Jump to content

Steam.exe detected as Backdoor.Agent.E


Azeunkn0wn

Recommended Posts

*you may skip this paragraph 
I have clean installed Windows 10 1607 TWO WEEKS ago because my old system cannot update to anniversary update and system files are all messed up.
Of Course, The first software I installed was malwarebytes Anti-Malware. but due to a problem (I cannot activate my license key because I haven't (and cannot) deactivate my license on my past System), my Malwarebytes is not active, and I probably forgot to turn on free trial because I was waiting for support team's reply about my license. 
*
anyway, I scanned my computer with a free trial malwarebytes and it found that steam.exe (Valve corporation) is a backdoor.agent.E
I would clean install my windows 10 AGAIN if I am really infected but first, I need to know what caused it or it may be a false detection. 

note: I have deleted the whole steam folder and installed the steam from the official web page. 

 

This is my Scan report: 

Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/8/2016
Scan Time: 11:09 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.09.08.06
Rootkit Database: v2016.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: *
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337940
Time Elapsed: 8 min, 14 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Backdoor.Agent.E, C:\Program Files (x86)\Steam\Steam.exe, 9696, , [d7df7cf31981999d9dc7267f51b3619f]
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 1
Backdoor.Agent.E, HKU\S-1-5-21-573256979-2979429187-2047617625-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Steam, "C:\Program Files (x86)\Steam\steam.exe" -silent, , [d7df7cf31981999d9dc7267f51b3619f]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
Backdoor.Agent.E, C:\Program Files (x86)\Steam\Steam.exe, , [d7df7cf31981999d9dc7267f51b3619f], 
Physical Sectors: 0
(No malicious items detected)
(end)

 

 

 

FRST.txt
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by AzE (administrator) on AZE-PC (09-09-2016 00:50:17)
Running from U:\Users\AzE\Downloads
Loaded Profiles: AzE &  (Available Profiles: defaultuser0 & AzE)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() D:\Program Files\FDM\winwfpmonitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.19\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() D:\Program Files\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) D:\Program Files\AI Suite III\AISuite3.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) D:\Program Files\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SoftPerfect) C:\Program Files\NetWorx\networx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
(FreeDownloadManager.org) D:\Program Files\FDM\fdm.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe.old
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() D:\Program Files\FDM\browsernativehost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [7678280 2016-05-20] (SoftPerfect)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-30] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [G.SKILL RIPJAWS KM780 RGB] => C:\Program Files (x86)\G.SKILL\G.SKILL RIPJAWS KM780 RGB\App.exe [366592 2016-08-03] (G.Skill Corporation)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [86904 2016-08-26] ()
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\Run: [Free Download Manager] => D:\Program Files\FDM\fdm.exe [9647104 2016-08-23] (FreeDownloadManager.org)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\Run: [BitTorrent] => C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe [1516632 2016-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-24] (Valve Corporation)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [86904 2016-08-26] ()
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Free Download Manager] => D:\Program Files\FDM\fdm.exe [9647104 2016-08-23] (FreeDownloadManager.org)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe [1516632 2016-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ManyCam] => D:\Program Files (x86)\ManyCam\ManyCam.exe [10243920 2016-08-29] (Visicom Media Inc.)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-24] (Valve Corporation)
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-08-29] ()
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-20] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-20] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-20] (Hermann Schinagl)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72bfc1fd-b0e4-497c-82c2-c11188d6145b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-08-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-29] (Oracle Corporation)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-08-29] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-29] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-29] ()
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-26] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-26] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-29]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2016-08-29]
CHR Extension: (Google Docs) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-29]
CHR Extension: (Google Drive) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-29]
