11-09 13:20 - 2016-10-25 08:34 - 00106928 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2016-11-09 13:20 - 2016-10-25 08:33 - 00341936 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-09 13:20 - 2016-10-25 08:01 - 00324448 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 13:20 - 2016-10-25 07:46 - 00376528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-11-09 13:20 - 2016-10-25 07:32 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2016-11-09 13:20 - 2016-10-25 07:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2016-11-09 13:20 - 2016-10-25 07:21 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-11-09 13:20 - 2016-10-25 07:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2016-11-09 13:20 - 2016-10-25 07:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
2016-11-09 13:20 - 2016-10-25 07:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-11-09 13:20 - 2016-10-25 07:12 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\NPSMDesktopProvider.dll
2016-11-09 13:20 - 2016-10-25 07:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2016-11-09 13:20 - 2016-10-25 07:09 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2016-11-09 13:20 - 2016-10-25 07:05 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll
2016-11-09 13:20 - 2016-10-25 07:02 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-11-09 13:20 - 2016-10-25 06:59 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 13:20 - 2016-10-25 06:59 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2016-11-09 13:20 - 2016-10-25 06:59 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\fhsvc.dll
2016-11-09 13:20 - 2016-10-25 06:59 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2016-11-09 13:20 - 2016-10-25 06:58 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2016-11-09 13:20 - 2016-10-25 06:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 13:20 - 2016-10-25 06:57 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-11-09 13:20 - 2016-10-25 06:56 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\Dxpserver.exe
2016-11-09 13:20 - 2016-10-25 06:55 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-11-09 13:20 - 2016-10-25 06:55 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-11-09 13:20 - 2016-10-25 06:54 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-11-09 13:20 - 2016-10-25 06:53 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-11-09 13:20 - 2016-10-25 06:53 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2016-11-09 13:20 - 2016-10-25 06:52 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 13:20 - 2016-10-25 06:52 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2016-11-09 13:20 - 2016-10-25 06:51 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-11-09 13:20 - 2016-10-25 06:51 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll
2016-11-09 13:20 - 2016-10-25 06:51 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2016-11-09 13:20 - 2016-10-25 06:50 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-11-09 13:20 - 2016-10-25 06:50 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2016-11-09 13:20 - 2016-10-25 06:47 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-11-09 13:20 - 2016-10-25 06:47 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-11-09 13:20 - 2016-10-25 06:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2016-11-09 13:20 - 2016-10-25 06:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-11-09 13:20 - 2016-10-25 06:44 - 01479168 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2016-11-09 13:20 - 2016-10-25 06:44 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-09 13:20 - 2016-10-25 06:43 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2016-11-09 13:20 - 2016-10-25 06:42 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-11-09 13:20 - 2016-10-25 06:41 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 13:20 - 2016-10-25 06:41 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-11-09 13:20 - 2016-10-25 06:41 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-11-09 13:20 - 2016-10-25 06:40 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrGidsHandler.dll
2016-11-09 13:20 - 2016-10-25 06:38 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-11-09 13:20 - 2016-10-25 06:38 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-11-09 13:20 - 2016-10-25 06:38 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-11-09 13:20 - 2016-10-25 06:37 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-11-09 13:20 - 2016-10-25 06:37 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-11-09 13:20 - 2016-10-25 06:35 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-11-09 13:20 - 2016-10-25 06:34 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-11-09 13:20 - 2016-10-25 06:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-11-09 13:20 - 2016-10-25 06:32 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-11-09 13:20 - 2016-10-25 06:32 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-11-09 13:20 - 2016-10-25 06:32 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-11-09 13:20 - 2016-10-25 06:32 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2016-11-09 13:20 - 2016-10-25 06:29 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-11-09 13:20 - 2016-10-25 06:27 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-11-09 13:20 - 2016-10-25 06:24 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-11-09 13:20 - 2016-10-25 06:24 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-11-09 13:20 - 2016-10-25 06:23 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-11-09 13:20 - 2016-10-25 06:22 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-11-09 13:20 - 2016-10-25 06:21 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-11-09 13:20 - 2016-10-25 06:21 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2016-11-09 13:20 - 2016-10-25 06:16 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-11-09 13:20 - 2016-10-25 06:11 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-11-09 13:20 - 2016-10-25 06:09 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-11-09 13:20 - 2016-10-25 06:03 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-11-09 13:20 - 2016-10-25 06:01 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2016-11-09 13:20 - 2016-10-25 05:52 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-11-09 13:20 - 2016-10-25 05:47 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-11-09 13:20 - 2016-10-25 05:47 - 00453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2016-11-09 13:20 - 2016-10-25 05:40 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-11-09 13:20 - 2016-10-25 05:35 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-11-09 13:20 - 2016-10-25 05:26 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-11-09 13:20 - 2016-10-25 05:20 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-11-09 13:20 - 2016-10-25 05:13 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 13:20 - 2016-10-25 05:10 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-11-09 13:20 - 2016-10-25 05:05 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-09 13:20 - 2016-10-25 05:03 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-11-09 13:20 - 2016-10-25 04:44 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-11-09 13:20 - 2016-10-25 04:43 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-09 17:17 - 2016-10-20 08:47 - 00000000 ____D C:\Users\Jason\Documents\Outlook
2016-12-09 17:10 - 2016-10-20 01:05 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-09 16:59 - 2016-10-20 19:20 - 00004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9C16B1BD-782D-43E2-9AEB-BB58837C0402}
