Jump to content

Malwarebytes off for 5 days.

Athalwolf
 Share

Recommended Posts

Athalwolf

Athalwolf

Posted
Posted

I went to a roofing site this morning and had a Zeus virus pop-up. I immediately rebooted and there was a Windows(?) pop up that froze everything and suggested I review my security settings. Could not proceed without pressing ACCEPT. I wanted to run Malwarebytes of course and when I went to opened it, it said that it was out of date and had been down for 5 days. I checked the Reports area and sure enough no scans for 5 days. I have it set to scan daily. I'm running Windows 10 Home version 64bit. I'm using the Pro version.

As I write this I have a Newest Windows Features Update that wants to install and states that it will "take some time for the installation" Not sure if this is coincidental and unrelated.

Any thoughts or comments are greatly appreciated.

Thanks.

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello Athalwolf and welcome to Malwarebytes,

I would refuse any updates for now, then continue with the following...

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those two logs in your reply...

Thank you,

Kevin.
Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted

Hi Kevin,

Thanks for your help!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2017
Ran by Athal (administrator) on DESKTOP-2OOT99N (26-04-2017 16:00:13)
Running from C:\Users\Athal\Desktop
Loaded Profiles: Athal (Available Profiles: defaultuser0 & Athal)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [992056 2017-03-30] (Webroot)
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\RunOnce: [Uninstall 17.3.6798.0207\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Athal\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64"
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\RunOnce: [Uninstall 17.3.6798.0207] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Athal\AppData\Local\Microsoft\OneDrive\17.3.6798.0207"
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2017-04-19]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 64.59.144.100 64.59.150.143
Tcpip\..\Interfaces\{30776b27-af35-40db-9c0a-267a510b3072}: [DhcpNameServer] 172.16.32.254
Tcpip\..\Interfaces\{36db700d-0d19-4b04-b9bf-98a8c6bb4bec}: [DhcpNameServer] 64.59.144.100 64.59.150.143