CHR Extension: (YouTube) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-29]
CHR Extension: (uBlock Origin) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-08-29]
CHR Extension: (Tampermonkey) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-08-29]
CHR Extension: (Dark Reader) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2016-08-29]
CHR Extension: (Full Page Screen Capture) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-01]
CHR Extension: (Google Sheets) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-29]
CHR Extension: (Google Docs Offline) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-29]
CHR Extension: (Page Ruler) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2016-08-29]
CHR Extension: (Super Auto Refresh) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhjakkgopekjlempoplnjclgedabddk [2016-08-29]
CHR Extension: (Google Play) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-08-29]
CHR Extension: (GosuGamers Chrome Extension) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpjniojlbdhldmiaefpmekpihnlgilj [2016-08-29]
CHR Extension: (Incredible StartPage - Productive Start Page) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh [2016-08-29]
CHR Extension: (YSlow) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh [2016-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-29]
CHR Extension: (Personal Blocklist (by Google)) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef [2016-08-29]
CHR Extension: (Enhanced Steam) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-08-29]
CHR Extension: (BackStop) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidcjgldchekcoolelhbjfbnccjkckfj [2016-08-29]
CHR Extension: (Gmail) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-29]
CHR Extension: (Chrome Media Router) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR Profile: C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-30]
CHR Extension: (Google Drive) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-30]
CHR Extension: (YouTube) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-30]
CHR Extension: (Google Docs Offline) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-30]
CHR Extension: (Gmail) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR Profile: C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-31]
CHR Extension: (Google Docs) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-31]
CHR Extension: (Google Drive) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-31]
CHR Extension: (YouTube) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-31]
CHR Extension: (Google Sheets) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-31]
CHR Extension: (Google Docs Offline) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-31]
CHR Extension: (Gmail) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-31]
CHR Extension: (Chrome Media Router) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Profile: C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-02]
CHR Extension: (Google Docs) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-02]
CHR Extension: (Google Drive) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-02]
CHR Extension: (YouTube) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-02]
CHR Extension: (uBlock Origin) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-09-02]
CHR Extension: (Tampermonkey) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-02]
CHR Extension: (Google Sheets) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-02]
CHR Extension: (Google Docs Offline) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-05]
CHR Extension: (Dark Grey With Purple Highlight Chrome Theme) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hccdeigoekciplehkglnadhnfgfkoahd [2016-09-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-02]
CHR Extension: (Gmail) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\AzE\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-09-09] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.19\AsusFanControlService.exe [396088 2015-04-20] (ASUSTeK Computer Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
S3 hns; C:\Windows\System32\HostNetSvc.dll [537088 2016-08-06] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-30] (Logitech Inc.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
S3 Origin Client Service; D:\Game Files\Origin\OriginClientService.exe [2122248 2016-08-30] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-08-29] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-08-31] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R3 vmcompute; C:\Windows\system32\vmcompute.exe [1904640 2016-08-20] (Microsoft Corporation)
R2 vmms; C:\Windows\system32\vmms.exe [14414848 2016-08-20] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-09-03] (Sony Mobile Communications)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2016-08-30] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2016-08-30] (Logitech Inc.)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [22528 2016-08-29] (Microsoft Corporation)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 MbswMailbox; D:\Program Files\AI Suite III\690b33e1-0462-4e84-9bea-c7552b45432a.sys [17208 2016-09-03] ()