2016-12-09 16:53 - 2016-10-20 08:42 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-12-09 12:46 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\AppReadiness
2016-12-09 04:26 - 2015-10-30 07:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-09 04:06 - 2016-10-20 16:49 - 00000000 ____D C:\Users\Jason\AppData\Local\Adobe
2016-12-09 03:59 - 2016-10-23 21:45 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-09 03:49 - 2015-10-30 06:28 - 00065536 ___SH C:\Windows\system32\config\ELAM
2016-12-09 03:47 - 2016-10-20 01:05 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-09 03:46 - 2016-10-20 10:20 - 00000000 ____D C:\ProgramData\Reprise
2016-12-09 03:45 - 2016-10-20 01:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-09 03:45 - 2016-10-20 00:44 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-09 03:44 - 2015-10-30 06:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-12-08 23:17 - 2016-10-20 09:00 - 00016513 _____ C:\bdlog.txt
2016-12-08 21:59 - 2016-10-20 00:40 - 06289728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-08 21:58 - 2016-10-20 00:51 - 00000000 ____D C:\Users\Jason
2016-12-08 21:57 - 2016-10-20 01:59 - 00000000 ____D C:\Users\Jason\AppData\Roaming\uTorrent
2016-12-08 20:39 - 2016-10-20 01:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 20:22 - 2016-10-20 00:51 - 00000000 ____D C:\Users\Jason\AppData\Local\Packages
2016-12-08 14:46 - 2016-10-20 08:56 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-12-08 06:01 - 2016-10-20 02:00 - 00000000 ____D C:\Users\Jason\AppData\LocalLow\uTorrent
2016-12-06 20:16 - 2016-10-20 17:46 - 00000982 _____ C:\Users\Jason\Desktop\Mattress.txt
2016-12-05 18:25 - 2016-10-28 06:07 - 00000000 ____D C:\Users\Jason\AppData\Roaming\vlc
2016-12-04 19:41 - 2016-10-24 21:56 - 00000000 ____D C:\Users\Jason\AppData\Local\CrashDumps
2016-12-04 19:30 - 2016-11-04 04:25 - 00000000 ____D C:\Users\Jason\FoundryAnalytics
2016-12-04 12:14 - 2016-11-08 10:48 - 00000000 ____D C:\Users\Jason\Downloads\BlacksOnBlondes.16.11.08.Katy.Jayne.XXX.1080p.MP4-KTR[rarbg]
2016-12-04 10:56 - 2016-10-20 00:56 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-04 10:56 - 2015-10-30 07:21 - 00000000 ____D C:\Windows\INF
2016-12-04 02:01 - 2016-10-20 17:46 - 00001308 _____ C:\Users\Jason\Desktop\Web hosts.txt
2016-12-03 20:10 - 2016-10-20 10:18 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Next Limit
2016-12-03 20:10 - 2016-10-20 10:17 - 00000000 ____D C:\Program Files\Next Limit
2016-12-03 19:24 - 2016-10-20 09:02 - 00000000 ____D C:\Users\Jason\Documents\realflow
2016-11-30 18:21 - 2016-10-20 08:47 - 00000000 ____D C:\Users\Jason\Documents\Medical Evidence
2016-11-29 19:49 - 2016-05-18 04:54 - 07684608 ____R (Side Effects Software Inc.) C:\Windows\system32\sesinetd.exe
2016-11-26 20:59 - 2016-10-20 17:45 - 00000000 ____D C:\Users\Jason\Desktop\Useful Keyboard Shortcuts
2016-11-26 19:26 - 2016-10-20 17:28 - 00000000 ____D C:\Users\Jason\Desktop\3D
2016-11-22 10:41 - 2016-10-20 17:44 - 00000000 ____D C:\Users\Jason\Desktop\Politics links
2016-11-21 12:23 - 2016-10-20 20:12 - 00000000 ____D C:\Program Files\Autodesk
2016-11-20 11:22 - 2016-10-24 22:03 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-18 15:13 - 2016-10-20 08:58 - 00000000 ____D C:\ProgramData\BDLogging
2016-11-18 15:06 - 2016-10-20 00:51 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Adobe
2016-11-18 11:10 - 2016-10-20 17:32 - 00000000 ____D C:\Users\Jason\Desktop\ESA Form
2016-11-18 10:49 - 2016-10-20 17:32 - 00000000 ____D C:\Users\Jason\Desktop\ESA
2016-11-18 10:17 - 2016-10-20 17:45 - 00000000 ____D C:\Users\Jason\Desktop\Useful Links
2016-11-18 09:40 - 2016-10-20 17:32 - 00000000 ____D C:\Users\Jason\Desktop\ESA Guidance
2016-11-18 07:27 - 2016-10-29 19:23 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knald Technologies
2016-11-18 07:26 - 2016-10-29 19:22 - 00000000 ____D C:\Program Files\Knald Technologies
2016-11-17 12:56 - 2016-10-20 08:56 - 00182944 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2016-11-15 07:36 - 2016-10-20 17:45 - 00000000 ____D C:\Users\Jason\Desktop\Website
2016-11-15 06:48 - 2016-10-20 17:31 - 00000000 ____D C:\Users\Jason\Desktop\Dental
2016-11-15 06:28 - 2016-10-20 16:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-11-15 06:27 - 2016-10-20 17:19 - 00000000 ____D C:\Users\Jason\Documents\Adobe
2016-11-15 06:23 - 2016-10-20 17:03 - 00000000 ____D C:\Program Files\Adobe
2016-11-15 05:20 - 2016-11-04 04:19 - 00000000 ____D C:\ProgramData\Apple
2016-11-15 02:59 - 2016-10-20 08:49 - 00000000 ____D C:\Windows\Minidump
2016-11-14 21:11 - 2016-10-20 01:06 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 21:11 - 2016-10-20 01:06 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-14 10:16 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\rescache
2016-11-13 08:38 - 2016-10-20 17:44 - 00000000 ____D C:\Users\Jason\Desktop\PIP
2016-11-12 11:31 - 2016-10-20 08:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-12 10:35 - 2016-11-08 02:38 - 00000000 ____D C:\Users\Jason\Downloads\CLO Enterprise 2.5.78 Win x64
2016-11-12 10:27 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\system32\setup
2016-11-12 04:39 - 2015-10-30 07:17 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2016-11-12 04:39 - 2015-10-30 07:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2016-11-12 04:39 - 2015-10-30 07:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2016-11-12 04:39 - 2015-10-30 07:17 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2016-11-12 04:39 - 2015-10-30 07:17 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2016-11-12 04:39 - 2015-10-30 07:11 - 00000000 ____D C:\Windows\CbsTemp
2016-11-12 04:35 - 2016-10-20 10:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-12 04:25 - 2016-10-20 08:45 - 00000000 ____D C:\Program Files\Bitdefender
2016-11-12 04:22 - 2016-10-20 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2016-11-12 03:51 - 2015-10-30 07:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-12 03:51 - 2015-10-30 07:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-12 03:36 - 2016-10-26 19:38 - 00000000 ____D C:\Users\Jason\Documents\Allegorithmic
2016-11-12 03:36 - 2016-10-26 19:38 - 00000000 ____D C:\Users\Jason\AppData\Local\Allegorithmic
2016-11-12 03:35 - 2016-10-26 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allegorithmic
2016-11-12 03:35 - 2016-10-26 19:37 - 00000000 ____D C:\Program Files\Allegorithmic
2016-11-12 02:02 - 2016-10-20 10:21 - 00000000 ____D C:\Users\Jason\AppData\Roaming\MAXON
2016-11-12 00:56 - 2016-10-20 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2016-11-12 00:56 - 2016-10-20 10:00 - 00000000 ____D C:\Program Files\MAXON
2016-11-10 12:48 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-10 12:34 - 2015-10-30 07:24 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ___SD C:\Windows\system32\F12
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ___RD C:\Windows\PrintDialog
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ___RD C:\Windows\DevicesFlow
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\system32\oobe
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\system32\migwiz
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Windows\Provisioning
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-10 12:33 - 2015-10-30 07:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-09 16:48 - 2015-10-30 07:24 - 00000167 _____ C:\Windows\win.ini
2016-11-09 16:47 - 2016-10-20 01:18 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 16:42 - 2016-10-20 01:18 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 01:08 - 2016-10-20 16:49 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
==================== Files in the root of some directories =======
 