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2017-04-19] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2017-03-30] (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2017-04-19] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2017-03-30] (Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2017-04-19] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2017-04-19] (Webroot)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-03-30] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-03-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.4\npGoogleUpdate3.dll [2017-04-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.4\npGoogleUpdate3.dll [2017-04-26] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.ca/"
CHR Profile: C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default [2017-04-26]
CHR Extension: (YouTube) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2017-04-01]
CHR Extension: (Adblock Plus) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-31]
CHR Extension: (Google News) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2017-04-01]
CHR Extension: (AdBlock) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-15]
CHR Extension: (Google Maps) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-30]
CHR Extension: (Gmail) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-30]
CHR Profile: C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-04-26]
CHR Profile: C:\Users\Athal\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-26]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Youtube - Most Popular) - C:\Users\Athal\AppData\Roaming\Opera Software\Opera Stable\Extensions\oldapoiohefbnmggejjodihigclfhnka [2017-04-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [992056 2017-03-30] (Webroot)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-18] (Advanced Micro Devices)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-04-14] ()
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-05-29] (Intel Corporation)
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-05-29] (Intel Corporation)
S3 iaLPSS2_SPI; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [152360 2015-05-29] (Intel Corporation)
S3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [281896 2015-05-29] (Intel Corporation)
S3 Lycosa; C:\WINDOWS\system32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-31] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-26] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-26] (Malwarebytes)
R3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-07] (Razer, Inc.)
R3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [143248 2017-04-26] (Webroot)
R3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [66328 2017-03-30] (Webroot)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-26 16:00 - 2017-04-26 16:00 - 00014954 _____ C:\Users\Athal\Desktop\FRST.txt
2017-04-26 15:59 - 2017-04-26 16:00 - 00000000 ____D C:\FRST
2017-04-26 15:58 - 2017-04-26 15:58 - 02427392 _____ (Farbar) C:\Users\Athal\Desktop\FRST64.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 20506112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 08321440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 08246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 06761048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-26 08:09 - 2017-04-26 08:09 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-26 08:09 - 2017-04-26 08:09 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-26 08:09 - 2017-04-26 08:09 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-26 08:09 - 2017-04-26 08:09 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-26 08:09 - 2017-04-26 08:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00206232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-26 08:09 - 2017-04-26 08:09 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-26 08:09 - 2017-04-26 08:09 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-26 08:09 - 2017-04-26 08:09 - 00000000 ____D C:\Windows.old
2017-04-26 08:08 - 2017-04-26 08:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-26 08:08 - 2017-04-26 08:08 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-26 08:07 - 2017-04-26 08:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-26 08:07 - 2017-04-26 07:11 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-26 08:06 - 2017-04-26 08:06 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-26 08:06 - 2017-04-26 08:06 - 00000000 ____D C:\Program Files\MSBuild
2017-04-26 08:06 - 2017-04-26 08:06 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-04-26 08:06 - 2017-04-26 08:06 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-26 08:06 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-26 08:06 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-26 08:06 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-26 08:06 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-04-26 08:06 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-26 08:06 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-04-26 07:21 - 2017-04-26 07:21 - 00000000 ___HD C:\OneDriveTemp
2017-04-26 07:21 - 2017-04-26 07:21 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-26 07:20 - 2017-04-26 07:20 - 00000000 ____D C:\ProgramData\USOShared
2017-04-26 07:19 - 2017-04-26 07:19 - 00001270 _____ C:\Users\Athal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk
2017-04-26 07:19 - 2017-04-26 07:19 - 00000020 ___SH C:\Users\Athal\ntuser.ini
2017-04-26 07:19 - 2017-04-26 07:19 - 00000000 _SHDL C:\Users\Default\My Documents
2017-04-26 07:19 - 2017-04-26 07:19 - 00000000 ____D C:\Users\Athal\AppData\Local\DBG
2017-04-26 07:17 - 2017-04-26 07:17 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-04-26 07:17 - 2017-04-26 07:17 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-04-26 07:16 - 2017-04-26 15:52 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-26 07:16 - 2017-04-26 15:52 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 07:16 - 2017-04-26 07:16 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-26 07:16 - 2017-04-26 07:16 - 00003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2017-04-26 07:16 - 2017-04-26 07:16 - 00003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-26 07:16 - 2017-04-26 07:16 - 00003514 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1491346085
2017-04-26 07:16 - 2017-04-26 07:16 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-26 07:16 - 2017-04-26 07:16 - 00003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-26 07:16 - 2017-04-26 07:16 - 00003324 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2DD949C-B506-451C-8AEA-82FC924ECAB7}
2017-04-26 07:16 - 2017-04-26 07:16 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-26 07:16 - 2017-04-26 07:16 - 00002444 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-04-26 07:16 - 2017-04-26 07:16 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-04-26 07:16 - 2017-04-26 07:16 - 00002388 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-04-26 07:16 - 2017-04-26 07:16 - 00002374 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-04-26 07:16 - 2017-04-26 07:16 - 00002370 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-04-26 07:16 - 2017-04-26 07:16 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-04-26 07:16 - 2017-04-26 07:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-26 07:14 - 2017-04-26 07:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-26 07:13 - 2017-04-26 15:53 - 00992770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-26 07:13 - 2017-04-26 07:21 - 00000000 ____D C:\Users\Athal
2017-04-26 07:13 - 2017-04-26 07:15 - 00000000 ____D C:\Users\defaultuser0
2017-04-26 07:13 - 2017-04-26 07:14 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-26 07:13 - 2017-04-26 07:13 - 00939752 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Videos
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Pictures
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Music
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\Athal\My Documents
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\Athal\Documents\My Videos
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\Athal\Documents\My Pictures
2017-04-26 07:13 - 2017-04-26 07:13 - 00000000 _SHDL C:\Users\Athal\Documents\My Music
2017-04-26 07:12 - 2017-04-26 07:13 - 00000000 ____D C:\ProgramData\Razer