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys [14216760 2016-08-28] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [24576 2016-08-29] (Microsoft Corporation)
S3 pcip; C:\Windows\System32\drivers\pcip.sys [46592 2016-08-29] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [50176 2016-08-29] (Microsoft Corporation)
S3 ramparser; C:\Windows\System32\drivers\ramparser.sys [30720 2016-08-29] (Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-10-15] (Realtek                                            )
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [103424 2016-08-29] (Microsoft Corporation)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [26624 2016-08-29] (Microsoft Corporation)
R2 VMSP; C:\Windows\System32\drivers\vmswitch.sys [1617408 2016-08-20] (Microsoft Corporation)
R0 vmsproxy; C:\Windows\System32\drivers\vmsproxy.sys [33632 2016-09-03] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\System32\drivers\vmswitch.sys [1617408 2016-08-20] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\System32\drivers\vmswitch.sys [1617408 2016-08-20] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [207360 2016-08-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-09 00:50 - 2016-09-09 00:50 - 00000000 ____D C:\FRST
2016-09-08 23:24 - 2016-09-08 23:26 - 00559788 _____ C:\TDSSKiller.3.1.0.11_08.09.2016_23.24.38_log.txt
2016-09-08 22:51 - 2016-09-08 22:51 - 00000000 ____D C:\Users\AzE\AppData\Local\Logitech
2016-09-08 22:51 - 2016-09-08 22:51 - 00000000 ____D C:\ProgramData\LogiShrd
2016-09-08 22:50 - 2016-09-08 22:50 - 00003806 _____ C:\Windows\System32\Tasks\Overwolf Updater Task
2016-09-08 22:50 - 2016-09-08 22:50 - 00001150 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-09-08 22:50 - 2016-09-08 22:50 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-09-08 22:49 - 2016-09-08 22:51 - 00000000 ____D C:\ProgramData\Overwolf
2016-09-08 22:49 - 2016-09-08 22:50 - 00000002 _____ C:\END
2016-09-08 22:49 - 2016-09-08 22:50 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-08 22:47 - 2016-09-08 23:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-08 22:46 - 2016-09-08 22:56 - 00000000 ____D C:\Users\AzE\AppData\Local\Overwolf
2016-09-08 22:46 - 2016-09-08 22:46 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-09-08 22:46 - 2016-09-08 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-09-08 22:45 - 2016-09-08 22:46 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-09-08 22:45 - 2016-09-08 22:45 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Logitech
2016-09-08 22:45 - 2016-09-08 22:45 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Logishrd
2016-09-07 21:24 - 2016-09-07 21:24 - 00000000 ____D C:\Users\AzE\AppData\Roaming\.mono
2016-09-07 21:18 - 2016-09-07 21:18 - 00003634 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-09-07 21:10 - 2016-09-07 21:10 - 00000000 ____D C:\Users\AzE\AppData\LocalLow\Bossa Studios
2016-09-07 21:07 - 2016-09-09 00:37 - 00000000 ____D C:\Users\AzE\AppData\Local\ManyCam
2016-09-07 21:05 - 2016-09-07 21:05 - 00000751 _____ C:\Users\Public\Desktop\ManyCam.lnk
2016-09-07 21:05 - 2016-09-07 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-09-07 21:04 - 2016-09-07 21:04 - 00000000 ____D C:\Users\AzE\AppData\Roaming\ManyCam
2016-09-07 21:04 - 2016-09-07 21:04 - 00000000 ____D C:\ProgramData\ManyCam
2016-09-07 14:25 - 2016-09-07 14:26 - 00000000 ____D C:\wamp64
2016-09-06 08:28 - 2016-09-06 08:28 - 00000000 ____D C:\Windows\LastGood
2016-09-05 14:53 - 2016-09-05 14:53 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-09-05 14:27 - 2016-09-05 14:27 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-09-04 00:58 - 2016-09-04 00:58 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-09-03 23:29 - 2016-09-03 23:29 - 00675776 _____ C:\Windows\unins001.dat
2016-09-03 23:29 - 2016-09-03 23:29 - 00001296 _____ C:\Users\Public\Desktop\G.SKILL RIPJAWS KM780 RGB Keyboard.lnk
2016-09-03 23:29 - 2016-09-03 23:29 - 00000000 ____D C:\Users\AzE\AppData\Roaming\G_SKILL
2016-09-03 23:29 - 2016-09-03 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G.SKILL
2016-09-03 23:29 - 2016-09-03 23:29 - 00000000 ____D C:\Program Files (x86)\G.SKILL
2016-09-03 23:29 - 2016-09-03 23:07 - 01229015 _____ C:\Windows\unins001.exe
2016-09-03 18:39 - 2016-09-04 00:59 - 00000000 ____D C:\Users\AzE\AppData\Roaming\NVIDIA
2016-09-03 18:35 - 2016-09-03 18:35 - 00000000 ____D C:\Users\AzE\AppData\Roaming\java
2016-09-03 18:24 - 2016-09-03 18:24 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-09-03 18:21 - 2016-09-03 18:24 - 00000000 ____D C:\Users\AzE\AppData\Local\NVIDIA
2016-09-03 18:21 - 2016-08-26 07:27 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-03 18:20 - 2016-09-08 22:56 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-03 18:20 - 2016-09-03 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-09-03 18:20 - 2016-09-03 18:20 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-03 18:20 - 2016-08-26 05:12 - 06384064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 01362368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-09-03 18:20 - 2016-08-26 05:12 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-09-03 18:20 - 2016-08-26 04:53 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-09-03 18:20 - 2016-08-22 23:17 - 07320235 _____ C:\Windows\system32\nvcoproc.bin