2016-10-20 18:31 - 2016-10-20 18:31 - 0000034 _____ () C:\Users\Jason\AppData\Roaming\AdobeWLCMCache.dat
2016-12-05 23:57 - 2016-12-05 23:57 - 1238528 _____ (Microsoft Corporation) C:\Users\Jason\AppData\Roaming\Local service.exe
2016-10-20 08:42 - 2016-10-20 08:42 - 0046528 _____ () C:\ProgramData\agent.1476952966.bdinstall.bin
2016-11-02 04:15 - 2016-11-02 04:15 - 0028756 _____ () C:\ProgramData\agent.1478060109.bdinstall.bin
2016-11-18 15:13 - 2016-11-18 15:13 - 0028189 _____ () C:\ProgramData\agent.1479482019.bdinstall.bin
2016-10-20 08:59 - 2016-10-20 08:59 - 0357562 _____ () C:\ProgramData\cl.1476953770.bdinstall.bin
2016-10-20 09:00 - 2016-10-20 09:00 - 0054516 _____ () C:\ProgramData\dm.1476954024.bdinstall.bin
2016-10-20 09:02 - 2016-10-20 09:02 - 0034918 _____ () C:\ProgramData\dm.1476954168.bdinstall.bin
2016-11-12 04:25 - 2016-11-12 04:25 - 0055173 _____ () C:\ProgramData\dm.1478924713.bdinstall.bin
2016-11-18 15:14 - 2016-11-18 15:14 - 0040026 _____ () C:\ProgramData\dm.1479482036.bdinstall.bin
 