2017-04-26 07:12 - 2017-04-26 07:12 - 00000000 ____D C:\ProgramData\Brother
2017-04-26 07:12 - 2017-04-26 07:12 - 00000000 _____ C:\WINDOWS\BRPARAM.INI
2017-04-26 07:11 - 2017-04-26 15:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-26 07:11 - 2017-04-26 07:19 - 00000000 ____D C:\Program Files (x86)\Razer
2017-04-26 07:11 - 2017-04-26 07:15 - 00217000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-26 07:11 - 2017-04-26 07:14 - 00000000 ____D C:\Program Files\AMD
2017-04-26 07:11 - 2017-04-26 07:13 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\WINDOWS\system32\DAX3
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\Program Files\Realtek
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\Program Files\ATI Technologies
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-04-26 07:11 - 2017-04-26 07:11 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-04-26 07:11 - 2017-03-18 13:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-26 06:23 - 2017-04-26 07:19 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-26 06:14 - 2017-04-26 06:14 - 00000000 ____D C:\Users\Athal\AppData\Local\UNP
2017-04-26 05:55 - 2017-04-26 07:14 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-26 05:55 - 2017-04-26 05:56 - 00000000 ____D C:\Program Files\UNP
2017-04-21 06:12 - 2017-04-21 06:12 - 09390672 _____ (Piriform Ltd) C:\Users\Athal\Downloads\ccsetup529.exe
2017-04-20 07:08 - 2017-04-20 08:27 - 00001083 _____ C:\Users\Athal\Desktop\Website Ideas.txt
2017-04-20 07:04 - 2017-04-20 07:41 - 00001505 _____ C:\Users\Athal\Desktop\Pressure Washing.txt
2017-04-19 14:40 - 2017-04-19 14:40 - 00000000 ____D C:\Users\Athal\AppData\LocalLow\webroot
2017-04-19 08:49 - 2017-04-19 08:49 - 00000000 ____D C:\Users\Athal\Documents\Custom Office Templates
2017-04-13 08:17 - 2017-04-13 08:17 - 01201768 _____ (Adobe Systems Incorporated) C:\Users\Athal\Downloads\flashplayer25pp_fa_install.exe
2017-04-11 15:45 - 2017-03-27 22:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-11 15:45 - 2017-03-27 22:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-09 11:11 - 2017-04-09 11:11 - 00000000 ____D C:\Users\Athal\AppData\Local\Microsoft Help
2017-04-08 12:14 - 2014-11-23 06:55 - 00861000 _____ C:\Users\Athal\Desktop\BorderlandsPreSequel.cetrainer
2017-04-08 11:35 - 2017-04-08 11:35 - 00000222 _____ C:\Users\Athal\Desktop\Borderlands The Pre-Sequel.url
2017-04-08 10:00 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2017-04-08 10:00 - 2017-04-08 10:00 - 00000000 ____D C:\Users\Athal\Documents\My Cheat Tables
2017-04-08 10:00 - 2017-04-08 10:00 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2017-04-08 09:57 - 2014-11-23 06:53 - 01260131 _____ C:\Users\Athal\Desktop\Borderlands2.cetrainer
2017-04-07 15:50 - 2017-04-07 15:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-04-05 05:18 - 2017-04-05 05:18 - 00000000 ____D C:\ProgramData\ATI
2017-04-04 20:24 - 2017-04-04 20:24 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2017-04-04 20:24 - 2017-04-04 20:24 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2017-04-04 20:24 - 2017-04-04 20:24 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2017-04-04 20:24 - 2017-04-04 20:24 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2017-04-04 15:48 - 2017-04-04 15:48 - 00001382 _____ C:\Users\Athal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-04 15:48 - 2017-04-04 15:48 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Opera Software
2017-04-04 15:48 - 2017-04-04 15:48 - 00000000 ____D C:\Users\Athal\AppData\Local\Opera Software
2017-04-02 11:35 - 2017-04-02 11:35 - 00000000 ____D C:\Users\Athal\AppData\Roaming\ATI
2017-04-02 11:35 - 2017-04-02 11:35 - 00000000 ____D C:\Users\Athal\AppData\Local\ATI
2017-04-02 10:49 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-04-02 10:49 - 2017-04-02 10:49 - 00000000 ____D C:\Program Files (x86)\Kodi
2017-04-02 10:33 - 2017-04-25 15:45 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Kodi
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-04-02 06:59 - 2017-04-21 07:47 - 00000000 ____D C:\Users\Athal\Documents\Terry's Window Cleaning Ltd
2017-04-01 12:07 - 2017-04-01 12:07 - 00000000 ____D C:\WINDOWS\pss
2017-04-01 06:53 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-03-31 20:02 - 2016-10-07 23:56 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2017-03-31 20:02 - 2016-09-16 17:12 - 00044144 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2017-03-31 19:56 - 2017-04-26 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-03-31 19:28 - 2017-03-31 20:00 - 00000000 ____D C:\Users\Athal\AppData\Local\Razer
2017-03-31 17:01 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-03-31 17:01 - 2017-04-01 20:52 - 00000000 ____D C:\Users\Athal\AppData\Roaming\vlc
2017-03-31 17:01 - 2017-03-31 17:01 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-03-31 16:44 - 2017-04-02 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-03-31 08:15 - 2017-03-31 08:15 - 00000000 ____D C:\Users\Athal\AppData\LocalLow\Adobe
2017-03-31 08:14 - 2017-04-13 06:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-03-31 08:14 - 2017-03-31 08:15 - 00000000 ____D C:\ProgramData\Adobe
2017-03-31 08:14 - 2017-03-31 08:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-31 08:13 - 2017-04-13 08:17 - 00000000 ____D C:\Users\Athal\AppData\Local\Adobe
2017-03-31 06:33 - 2017-03-31 06:32 - 00513192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-31 06:17 - 2017-04-11 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-31 06:17 - 2017-04-11 15:45 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-30 22:13 - 2017-03-03 23:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-30 20:32 - 2017-04-26 07:17 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-30 20:31 - 2017-03-30 20:31 - 00000000 ____D C:\Users\Athal\.oracle_jre_usage
2017-03-30 20:30 - 2017-03-30 21:39 - 00000000 ____D C:\Users\Athal\AppData\Local\Google
2017-03-30 20:30 - 2017-03-30 20:32 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-30 20:23 - 2017-03-30 20:23 - 00000219 _____ C:\Users\Athal\Desktop\Team Fortress 2.url
2017-03-30 19:54 - 2017-03-30 19:54 - 00000221 _____ C:\Users\Athal\Desktop\Borderlands 2.url
2017-03-30 19:24 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-30 19:24 - 2017-04-16 05:15 - 00000000 ____D C:\Program Files\CCleaner
2017-03-30 19:09 - 2017-03-30 19:10 - 00000000 ____D C:\Users\Athal\AppData\Local\Skyrim
2017-03-30 19:09 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-03-30 19:09 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-03-30 19:09 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-03-30 19:09 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-03-30 19:09 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-03-30 19:09 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-03-30 19:09 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-03-30 19:09 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-03-30 19:09 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-03-30 19:09 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-03-30 19:09 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-03-30 19:09 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-03-30 19:09 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-03-30 19:09 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-03-30 19:09 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-03-30 19:09 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-03-30 19:09 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-03-30 19:09 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-03-30 19:09 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-03-30 19:09 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-03-30 19:09 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-03-30 19:09 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-03-30 19:09 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-03-30 19:09 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-03-30 19:09 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-03-30 19:09 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-03-30 19:09 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-03-30 19:09 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-03-30 19:09 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-03-30 19:09 