2016-09-03 18:20 - 2016-05-04 10:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-09-03 18:20 - 2016-05-04 10:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-09-03 18:20 - 2016-05-04 10:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-09-03 18:20 - 2016-05-04 10:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-09-03 18:18 - 2016-08-26 07:27 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 35180992 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 34842680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 28238904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 10865888 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 10746896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 10288040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 09094048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 08687888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 03906992 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 03448808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 02912192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 02549184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 01586560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 01020472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00958008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00894520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00802584 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00801744 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00686712 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00644112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00642392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00616648 _____ C:\Windows\system32\nvmcumd.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00576168 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00439352 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00394704 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00386104 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00347072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00327224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-09-03 18:18 - 2016-08-26 07:27 - 00113208 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00102968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00056376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-03 18:18 - 2016-08-26 07:27 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-09-03 18:18 - 2016-08-26 07:27 - 00040827 _____ C:\Windows\system32\nvinfo.pb
2016-09-03 18:18 - 2016-08-26 07:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-09-03 18:18 - 2016-08-26 07:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-09-03 18:14 - 2016-08-27 13:12 - 04130944 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-09-03 18:14 - 2016-08-27 13:12 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-09-03 18:14 - 2016-08-27 12:58 - 03893376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-09-03 18:14 - 2016-08-27 12:58 - 00121368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-09-03 18:14 - 2016-08-27 12:39 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2016-09-03 18:14 - 2016-08-27 12:38 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2016-09-03 18:14 - 2016-08-27 12:38 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2016-09-03 18:14 - 2016-08-27 12:37 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2016-09-03 18:14 - 2016-08-27 12:25 - 00804864 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2016-09-03 18:14 - 2016-08-20 14:04 - 07814488 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-03 18:14 - 2016-08-20 14:03 - 01883784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-03 18:14 - 2016-08-20 13:52 - 07219672 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-09-03 18:14 - 2016-08-20 13:52 - 02190688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-09-03 18:14 - 2016-08-20 13:52 - 01859264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-09-03 18:14 - 2016-08-20 13:52 - 00658776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-09-03 18:14 - 2016-08-20 13:52 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-09-03 18:14 - 2016-08-20 13:51 - 00681312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2016-09-03 18:14 - 2016-08-20 13:50 - 02913104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-09-03 18:14 - 2016-08-20 13:50 - 01099608 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2016-09-03 18:14 - 2016-08-20 13:50 - 00987992 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2016-09-03 18:14 - 2016-08-20 13:50 - 00073568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2016-09-03 18:14 - 2016-08-20 13:47 - 01453992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-09-03 18:14 - 2016-08-20 13:47 - 01071728 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-09-03 18:14 - 2016-08-20 13:46 - 01570680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-03 18:14 - 2016-08-20 13:43 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2016-09-03 18:14 - 2016-08-20 13:34 - 01430200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-03 18:14 - 2016-08-20 13:33 - 05722312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-09-03 18:14 - 2016-08-20 13:32 - 02166232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-09-03 18:14 - 2016-08-20 13:32 - 00846552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-09-03 18:14 - 2016-08-20 13:29 - 20965240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-09-03 18:14 - 2016-08-20 13:29 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-09-03 18:14 - 2016-08-20 13:29 - 00980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-09-03 18:14 - 2016-08-20 13:22 - 22571008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-09-03 18:14 - 2016-08-20 13:22 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-03 18:14 - 2016-08-20 13:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\C_G18030.DLL