Files to move or delete:
====================
C:\Users\Jason\RegSvcs.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-07 01:09
 
==================== End of FRST.txt ============================

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted

Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Jason (09-12-2016 17:21:16)
Running from C:\Users\Jason\Desktop
Windows 10 Pro Version 1511 (X64) (2016-10-20 00:49:51)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3557252084-2468944355-21857965-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3557252084-2468944355-21857965-503 - Limited - Disabled)
Guest (S-1-5-21-3557252084-2468944355-21857965-501 - Limited - Disabled)
Jason (S-1-5-21-3557252084-2468944355-21857965-1001 - Administrator - Enabled) => C:\Users\Jason
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3557252084-2468944355-21857965-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Abrosoft FantaMorph Deluxe v5.4.1 (HKLM-x32\...\Abrosoft FantaMorph Deluxe v5.4.15.4.1) (Version: 5.4.1 - Friends in War)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Allegorithmic Bitmap2Material 3.1.2 (HKLM-x32\...\Bitmap2Material_3) (Version: 3.1.2 build 17903 (2016-05-12) - Allegorithmic)
Allegorithmic Substance Designer 5.5.2 (HKLM\...\{25E7D16D-1FBA-49EA-BF36-E2D6B20A9206}_is1) (Version: 5.5.2 - Allegorithmic)
Ansel (Version: 373.06 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk DirectConnect 2016 64-bit (HKLM\...\Autodesk DirectConnect 2016 64-bit) (Version: 10.0.98.0 - Autodesk)
Autodesk DirectConnect 2016 64-bit (Version: 10.0.98.0 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Maya 2016 (HKLM\...\Autodesk Maya 2016) (Version: 16.0.1312.0 - Autodesk)
Autodesk Maya 2016 (Version: 16.0.1312.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (Version: 16.0.394.0 - Autodesk) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.21.976 - Bitdefender)
Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.18.898 - Bitdefender)
BitTorrent (HKU\S-1-5-21-3557252084-2468944355-21857965-1001\...\BitTorrent) (Version: 7.9.9.42924 - BitTorrent Inc.)
Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris Continuum Complete 10 CE for Adobe CS5, CS6, CC (HKLM\...\{31710219-9BBB-47A6-85E0-7B406FB76738}) (Version: 10.0.1005 - Boris FX, Inc.)
C4DtoA for Cinema4D R16 (HKLM\...\C4DtoA_R16) (Version: 1.0.6.0 - Solid Angle)
Camtasia 9 (HKLM-x32\...\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia 9 (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Cinec 2.7.5 Gold (HKLM-x32\...\{265D36E4-F099-42DA-ADA8-85008F02D7AA}) (Version: 2.7.5 - Cinemartin)
CINEMA 4D 16.050 (HKLM\...\MAXON8B6F11F9) (Version: 16.050 - MAXON Computer GmbH)
CINEMA 4D 17.055 (HKLM\...\MAXONFC68216F) (Version: 17.055 - MAXON Computer GmbH)
CINEMA 4D 18.011 (HKLM\...\MAXON6CD73CFE) (Version: 18.011 - MAXON Computer GmbH)
ColorSchemer Studio 2 (HKLM-x32\...\ColorSchemerStudio2_is1) (Version: Studio v2.0 - ColorSchemer)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
CrazyTalk Animator v2.1 Pipeline (HKLM-x32\...\{7127D4CC-78E6-41E3-8BCB-A50ED34846E2}) (Version: 2.1.1624.1 - Reallusion Inc.)
CrazyTalk v8.0 Pipeline (HKLM-x32\...\{239FA754-71DE-44A4-9DBC-9C9070AF058E}) (Version: 8.0.1218.2 - Reallusion Inc.)
CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.0 - Globalscape)
DENoise 3, After Effects-compatible plugin set (HKLM-x32\...\DENoise 3, After Effects-compatible plugin set) (Version:  - )
Digieffects Suite 3.0.0 CE (HKLM\...\Digieffects Suite CE_is1) (Version: 3.0.0 - Team V.R)
Digital Anarchy Beauty Box AE v3.0.6 (HKLM\...\Beauty Box AE 3_is1) (Version: 3.06 - Team V.R)
Digital Anarchy Beauty Box v3.0.7 Photoshop (HKLM\...\Beauty Box 3 Photoshop (Team V.R CE)_is1) (Version: 3.0.7 - Team V.R)
Effects Suite v11.1.6 (HKLM-x32\...\{4DD8EE5E-F571-4EC8-9526-E7C62FE39B19}_is1) (Version: 11.1.6 - Red Giant, LLC)
EPSON Easy Photo Print (HKLM-x32\...\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}) (Version: 1.5.1.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON Stylus SX200_SX400_TX200_TX400 Manual (HKLM-x32\...\EPSON Stylus SX200_SX400_TX200_TX400 User’s Guide) (Version:  - )
EPSON Stylus SX400 Series Printer Uninstall (HKLM\...\EPSON Stylus SX400 Series) (Version:  - SEIKO EPSON Corporation)
fayIN 2.1 for After Effects CC 2015 (Version: 2.1.3.1 - fayteq) Hidden
fayIN 2.4 for After Effects CC (2014) (Version: 2.4.1.1 - fayteq) Hidden
fayIN License Service (Version: 1.1.0.0 - fayteq) Hidden
fayteq fayIN 2.1 for After Effects CC 2015 (HKLM-x32\...\{786a07fa-8353-46f6-82d8-db8d10d0fc2b}) (Version: 2.1.3.1 - fayteq)
fayteq fayIN 2.4 for After Effects CC (2014) (HKLM-x32\...\{6ae3a601-b2a2-4d19-8207-104376b9768f}) (Version: 2.4.1.1 - fayteq)
FilExile (HKLM-x32\...\{1310229C-E62A-4F05-87DB-13979A5D2EFC}_is1) (Version: 2.00 - Bryan Carey)
FLT 7.0v2 (HKLM-x32\...\FLT 7.0v2_is1) (Version:  - The Foundry)
GenArts Sapphire AE (HKLM\...\GenArts Sapphire AE_is1) (Version: 10.0 - Team V.R)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HDR Light Studio 5 (HKLM-x32\...\HDR Light Studio 5) (Version: 5.2016.0627 - Lightmap LTD)
Houdini 15.5.480 (HKLM\...\Houdini 15.5.480) (Version: 15.5.480 - Side Effects Software)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Keying Suite v11.1.5 (HKLM-x32\...\{21AD9423-3C17-43E2-AFD7-8305C965500F}_is1) (Version: 11.1.5 - Red Giant, LLC)
K-Lite Codec Pack 12.6.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.0 - KLCP)
Knald (HKLM-x32\...\Knald64) (Version: 1.2.0 - Knald Technologies, LLC)
Krakatoa for Cinema 4D (HKLM\...\Krakatoa for Cinema 4D 2.3.2) (Version: 2.3.2 - Thinkbox Software)
Magic Bullet Suite v12.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.0.6 - Red Giant, LLC)
Mari 3.0v3 (HKLM\...\Mari 3.0v3_is1) (Version:  - The Foundry)
Marvelous Designer 5 Enterprise (HKLM-x32\...\Marvelous Designer 5 Enterprise) (Version:  - CLO Virtual Fashion Inc.)
Megascans Studio version 0.901 (HKLM\...\{696362E1-CAA9-473E-9E0B-688602F65F5E}_is1) (Version: 0.901 - Quixel AB)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MODO 901 Content 1 (HKLM-x32\...\MODO901_Content1) (Version:  - )
MODO 901 Content 2 (HKLM-x32\...\MODO901_Content2) (Version:  - )
MODO 901 Content 3 (HKLM-x32\...\MODO901_Content3) (Version:  - )
MtoA for Maya 2016 (HKU\S-1-5-21-3557252084-2468944355-21857965-1001\...\MtoA2016) (Version: 1.2.6.0 - Solid Angle)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 373.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 373.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Package Kit (HKLM-x32\...\modoPack) (Version:  - )
PFTrack 2015.1 (HKLM\...\{A8AC5FC4-5B7F-4E17-9D2A-0130829410F0}) (Version: 15.1.1033 - The Pixel Farm)
PixPlant 2.1.68 Registered (HKLM-x32\...\PixPlant2 App_is1) (Version: 2.1.68 Registered - FaronStudio)
Quixel SUITE 2.1.5 (HKLM\...\{37962BCF-EF4D-4F9D-8AA1-8E2AAD546B67}_is1) (Version: 2.15 - Quixel)
RealFlow 10 (HKLM-x32\...\RealFlow 10) (Version:  - )