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-03-30 19:09 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-03-30 19:09 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-03-30 19:09 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-03-30 19:09 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-03-30 19:09 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-03-30 19:09 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-03-30 19:09 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-03-30 19:09 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-03-30 19:09 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-03-30 19:09 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-03-30 19:09 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-03-30 19:09 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-03-30 19:09 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-03-30 19:09 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-03-30 19:09 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-03-30 19:09 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-03-30 19:09 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-03-30 19:09 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-03-30 19:09 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-03-30 19:09 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-03-30 19:09 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-03-30 19:09 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-03-30 19:09 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-03-30 19:09 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-03-30 19:09 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-03-30 19:09 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-03-30 19:09 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-03-30 19:09 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-03-30 19:09 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-03-30 19:09 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-03-30 19:09 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-03-30 19:09 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-03-30 19:09 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-03-30 19:09 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-03-30 19:09 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-03-30 19:09 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-03-30 19:09 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-03-30 19:09 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-03-30 19:09 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-03-30 19:09 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-03-30 19:09 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-03-30 19:09 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-03-30 19:09 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-03-30 19:09 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-03-30 19:09 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-03-30 19:09 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-03-30 19:09 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-03-30 19:09 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-03-30 19:09 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-03-30 19:09 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-03-30 19:09 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-03-30 19:09 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-03-30 19:09 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-03-30 19:09 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-03-30 19:09 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-03-30 19:09 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-03-30 19:09 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-03-30 19:09 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-03-30 19:09 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-03-30 19:09 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-03-30 19:09 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-03-30 19:09 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-03-30 19:09 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-03-30 19:09 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-03-30 19:09 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-03-30 19:09 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-03-30 19:09 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-03-30 19:09 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-03-30 19:09 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-03-30 19:09 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-03-30 19:09 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-03-30 19:09 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-03-30 19:09 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-03-30 19:09 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-03-30 19:09 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-03-30 19:09 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-03-30 19:09 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-03-30 19:08 - 2017-04-08 11:55 - 00000000 ____D C:\Users\Athal\Documents\My Games
2017-03-30 18:48 - 2017-03-30 18:48 - 00000221 _____ C:\Users\Athal\Desktop\The Elder Scrolls V Skyrim.url
2017-03-30 18:43 - 2017-04-01 14:31 - 00000000 ____D C:\Users\Athal\AppData\Local\Steam
2017-03-30 18:43 - 2017-03-30 18:43 - 00000000 ____D C:\Users\Athal\AppData\Local\CEF
2017-03-30 18:42 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-03-30 18:42 - 2017-04-26 06:27 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-30 18:38 - 2017-03-30 18:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-30 18:37 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-03-30 18:37 - 2017-04-18 13:32 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-30 18:30 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2017-03-30 18:30 - 2017-03-30 18:30 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2017-03-30 18:04 - 2017-03-30 18:04 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Macromedia
2017-03-30 17:40 - 2017-04-26 07:22 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-30 17:40 - 2017-04-26 07:15 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-30 17:40 - 2017-04-26 07:15 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-30 17:40 - 2017-04-26 07:15 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-30 17:40 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-30 17:40 - 2017-04-14 13:14 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-30 17:40 - 2017-03-31 14:04 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-30 17:40 - 2017-03-30 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-30 17:40 - 2017-03-30 17:40 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-30 17:34 - 2017-04-26 07:16 - 00000000 ____D C:\ProgramData\WRData
2017-03-30 17:34 - 2017-04-26 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2017-03-30 17:34 - 2017-04-26 06:51 - 00143248 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2017-03-30 17:34 - 2017-04-19 14:40 - 00000000 ____D C:\Users\Athal\AppData\Local\lptmp
2017-03-30 17:34 - 2017-03-30 17:34 - 00193072 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll
2017-03-30 17:34 - 2017-03-30 17:34 - 00126696 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll
2017-03-30 17:34 - 2017-03-30 17:34 - 00066328 ____T (Webroot) C:\WINDOWS\system32\Drivers\wrUrlFlt.sys
2017-03-30 17:34 - 2017-03-30 17:34 - 00000000 ____D C:\Users\Athal\AppData\LocalLow\LastPass
2017-03-30 17:34 - 2017-03-30 17:34 - 00000000 ____D C:\Program Files\Webroot
2017-03-30 17:34 - 2017-03-30 17:34 - 00000000 ____D C:\Program Files\Common Files\Webroot
2017-03-30 17:21 - 2017-03-30 17:24 - 00000000 ____D C:\Users\Athal\AppData\Local\MicrosoftEdge
2017-03-30 17:20 - 2017-03-30 17:20 - 00000000 ____D C:\Users\Athal\AppData\Local\Razer_Inc
2017-03-30 17:19 - 2017-03-31 08:39 - 00000000 ____D C:\Users\Athal\.Plays.tv
2017-03-30 17:19 - 2017-03-30 17:19 - 00000000 ____D C:\Users\Athal\AppData\Roaming\library_dir
2017-03-30 17:19 - 2017-03-30 17:19 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Intel Corporation
2017-03-30 17:19 - 2017-03-30 17:19 - 00000000 ____D C:\Users\Athal\.QtWebEngineProcess