2016-09-03 18:14 - 2016-08-20 13:21 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2016-09-03 18:14 - 2016-08-20 13:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-03 18:14 - 2016-08-20 13:20 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-09-03 18:14 - 2016-08-20 13:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\C_IS2022.DLL
2016-09-03 18:14 - 2016-08-20 13:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-09-03 18:14 - 2016-08-20 13:16 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2016-09-03 18:14 - 2016-08-20 13:15 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-09-03 18:14 - 2016-08-20 13:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_G18030.DLL
2016-09-03 18:14 - 2016-08-20 13:14 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2016-09-03 18:14 - 2016-08-20 13:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_IS2022.DLL
2016-09-03 18:14 - 2016-08-20 13:13 - 01081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-09-03 18:14 - 2016-08-20 13:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-09-03 18:14 - 2016-08-20 13:13 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-09-03 18:14 - 2016-08-20 13:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-09-03 18:14 - 2016-08-20 13:12 - 00476672 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-03 18:14 - 2016-08-20 13:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-09-03 18:14 - 2016-08-20 13:12 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-09-03 18:14 - 2016-08-20 13:11 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2016-09-03 18:14 - 2016-08-20 13:11 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-03 18:14 - 2016-08-20 13:11 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-09-03 18:14 - 2016-08-20 13:10 - 01904640 _____ (Microsoft Corporation) C:\Windows\system32\vmcompute.exe
2016-09-03 18:14 - 2016-08-20 13:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-09-03 18:14 - 2016-08-20 13:09 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-09-03 18:14 - 2016-08-20 13:09 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2016-09-03 18:14 - 2016-08-20 13:08 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2016-09-03 18:14 - 2016-08-20 13:08 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-09-03 18:14 - 2016-08-20 13:07 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-09-03 18:14 - 2016-08-20 13:07 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-09-03 18:14 - 2016-08-20 13:07 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-09-03 18:14 - 2016-08-20 13:07 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2016-09-03 18:14 - 2016-08-20 13:06 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-03 18:14 - 2016-08-20 13:06 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-09-03 18:14 - 2016-08-20 13:05 - 14414848 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2016-09-03 18:14 - 2016-08-20 13:04 - 23682560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-03 18:14 - 2016-08-20 13:04 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-03 18:14 - 2016-08-20 13:04 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-09-03 18:14 - 2016-08-20 13:03 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-09-03 18:14 - 2016-08-20 13:01 - 04612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-09-03 18:14 - 2016-08-20 13:01 - 00936960 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-09-03 18:14 - 2016-08-20 13:01 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-03 18:14 - 2016-08-20 13:00 - 19423232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-09-03 18:14 - 2016-08-20 13:00 - 08124416 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-09-03 18:14 - 2016-08-20 12:59 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-09-03 18:14 - 2016-08-20 12:59 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-09-03 18:14 - 2016-08-20 12:57 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-09-03 18:14 - 2016-08-20 12:56 - 02289664 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-09-03 18:14 - 2016-08-20 12:55 - 19418624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-03 18:14 - 2016-08-20 12:52 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-09-03 18:14 - 2016-08-20 12:51 - 06044672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-09-03 18:14 - 2016-08-20 12:51 - 01992704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-09-03 18:13 - 2016-08-27 20:45 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2016-09-03 18:13 - 2016-08-27 17:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2016-09-03 18:13 - 2016-08-27 12:44 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\encapi.dll