RealFlow 2015 (HKLM-x32\...\RealFlow 2015) (Version:  - )
RealFlow Plug-in for Cinema4D (HKLM-x32\...\RealFlowC4D) (Version: 1.0 - Next Limit)
RealFlow|Cinema4D (HKLM-x32\...\RealFlowCinema4D) (Version: 1.0 - Next Limit)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
ReelSmart Motion Blur 5, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 5, After Effects-compatible plugin set) (Version:  - )
REFlex v5, After Effects plugin set (HKLM-x32\...\REFlex v5, After Effects plugin set) (Version:  - )
REMatch v1, After Effects-compatible plugin set (HKLM-x32\...\REMatch v1, After Effects-compatible plugin set) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
ShaderMap 3.0.7 (HKLM\...\ShaderMap™ 3_is1) (Version:  - Rendering Systems Inc.)
Shave And A Haircut for Maya 2016 (HKLM\...\{5FCAC9DE-AF84-44C6-BC9C-DC7713E4F420}) (Version: 9.0v52 - Joe Alter, Inc)
Shooter Suite v12.7.2 (HKLM-x32\...\{7DFC5E36-8CC9-4EC5-9C24-A3770A669E3F}_is1) (Version: 12.7.2 - Red Giant, LLC)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Substance Painter 2 version 2.4.0 (HKLM\...\{f42b7a996fa1d13a1d0a2e33eea2c0800bb5d1b8}_is1) (Version: 2.4.0 - Allegorithmic)
The Foundry MODO 10.2v1 build 126693 (HKLM-x32\...\10.2v1_64) (Version:  - )
Trapcode Suite v12.1.9 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.9 - Red Giant, LLC)
Twixtor 6, After Effects-compatible plugin set (HKLM-x32\...\Twixtor 6, After Effects-compatible plugin set) (Version:  - )
Unfold3D Network 9.0.3 (HKLM\...\Unfold3D Network 9.0.3_is1) (Version:  - Polygonal Design)
Universe (HKLM\...\Universe Premium_is1) (Version: 2.0 CE - Team V.R)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{670823C5-9E0F-444C-A115-E8C4F37C5707}) (Version:  - Microsoft)
VideoCopilot Element 3D v2.2.2 CE for After Effects (HKLM\...\Element 3D CE for After Effects_is1) (Version: 2.2.2 - Team V.R)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
V-Ray for 3dsmax 2016 for x64 (HKLM\...\V-Ray for 3dsmax 2016 for x64) (Version: 3.20.02 - Chaos Software Ltd)
V-Ray for Maya 2016 for x64 (HKLM\...\V-Ray for Maya 2016 for x64) (Version: 3.10.01 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World Machine 2 Professional Edition (HKLM-x32\...\World Machine2Pro) (Version:  - )
ZBrush 4R7 (HKLM-x32\...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3557252084-2468944355-21857965-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-3557252084-2468944355-21857965-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-3557252084-2468944355-21857965-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A1B1522-C26C-453A-A39A-BCC7170FF839} - System32\Tasks\cfdrp => C:\Users\Jason\cfdrp\ezac.exe [2016-10-09] (AutoIt Team)
Task: {35C2D355-2A63-436E-8337-36C2C35D3395} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-11-22] ()
Task: {4071DBF7-84CC-444C-B1AF-373429AB6C76} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7DO5G64-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {5051DA81-8884-44CD-A516-51484B25A91E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {7EEDF0C9-6E21-4E8E-99CF-5DBC850D776F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {86D77E73-C0CE-4266-9445-8D0253F6A4E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {98D7FCF4-C968-4B0B-9810-7BA6E86641A3} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
Task: {A132CEBB-6DD9-41DD-991A-1126EEC9E4AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A9EDE338-5288-4265-A4AE-83BFDAAA97D3} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2016-12-08] (Bitdefender)
Task: {CDBDDE38-701A-46B6-A789-0ECB58BB1B50} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {DFB8D7EF-5E83-4FBE-8937-BDC60740E955} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EA29DFE8-ECF4-4260-B99D-6B9B7ECA4185} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-10-20 08:57 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2016-10-20 08:57 - 2016-12-08 14:47 - 00138880 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\ECEvents.dll
2016-11-14 15:39 - 2016-11-14 15:40 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02351_002\ashttpbr.mdl
2016-11-14 15:39 - 2016-11-14 15:40 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02351_002\ashttpdsp.mdl
2016-11-14 15:39 - 2016-11-14 15:40 - 03202816 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02351_002\ashttpph.mdl
2016-11-14 15:39 - 2016-11-14 15:40 - 01542976 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02351_002\ashttprbl.mdl
2016-10-20 01:03 - 2016-10-01 19:53 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-08 21:43 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-08 21:43 - 2016-11-29 06:27 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-09 13:21 - 2016-10-25 09:42 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-10-20 20:16 - 2014-08-19 19:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2016-11-09 13:21 - 2016-10-25 09:42 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-10-21 00:55 - 2016-10-21 00:55 - 01864384 _____ () C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-08-16 12:30 - 2016-08-16 12:30 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-11-09 13:21 - 2016-10-25 04:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:21 - 2016-10-25 04:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:21 - 2016-10-25 04:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:21 - 2016-10-25 04:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-20 08:58 - 2016-12-08 14:48 - 00023328 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\en-US\bdsystray.txtui
2016-10-20 01:13 - 2015-12-07 04:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-10-20 01:15 - 2016-07-01 03:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 13:22 - 2016-10-25 07:01 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-11-14 21:11 - 2016-11-08 21:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 21:11 - 2016-11-08 21:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-09-30 23:36 - 2016-09-30 23:36 - 07011000 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\X64\AdobePDFMakerX.dll
2015-02-10 13:12 - 2015-02-10 13:12 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2015-10-13 14:10 - 2015-10-13 14:10 - 01428648 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2016-09-30 23:36 - 2016-09-30 23:36 - 02861752 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\X64\SendAsLinkX.dll
2016-10-23 12:52 - 2016-07-01 06:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-10-23 12:52 - 2016-07-01 06:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-10-21 00:55 - 2016-10-21 00:55 - 01383616 _____ () C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-10-21 00:55 - 2016-10-21 00:55 - 00118976 _____ () C:\Users\Jason\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-10-23 12:52 - 2013-09-23 17:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-10-23 12:52 - 2015-11-05 12:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-10-23 12:52 - 2015-11-05 12:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-10-23 12:52 - 2015-11-05 12:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-10-23 12:52 - 2016-07-01 06:05 - 00285120 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll
2016-10-23 12:52 - 2015-09-08 06:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-08-16 12:31 - 2016-08-16 12:31 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-10-23 12:52 - 2014-09-03 00:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-10-23 12:52 - 2014-09-03 00:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-10-23 12:52 - 2014-09-03 00:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jason\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\BDSysLog_i.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\cpu-z_1.77-en.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\dotNetFx40_Full_setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\epson374975eu.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\epson512526eu.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\FilExilev1.51_Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\FilExilev2.00_Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\klcp_update_1261_20161122.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\LifeCam3.22.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\mb3-setup-consumer-3.0.4.1269.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\NetFxRepairTool.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\swfdownloader.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\video-download-capture.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\vlc-2.2.4-win32.exe:BDU [0]
AlternateDataStreams: C:\Users\Jason\Downloads\w_cproc_p_11.1.072_redist_intel64.exe:BDU [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 07:24 - 2016-11-12 04:35 - 00008216 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
There are 0 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3557252084-2468944355-21857965-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\Pictures\filling_the_void_1920x1200.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{71BD774A-3B2F-434B-8E56-048FD93C590B}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2C80C885-1D93-4E6A-9DC3-A6EECF3C93E8}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60767F3C-AD11-4217-8170-86470B8B5FF7}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5B260E85-E93F-4A6C-BE82-AEE977D2120E}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6ADDB730-8D6A-4306-BDC4-E5FA36C761F4}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ACCCD77E-AA01-422E-9E50-0CCEA6C3FA7F}] => C:\Users\Jason\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4855B1B-4A41-479F-A629-8FF396FF51D6}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{88F0EF17-65E7-4322-9799-C210C7A116AB}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{078C75D7-0AC0-475C-9961-60E85C5E61D5}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{21A60F96-2CA9-47A7-B518-7DC05A1C2144}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{17031B04-9362-4F85-B835-B554FDAD86F3}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{758C6009-13CA-442D-ADA9-C078906A801A}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{814492DB-CA32-44F5-9BCE-CC78CA88E095}] => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{002F28AE-3797-45E1-8684-EFF43BA5B089}] => C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{C467DC1B-7D58-4123-98E5-22CCF940CB62}] => C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{FE26ABED-D638-49CC-B217-04BE6C568E6B}] => C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{07C9E5BF-225E-4F36-A08F-EA5C340A1B98}] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{E3F9AAAC-7F89-4C09-ABB0-B720C3ABDFF9}] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{514CBCBE-F822-41C9-BA63-A1DF92BDD3BA}] => C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{8744166C-D26C-41B2-A7DA-7821646E343E}] => C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D6AF08AA-39E2-4B74-8523-A684B9F8BC3F}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6E5393AE-19B6-4F4B-8DFA-26502CA0A1DC}] => C:\Program Files (x86)\Red Giant\Offload\Offload.exe
FirewallRules: [{1120B2FA-D529-4611-B46A-5DEEC4A78465}] => C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{19EBD498-9493-4ED5-AF15-8D8B93686A1B}] => C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{BA5B2A4A-33BA-4539-98E2-255DC1E69E27}] => C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{E1C09F43-0AD0-46BE-8A15-DDFE1609ABAB}] => C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{B89F8EDE-D861-4900-A223-113A2D01D489}] => C:\Program Files\The Pixel Farm\PFTrack 2015.1\PFLicenseManager.exe
FirewallRules: [{21DF0BD6-B6FF-4B73-91CF-28ED144E6A61}] => C:\Program Files\The Pixel Farm\PFTrack 2015.1\PFTrack.exe
FirewallRules: [{50D57564-E340-4BEC-A775-E5F5F0618D78}] => C:\Program Files\Chaos Group\V-Ray\3dsmax 2016 for x64\vrlservice.exe
FirewallRules: [{7F9F18E5-C67C-4B97-81FC-8B6E3A7A4DAD}] => C:\Program Files\Chaos Group\V-Ray\3dsmax 2016 for x64\vrlservice.exe
FirewallRules: [{7286358D-DFAB-4867-BCA3-7216E9B0774D}] => C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{C0A61048-2282-4696-B6C5-59F4E04AC250}] => C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{0514A81A-F939-4C7D-B0BB-28BFEF52CF03}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F780C48-D380-4D8D-96CD-532C0E5B65A2}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B85E867F-74A7-46D8-B854-D0B72952AFD0}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9293FC6B-803C-41E6-9A3B-BD4DEF894AFA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B65E359-375C-4BB3-B12C-15093C2208CE}] => C:\Program Files\Luxology\modo\10.2v1\modo.exe
FirewallRules: [{BB280A63-9584-43E2-BB32-5D90C4557A69}] => C:\Program Files\Luxology\modo\10.2v1\modo.exe
FirewallRules: [{F370C734-CBF1-44FC-9803-EEAF8E082B40}] => C:\Program Files\Autodesk\Maya2016\vray\bin\vray.exe
FirewallRules: [{3102DB5D-1704-4A9D-AEF8-8662291F27C1}] => C:\Program Files\Autodesk\Maya2016\vray\bin\vray.exe
FirewallRules: [{BD918FE4-3329-48B5-A28B-BB0808376F6B}] => C:\Windows\system32\hasplms.exe
FirewallRules: [{F5265208-7F2C-4C7D-8844-A1284E1CDDB4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4757D953-937B-4E8D-9CFE-2C8BA0316ED6}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0366609E-7412-4BE9-81E0-65945897FCE2}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1E0F9198-7267-45A4-9335-9AE3E1878A76}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{09CC399F-D9D3-4325-A54B-77521EF77D8F}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{148A293A-2AF0-47CC-BAD6-86D50E4446C0}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7D505B0A-E383-47D6-A890-BA966D9067D8}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{21AB8971-E949-4338-854A-E844B576454D}] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6444F4E4-8113-4C39-8C5C-699A6A4314F3}] => LPort=8318
 