2017-03-30 17:18 - 2017-04-26 07:21 - 00002381 _____ C:\Users\Athal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-30 17:18 - 2017-04-26 07:21 - 00000000 ___RD C:\Users\Athal\OneDrive
2017-03-30 17:18 - 2017-04-02 11:33 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Raptr
2017-03-30 17:18 - 2017-04-01 16:52 - 00000000 ____D C:\Users\Athal\AppData\Roaming\PlaysTV
2017-03-30 17:18 - 2017-03-30 17:18 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Skype
2017-03-30 17:17 - 2017-04-26 07:35 - 00000000 ____D C:\Users\Athal\AppData\Local\Packages
2017-03-30 17:17 - 2017-04-26 07:20 - 00000000 ____D C:\Users\Athal\AppData\Local\ConnectedDevicesPlatform
2017-03-30 17:17 - 2017-03-31 08:15 - 00000000 ____D C:\Users\Athal\AppData\Roaming\Adobe
2017-03-30 17:17 - 2017-03-30 17:17 - 00001051 _____ C:\Users\Athal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-03-30 17:17 - 2017-03-30 17:17 - 00000000 ____D C:\Users\Athal\AppData\Local\VirtualStore
2017-03-30 17:17 - 2017-03-30 17:17 - 00000000 ____D C:\Users\Athal\AppData\Local\TileDataLayer
2017-03-30 17:17 - 2017-03-30 17:17 - 00000000 ____D C:\Users\Athal\AppData\Local\Publishers
2017-03-30 17:17 - 2017-03-30 17:17 - 00000000 ____D C:\Users\Athal\AppData\Local\Comms
2017-03-30 17:15 - 2017-04-26 07:13 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-03-30 17:15 - 2017-03-30 17:15 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2017-03-30 17:15 - 2017-03-30 17:15 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2017-03-30 17:15 - 2017-03-30 17:15 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2017-03-28 17:19 - 2017-03-28 17:19 - 536870912 ___SH C:\WinPEpge.sys
2017-03-28 16:58 - 2017-03-28 16:58 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL3A65.tmp
2017-03-28 16:58 - 2017-03-28 16:58 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL244D.tmp
2017-03-28 16:57 - 2017-03-28 16:57 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL3A2C.tmp
2017-03-28 16:57 - 2017-03-28 16:57 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL2404.tmp
2017-03-28 16:56 - 2017-03-28 16:56 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL6D95.tmp
2017-03-28 16:56 - 2017-03-28 16:56 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL575D.tmp
2017-03-28 16:55 - 2017-03-28 16:58 - 00000022 _____ C:\WINDOWS\GPU-Z.INI
2017-03-28 16:55 - 2017-03-28 16:55 - 00000000 _____ C:\WINDOWS\SysWOW64\OCLFB53.tmp
2017-03-28 16:55 - 2017-03-28 16:55 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL1274.tmp
2017-03-28 16:49 - 2017-04-02 11:33 - 00000000 ____D C:\Program Files (x86)\AMD
2017-03-28 16:49 - 2017-03-28 16:49 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2017-03-28 16:48 - 2017-04-26 07:11 - 00000000 ____D C:\AMD
2017-03-28 16:30 - 2017-03-28 16:30 - 00000000 ____D C:\Program Files (x86)\Intel
2017-03-28 16:30 - 2017-01-11 12:38 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-03-28 16:30 - 2017-01-11 12:38 - 02190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-03-28 16:29 - 2017-04-26 07:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-03-28 16:29 - 2017-04-26 07:13 - 00000000 ____D C:\Program Files\Intel
2017-03-28 16:29 - 2017-03-28 16:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-28 16:29 - 2017-03-28 16:29 - 00000000 ____D C:\ProgramData\Intel
2017-03-28 16:29 - 2017-03-28 16:29 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-03-28 16:29 - 2017-01-11 12:38 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-03-28 16:29 - 2017-01-11 12:38 - 14057248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 13122576 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 12988344 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 10536160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-03-28 16:29 - 2017-01-11 12:38 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 06244200 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 05922376 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-03-28 16:29 - 2017-01-11 12:38 - 05593608 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-03-28 16:29 - 2017-01-11 12:38 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 03410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 03122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-03-28 16:29 - 2017-01-11 12:38 - 02830480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 02291304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01920870 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2017-03-28 16:29 - 2017-01-11 12:38 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01422920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01334376 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01213656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01186840 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01166152 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 01003512 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00999848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00962128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00931616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00923736 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00866096 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00854208 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00726112 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00588032 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00514872 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00426568 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-03-28 16:29 - 2017-01-11 12:38 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01615656 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01516896 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01363096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00785608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00514520 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00500552 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00428224 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2017-03-28 16:29 - 2017-01-11 12:37 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-03-28 16:29 - 2016-09-22 15:55 - 02839520 ____H (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-26 08:10 - 2017-03-18 14:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-26 08:09 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-26 08:09 - 2017-03-18 13:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-26 08:09 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-26 08:08 - 2017-03-18 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-04-26 08:08 - 2017-03-18 19:29 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\IME
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Help
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-26 08:08 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-26 08:08 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\servicing
2017-04-26 07:40 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-26 07:26 - 2017-03-18 14:01 - 00000000 ____D C:\WINDOWS\INF
2017-04-26 07:20 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-26 07:19 - 2017-03-18 14:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-26 07:19 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\rescache
2017-04-26 07:19 - 2016-08-30 16:27 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-26 07:18 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-26 07:17 - 2017-03-18 14:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-26 07:17 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Registration
2017-04-26 07:17 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-26 07:17 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-26 07:16 - 2017-03-18 19:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-04-26 07:16 - 2017-03-18 14:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-26 07:14 - 2017-03-18 04:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-26 07:13 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-26 07:13 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-26 07:13 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-26 07:13 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-26 07:13 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-26 07:00 - 2017-03-18 20:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-03-28 16:30 - 2016-08-30 16:30 - 00000000 ___HD C:\Program Files (x86)\Temp