2016-09-03 18:13 - 2016-08-27 12:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\encapi.dll
2016-09-03 18:13 - 2016-08-20 14:26 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-09-03 18:13 - 2016-08-20 14:13 - 00590952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-09-03 18:13 - 2016-08-20 14:06 - 01046976 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-03 18:13 - 2016-08-20 14:06 - 00885832 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-03 18:13 - 2016-08-20 14:06 - 00108384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-09-03 18:13 - 2016-08-20 14:05 - 01377008 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-09-03 18:13 - 2016-08-20 14:04 - 01349120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-03 18:13 - 2016-08-20 14:04 - 01163696 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-03 18:13 - 2016-08-20 14:03 - 02257248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-09-03 18:13 - 2016-08-20 13:52 - 01279328 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-09-03 18:13 - 2016-08-20 13:52 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-09-03 18:13 - 2016-08-20 13:52 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2016-09-03 18:13 - 2016-08-20 13:50 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-09-03 18:13 - 2016-08-20 13:50 - 00942424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2016-09-03 18:13 - 2016-08-20 13:50 - 00807776 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2016-09-03 18:13 - 2016-08-20 13:50 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-03 18:13 - 2016-08-20 13:50 - 00020320 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2016-09-03 18:13 - 2016-08-20 13:47 - 22218808 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-09-03 18:13 - 2016-08-20 13:43 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-09-03 18:13 - 2016-08-20 13:42 - 02537824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-03 18:13 - 2016-08-20 13:34 - 00782176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-09-03 18:13 - 2016-08-20 13:34 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2016-09-03 18:13 - 2016-08-20 13:33 - 00852824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-09-03 18:13 - 2016-08-20 13:25 - 01264912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-09-03 18:13 - 2016-08-20 13:21 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-03 18:13 - 2016-08-20 13:21 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2016-09-03 18:13 - 2016-08-20 13:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2016-09-03 18:13 - 2016-08-20 13:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\c_GSM7.DLL
2016-09-03 18:13 - 2016-08-20 13:20 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-09-03 18:13 - 2016-08-20 13:20 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2016-09-03 18:13 - 2016-08-20 13:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-09-03 18:13 - 2016-08-20 13:19 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\vmusrv.dll
2016-09-03 18:13 - 2016-08-20 13:19 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-09-03 18:13 - 2016-08-20 13:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2016-09-03 18:13 - 2016-08-20 13:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2016-09-03 18:13 - 2016-08-20 13:18 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-09-03 18:13 - 2016-08-20 13:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2016-09-03 18:13 - 2016-08-20 13:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-09-03 18:13 - 2016-08-20 13:17 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-09-03 18:13 - 2016-08-20 13:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2016-09-03 18:13 - 2016-08-20 13:16 - 02755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-03 18:13 - 2016-08-20 13:16 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2016-09-03 18:13 - 2016-08-20 13:15 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-09-03 18:13 - 2016-08-20 13:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-09-03 18:13 - 2016-08-20 13:15 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-09-03 18:13 - 2016-08-20 13:14 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-09-03 18:13 - 2016-08-20 13:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2016-09-03 18:13 - 2016-08-20 13:14 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2016-09-03 18:13 - 2016-08-20 13:14 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\c_GSM7.DLL
2016-09-03 18:13 - 2016-08-20 13:13 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-03 18:13 - 2016-08-20 13:12 - 01617408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmswitch.sys