==================== Restore Points =========================
 
01-12-2016 09:53:13 Scheduled Checkpoint
06-12-2016 14:13:31 Installed Blender
08-12-2016 20:25:49 Camtasia 9
 
==================== Faulty Device Manager Devices =============
 
Name: Multimedia Video Controller
Description: Multimedia Video Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/09/2016 05:06:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\MAXON\CINEMA 4D R16\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/09/2016 05:06:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\MAXON\CINEMA 4D R16\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/09/2016 05:05:32 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5268.  Message ID: [0x2509].
 
Error: (12/09/2016 05:05:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\MAXON\CINEMA 4D R16\resource\modules\python\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/09/2016 05:05:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\MAXON\CINEMA 4D R16\resource\modules\python\Python.win32.framework\Lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/09/2016 05:00:31 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 10776.  Message ID: [0x2509].
 
Error: (12/09/2016 04:55:32 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 8648.  Message ID: [0x2509].
 
Error: (12/09/2016 12:37:30 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5540.  Message ID: [0x2509].
 
Error: (12/09/2016 12:30:31 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5964.  Message ID: [0x2509].
 
Error: (12/09/2016 12:25:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7264.  Message ID: [0x2509].
 
 
System errors:
=============
Error: (12/09/2016 03:48:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B548B6A5-B4C1-4DE2-8DB2-B60C1E80387E} did not register with DCOM within the required timeout.
 
Error: (12/09/2016 03:43:56 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7DO5G64)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (12/09/2016 03:43:51 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:50 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:26 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (12/09/2016 03:43:26 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:25 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:24 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:21 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/09/2016 03:43:20 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7DO5G64)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
CodeIntegrity:
===================================
  Date: 2016-12-09 17:07:08.877
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-09 17:07:08.856
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-09 03:50:09.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-08 22:04:19.235
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-08 21:57:26.768
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-08 20:41:54.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-08 20:34:26.318
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-08 20:34:26.295
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-12-08 05:34:24.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-04 22:59:23.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 8189.1 MB
Available physical RAM: 3684 MB
Total Virtual: 9469.1 MB
Available Virtual: 4952.68 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.27 GB) (Free:223.32 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:161.46 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 92DF84AA)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 73736572)
Partition 1: (Not Active) - (Size=866 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.6 GB) - (Type=6C)
Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
Partition 3: (Not Active) - (Size=224 KB) - (Type=00)
 
==================== End of Addition.txt ============================

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted
Hello Heisenberg and welcome to Malwarebytes,

Continue as follows...

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the Scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....


Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin..

Fixlist.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted
Hello Heisenberg and welcome to Malwarebytes,

Continue as follows...

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the Scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....


Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin..

Fixlist.txt

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted

Hi Kevin,

Thank you so much for your help here.