==================== Files in the root of some directories =======

2017-03-30 17:34 - 2017-04-19 14:40 - 18102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
2017-04-26 07:11 - 2017-04-26 07:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-26 07:11

 

 

 

 

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2017
Ran by Athal (26-04-2017 16:00:33)
Running from C:\Users\Athal\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-26 14:19:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3825710741-2241798292-1104576089-500 - Administrator - Disabled)
Athal (S-1-5-21-3825710741-2241798292-1104576089-1002 - Administrator - Enabled) => C:\Users\Athal
DefaultAccount (S-1-5-21-3825710741-2241798292-1104576089-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3825710741-2241798292-1104576089-1001 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3825710741-2241798292-1104576089-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version:  - 2K Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Kodi (HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\Kodi) (Version:  - XBMC-Foundation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Opera Stable 44.0.2510.857 (HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\Opera 44.0.2510.857) (Version: 44.0.2510.857 - Opera Software)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.21.0-r121815-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.8-r120085-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.15.40 - Webroot)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B6C8227-D690-4747-9EBD-8CC363AA8FC7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4EDEE74F-0479-4D49-90CE-25F5AF0489EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-30] (Google Inc.)
Task: {50C07DEF-F156-4FEF-9673-7C383CA3F020} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {5E18DB79-7FCE-4BD7-980F-3BE053FB0B7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {7426FAAF-B07F-443B-AE98-1F8104F8FD52} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {74F01FF5-AF6D-4A11-BB0B-7CE951C619DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-30] (Google Inc.)
Task: {76B7D46A-9CAE-4539-9B6C-247273073E36} - System32\Tasks\Opera scheduled Autoupdate 1491346085 => C:\Users\Athal\AppData\Local\Programs\Opera\launcher.exe [2017-03-21] (Opera Software)
Task: {80FA5A55-83F9-414B-A45D-9ABFCFAE0DCD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-13] (Adobe Systems Incorporated)
Task: {93D1B4B3-1641-449C-950A-5E03365C073A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {96083D85-C058-4041-880D-ABADF0C4E33C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CE3E333C-F12D-42BA-9082-AAB9362824B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {D345ADE8-C118-4C53-B3A9-DACBBD9C9949} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {D82A45D7-8822-4359-BF44-D9DBBC5AC2C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EF10ADE8-3943-4B2E-99A3-F1844B5F872B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F486A3A5-621D-4ED8-8503-83FB565C3160} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-03-30 17:40 - 2017-04-14 13:14 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-30 17:40 - 2017-04-14 13:14 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-24 15:20 - 2016-09-24 15:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-03-30 18:37 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-18 13:58 - 2017-03-18 13:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-30 18:39 - 2017-03-30 18:39 - 08909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-03-18 13:59 - 2017-03-18 19:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-05 05:22 - 2017-04-05 05:22 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-04-05 05:22 - 2017-04-05 05:22 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-04-05 05:22 - 2017-04-05 05:22 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-03-30 20:32 - 2017-03-29 01:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 20:32 - 2017-03-29 01:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-03-30 11:38 - 2017-03-30 11:38 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-03-30 11:38 - 2017-03-30 11:38 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-03-30 11:38 - 2017-03-30 11:38 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-03-30 11:38 - 2017-03-30 11:38 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-03-30 18:37 - 2017-03-30 18:39 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 04:47 - 2016-07-16 04:45 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\Control Panel\Desktop\\Wallpaper -> D:\Pictures\v3Fsnby.jpg
DNS Servers: 64.59.144.100 - 64.59.150.143
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{E85BF92E-6B9A-4D7B-8CA2-C36F040E5512}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{28D80596-2FEE-4082-9191-FF25CB67493B}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{D1241EBB-7F3A-4560-88BF-D25D3FFF3FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{AA8490D4-B872-4DDA-9265-A79DA3A724D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{DE8C2CD1-FD83-41A8-8A16-EE974BF31C1F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{67E46AC8-4BB3-43E6-A87D-1ED9441A5040}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1162C83E-6460-4335-A210-912321883B43}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0FB7B97A-3837-47F0-8BFF-4864ACFEE037}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{170DDE9A-FB42-4847-9B91-5035D1F20B1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{127375BA-F297-48B3-BC0F-951259BC97C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{28F012DA-2BC2-41AD-A61D-AC30F919B02E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AB833968-96A6-456A-AF7D-D43A84F81F54}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [UDP Query User{52D43DBB-7BE8-4199-AF37-E0C6E3FB0A55}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{449F4C08-1C52-42A7-85CD-9CE97BD97C77}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{4F0A9AE4-04C2-4DA0-97BC-873722DAA1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7C2D23A5-0C77-42C0-9ADB-E4D3AA2047DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{594BFB71-ECF1-4389-84B5-26599E9C43BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{476507D6-C871-4B0E-BEBA-45C0E6FA6CA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{36598885-AF02-41D2-9B63-C386EF116119}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{13898AB9-2467-4228-9B9F-ED2EB508C927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{25FDBB7D-0CFA-45FA-BD06-C66B9B4002D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{895AA887-612C-4BBF-BFEF-18B20D0FCD8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E855156B-8EF0-4BC0-95AF-82A0816E5626}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C8C1D3BD-F81B-4F5B-9B98-83D68A00AE4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC5E4F8A-B225-494A-A35B-29909AD05D81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2017 03:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.0, time stamp: 0x58ccbae4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x28a8
Faulting application start time: 0x01d2bee001f1c5cf
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report ID: e2f0d836-bee6-4126-9e6a-2720d3a7c0f3
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess

Error: (04/26/2017 03:54:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.0, time stamp: 0x58ccbae4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x28a8
Faulting application start time: 0x01d2bee001f1c5cf
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report ID: 78477ba5-84df-4896-b3c0-4c6fc233d2b8
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess

Error: (04/26/2017 07:21:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2OOT99N)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/26/2017 07:21:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2OOT99N)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/26/2017 07:19:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.0, time stamp: 0x58ccbae4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x1010
Faulting application start time: 0x01d2be982c5659ad
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report ID: 206384bf-2975-4409-b5c7-5f30066b5665
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess

Error: (04/26/2017 07:19:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.0, time stamp: 0x58ccbae4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x1010
Faulting application start time: 0x01d2be982c5659ad
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report ID: 55fe91b7-5e31-437d-b215-e45225dcca45
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess

Error: (04/26/2017 07:16:10 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

Error: (04/26/2017 07:15:29 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

Error: (04/26/2017 07:15:29 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

Error: (04/26/2017 07:15:29 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A


System errors:
=============
Error: (04/26/2017 07:35:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/26/2017 07:35:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/26/2017 07:35:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/26/2017 07:35:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/26/2017 07:21:06 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-2OOT99N)
Description: Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca as Unavailable/Unavailable. The error:
"31"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (04/26/2017 07:18:17 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (04/26/2017 07:17:04 AM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.

Error: (04/26/2017 07:15:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error: 
The request is not supported.

Error: (04/26/2017 07:11:50 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/26/2017 07:11:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The iphlpsvc service terminated with the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


CodeIntegrity:
===================================
  Date: 2017-04-26 15:54:43.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-26 15:54:06.216
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-26 07:20:02.501
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-26 07:19:58.119
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-26 07:19:53.559
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-26 07:19:53.128
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 9%
Total physical RAM: 32698.52 MB
Available physical RAM: 29534.57 MB
Total Virtual: 37818.52 MB
Available Virtual: 34327.87 MB

==================== Drives ================================

Drive c: (Local Disk SSD) (Fixed) (Total:476.39 GB) (Free:372.17 GB) NTFS
Drive d: (Local Disk HDD) (Fixed) (Total:931.51 GB) (Free:926.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 65DE7C71)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted (edited)
Thanks for those logs, continue with the following:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Xplode onto your Desktop.

Or from this Mirror
 
  • Double click on Adwcleaner.exe to run the tool
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Please download Junkware Removal Tool to your desktop.
 
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Next,

Totally Remove Malwarebytes from your system:

Download the latest version of Malwarebytes cleanup tool from here: https://downloads.malwarebytes.com/file/mb_clean and save to your Desktop..

If applicable, backup your Malwarebytes license key information and deactivate the product.

Close all open applications and deactivate Malwarebytes <---- Very important, do not miss that step

To deactivate Malwarebytes:

Right click on tray icon, from the opened list select "Quit Malwarebytes" an UAC alert will open, select "Yes" to deactivate Malwarebytes...
 
  • Double-click mb-clean.exe to run it
  • A prompt to confirm the cleanup will appear, select Yes or No
  • Yes - will proceed with the cleanup process <---- Select this option to start the tool
  • No - will exit the utility
  • The Utility will launch a Command Prompt window which will disappear once the the cleanup process completes.
  • Once completed, a log file ("mb-cleanresult.txt") will be on your desktop and you'll be prompted to reboot
  • We recommend an immediate reboot <--- Do Not miss out this step
  • Suppressing the reboot may result in an incomplete cleanup
  • Upon reboot Malwarebytes will be totally removed from your system


To re-install Malwarebytes:

Download Malwarebytes version 3 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/
 
  • Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....
  • When the install completes and is updated do the following:
  • Open Malwarebytes, select > "settings" > "protection tab"
  • Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....
  • Go back to "DashBoard" select the Blue "Scan Now" tab......


When the scan completes deal with any found entries... Then select "Export Summary" then "Text File (*.txt)" name that log and save , you can copy or attach that to your reply...

If you have lost the activation licence key information it can be located here: http://www.cleverbridge.com/342/?scope=cusecolp

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply, also give an update on any remaining issues or concerns....

Thank you,

Kevin...

fixlist.txt

Edited by kevinf80
Missed off fixlist.txt...
Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted

Thanks Kevin.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-04-2017
Ran by Athal (27-04-2017 13:05:51) Run:1
Running from C:\Users\Athal\Desktop
Loaded Profiles: Athal (Available Profiles: defaultuser0 & Athal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\RunOnce: [Uninstall 17.3.6798.0207\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Athal\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64"
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\...\RunOnce: [Uninstall 17.3.6798.0207] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Athal\AppData\Local\Microsoft\OneDrive\17.3.6798.0207"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION 
Tcpip\..\Interfaces\{30776b27-af35-40db-9c0a-267a510b3072}: [DhcpNameServer] 172.16.32.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Extension: (Chrome Media Router) - C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-30]
2017-03-28 16:58 - 2017-03-28 16:58 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL3A65.tmp
2017-03-28 16:58 - 2017-03-28 16:58 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL244D.tmp
2017-03-28 16:57 - 2017-03-28 16:57 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL3A2C.tmp
2017-03-28 16:57 - 2017-03-28 16:57 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL2404.tmp
2017-03-28 16:56 - 2017-03-28 16:56 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL6D95.tmp
2017-03-28 16:56 - 2017-03-28 16:56 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL575D.tmp
2017-03-28 16:55 - 2017-03-28 16:55 - 00000000 _____ C:\WINDOWS\SysWOW64\OCLFB53.tmp
2017-03-28 16:55 - 2017-03-28 16:55 - 00000000 _____ C:\WINDOWS\SysWOW64\OCL1274.tmp
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
end

*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6798.0207\amd64 => value not found.
HKU\S-1-5-21-3825710741-2241798292-1104576089-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 17.3.6798.0207 => value not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{30776b27-af35-40db-9c0a-267a510b3072}\\DhcpNameServer => value removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
C:\Users\Athal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
C:\WINDOWS\SysWOW64\OCL3A65.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL244D.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL3A2C.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL2404.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL6D95.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL575D.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCLFB53.tmp => moved successfully
C:\WINDOWS\SysWOW64\OCL1274.tmp => moved successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12640950 B
Java, Flash, Steam htmlcache => 49606284 B
Windows/system/drivers => 1167285 B
Edge => 2855387 B
Chrome => 108126224 B
Firefox => 0 B
Opera => 1275616 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4102 B
NetworkService => 0 B
defaultuser0 => 0 B
Athal => 6146316 B

RecycleBin => 127765 B
EmptyTemp: => 179.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-04-2017 13:06:52)

C:\Windows\System32\Drivers\etc\hosts => Is moved successfully
Hosts restored successfully.

==== End of Fixlog 13:06:52 ====

Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted
13 hours ago, kevinf80 said:

Where * is the number relative to list of scans completed...

I didn't understand the above statement.

 

# AdwCleaner v6.046 - Logfile created 27/04/2017 at 13:13:12
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-04-25.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Athal - DESKTOP-2OOT99N
# Running from : C:\Users\Athal\Desktop\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [757 Bytes] - [27/04/2017 13:13:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [1148 Bytes] - [27/04/2017 13:12:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [902 Bytes] ##########
 

 

Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Athal (Administrator) on 2017-04-27 at 13:19:06.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2017-04-27 at 13:19:45.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted (edited)

Where * is the number relative to list of scans completed... In your case AdwCleaner[C0].txt is the scan clean number, first one is Zero (0) If you ran say 6 scans and 6 cleans previously, the log I would want to see would be C:\AdwCleaner\AdwCleaner[C7].txt - [757 Bytes] - [27/04/2017 13:13:12]

What do you mean by this:

Quote

Uh crap. I read the above and uninstalled Malwarebytes. 

I wanted a clean install of Malwarebytes, that is to use the purpose made removal tool, then install a fresh version...

Edited by kevinf80
Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted

OK back on track.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/27/17
Scan Time: 3:33 PM
Logfile: Text File.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.103
Update Package Version: 1.0.1822
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-2OOT99N\Athal

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 382127
Time Elapsed: 0 min, 51 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

Link to post
Share on other sites
Athalwolf

Athalwolf

Posted
  • Author
Posted

Microsoft Windows Malicious Software Removal Tool v5.47, April 2017 (build 5.47.13703.0)
Started On Thu Apr 27 15:37:56 2017

Engine: 1.1.13601.0
Signatures: 1.239.313.0
Run Mode: Interactive Graphical Mode
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 27 15:38:40 2017


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.47, April 2017 (build 5.47.13703.0)
Started On Thu Apr 27 15:38:49 2017

Engine: 1.1.13601.0
Signatures: 1.239.313.0
Run Mode: Interactive Graphical Mode
 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Thanks for the update, unless there is something wrong run the following to clean up:

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites
  • 4 weeks later...
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.