I've run the first 2 steps and here is the scan report:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/10/16
Scan Time: 12:08 AM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.4.1269
Components Version: 1.0.39
Update Package Version: 1.0.680
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-7DO5G64\Jason

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 444382
Time Elapsed: 18 min, 8 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Attached is Fixlog.txt.

Is it best to disconnect from the web when I do this? The NanoCore dialog is still appearing?

Many thanks.

 

Fixlog.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Does this issue only affect a specific browser, or more than one..? Run the following please:

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Let me see those logs, also give an update on any remaining issues or concerns...

Thank you,

Kevin..

 

 

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted (edited)

Yes, it doesn't seem browser related.

Zamana picked up the following which it called a "hollow process":

RegSvcs.exe
Status             : Scanned
Object             : %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe
MD5                : 1176AEC8BE8D3009E3762764607B4D73
Publisher          : Microsoft Windows
Size               : 32768
Version            : 2.0.50727.8670
Detection          : Hollow Process
Cleaning Action    : Repair
Related Objects    :
                Process - 176 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
                File - %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe

 

I forget to mention, I moved the .NET framework v4 regsvcs.exe to the deskptop then moved it back and now it seems to initiate via the .NET framework v2.

Edited by Heisenberg
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Ok lets wait for that log... RegSvcs.exe does seem to be part of the infection, but in your case at this address: C:\Users\Jason\RegSvcs.exe

When the Zemana log is ready post it, also the following:

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

 

 

 

 

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted

Here is the relevant part of  Zamana report (it couldn't remove the virus it seems):

RegSvcs.exe
Status             : Scanned
Object             : %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe
MD5                : 1176AEC8BE8D3009E3762764607B4D73
Publisher          : Microsoft Windows
Size               : 32768
Version            : 2.0.50727.8670
Detection          : Hollow Process
Cleaning Action    : Repair
Related Objects    :
                Process - 176
                File - %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe


Cleaning Result
-------------------------------------------------------
Cleaned               : 0
Reported as safe      : 2
Failed                : 1

Failed Objects
-------------------------------------------------------
RegSvcs.exe
Status             : Scanned
Object             : %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe
MD5                : 1176AEC8BE8D3009E3762764607B4D73
Publisher          : Microsoft Windows
Size               : 32768
Version            : 2.0.50727.8670
Detection          : Hollow Process
Cleaning Action    : Repair
Related Objects    :
                Process - 176
                File - %systemroot%\microsoft.net\framework\v2.0.50727\regsvcs.exe
 

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Does this issue still happen, i`m not so sure Zemana is correct. Yes RegSvcs.exe does seem to be associated with this infection but it appears to run from a user folder. I`ve got another two threads and same issue....

Can you run Virus Total as follows:

Go to http://www.virustotal.com/
 
  • Click the Choose file button
  • Navigate to the file C:\Users\Jason\cfdrp\ezac.exe
  • Click the Scan it tab
  • If you get a message saying File has already been analyzed: click Reanalyze file now
  • Copy and paste the results back here please.


Next,

Run FRST one more time:

Type the following in the edit box after "Search:".

RegSvcs.exe

Click Search Files button and post the log (Search.txt) it makes to your reply.

 

Link to post
Share on other sites
Heisenberg

Heisenberg

Posted
  • Author
Posted

Search results:

Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Jason (10-12-2016 21:05:56)
Running from C:\Users\Jason\Desktop
Boot Mode: Normal

================== Search Files: "RegSvcs.exe" =============

C:\Windows\WinSxS\x86_regsvcs_b03f5f7f11d50a3a_4.0.10586.0_none_f9339427efe4e76f\RegSvcs.exe
[2015-10-30 07:19][2015-10-30 07:19] 0045216 ____N (Microsoft Corporation) 7A9AFA1680BD6880968BB5F14127C5C3 [File is digitally signed]

C:\Windows\WinSxS\x86_regsvcs_b03f5f7f11d50a3a_10.0.10586.0_none_994d1b7114316cde\RegSvcs.exe
[2016-10-20 20:14][2015-10-23 16:47] 0032768 ____A (Microsoft Corporation) 1176AEC8BE8D3009E3762764607B4D73 [File is digitally signed]

C:\Windows\WinSxS\amd64_regsvcs_b03f5f7f11d50a3a_4.0.10586.0_none_b1865d50db68be69\RegSvcs.exe
[2015-10-30 07:19][2015-10-30 07:19] 0044192 ____N (Microsoft Corporation) 32AF682D08E6915187D733CAB239105B [File is digitally signed]

C:\Windows\WinSxS\amd64_regsvcs_b03f5f7f11d50a3a_10.0.10586.0_none_519fe499ffb543d8\RegSvcs.exe
[2016-10-20 20:14][2015-10-09 20:24] 0028672 ____A (Microsoft Corporation) F4BBDABF3DB0C9A089BFBBC62F02A494 [File is digitally signed]

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe
[2016-12-09 17:16][2015-10-30 07:19] 0045216 ____A (Microsoft Corporation) 7A9AFA1680BD6880968BB5F14127C5C3 [File is digitally signed]

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegSvcs.exe
[2016-10-20 20:14][2015-10-09 20:24] 0028672 ____A (Microsoft Corporation) F4BBDABF3DB0C9A089BFBBC62F02A494 [File is digitally signed]

C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
[2016-10-20 20:14][2015-10-23 16:47] 0032768 ____A (Microsoft Corporation) 1176AEC8BE8D3009E3762764607B4D73 [File is digitally signed]

====== End of Search ======

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Post that log. Also let me know if the issue clears..
 

 

Fixlist.txt

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.