2016-09-03 18:13 - 2016-08-20 13:12 - 01014784 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-09-03 18:13 - 2016-08-20 13:12 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-09-03 18:13 - 2016-08-20 13:12 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-09-03 18:13 - 2016-08-20 13:11 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-09-03 18:13 - 2016-08-20 13:10 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-09-03 18:13 - 2016-08-20 13:10 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-09-03 18:13 - 2016-08-20 13:09 - 09128448 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-09-03 18:13 - 2016-08-20 13:09 - 00491520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-09-03 18:13 - 2016-08-20 13:08 - 01906176 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2016-09-03 18:13 - 2016-08-20 13:08 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2016-09-03 18:13 - 2016-08-20 13:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DscCoreConfProv.dll
2016-09-03 18:13 - 2016-08-20 13:08 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2016-09-03 18:13 - 2016-08-20 13:07 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-09-03 18:13 - 2016-08-20 13:07 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2016-09-03 18:13 - 2016-08-20 13:07 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\smphost.dll
2016-09-03 18:13 - 2016-08-20 13:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi_passthru.dll
2016-09-03 18:13 - 2016-08-20 13:05 - 00715264 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2016-09-03 18:13 - 2016-08-20 13:05 - 00380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-09-03 18:13 - 2016-08-20 13:04 - 03245056 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-09-03 18:13 - 2016-08-20 13:04 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-09-03 18:13 - 2016-08-20 13:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-09-03 18:13 - 2016-08-20 13:04 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\delegatorprovider.dll
2016-09-03 18:13 - 2016-08-20 13:03 - 05398016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-09-03 18:13 - 2016-08-20 13:03 - 02846208 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-09-03 18:13 - 2016-08-20 13:03 - 00944640 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-09-03 18:13 - 2016-08-20 13:02 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2016-09-03 18:13 - 2016-08-20 13:00 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2016-09-03 18:13 - 2016-08-20 13:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll
2016-09-03 18:13 - 2016-08-20 12:59 - 07624192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-09-03 18:13 - 2016-08-20 12:59 - 05511680 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-09-03 18:13 - 2016-08-20 12:59 - 01690112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-09-03 18:13 - 2016-08-20 12:59 - 01106944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2016-09-03 18:13 - 2016-08-20 12:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smphost.dll
2016-09-03 18:13 - 2016-08-20 12:58 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-09-03 18:13 - 2016-08-20 12:58 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi_passthru.dll
2016-09-03 18:13 - 2016-08-20 12:57 - 02680832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-09-03 18:13 - 2016-08-20 12:57 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-09-03 18:13 - 2016-08-20 12:57 - 00558080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 02711040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 02315264 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 02143232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 01006080 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\delegatorprovider.dll
2016-09-03 18:13 - 2016-08-20 12:55 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-09-03 18:13 - 2016-08-20 12:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2016-09-03 18:13 - 2016-08-20 12:53 - 03617792 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-09-03 18:13 - 2016-08-20 12:53 - 03299328 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-09-03 18:13 - 2016-08-20 12:53 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2016-09-03 18:13 - 2016-08-20 12:51 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-09-03 18:13 - 2016-08-20 12:50 - 01875456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-09-03 18:13 - 2016-08-20 12:49 - 02999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-09-03 18:13 - 2016-08-20 12:46 - 03105792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-09-03 18:13 - 2016-08-19 09:33 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-09-03 15:22 - 2016-09-03 15:22 - 00030424 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2016-09-03 15:22 - 2016-09-03 15:22 - 00016088 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2016-09-03 15:22 - 2016-09-03 15:22 - 00000000 ____D C:\Users\AzE\.oracle_jre_usage
2016-09-03 15:22 - 2016-09-03 15:22 - 00000000 ____D C:\ProgramData\Sony Mobile
2016-09-03 15:22 - 2016-09-03 15:22 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2016-09-03 15:17 - 2016-09-03 15:17 - 00002677 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-09-03 15:17 - 2016-09-03 15:17 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Apple Computer
2016-09-03 15:17 - 2016-09-03 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-09-03 15:17 - 2016-09-03 15:17 - 00000000 ____D C:\Program Files (x86)\Sony
2016-09-03 02:43 - 2016-09-03 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2016-09-03 02:43 - 2015-07-13 11:16 - 00026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2016-09-01 16:17 - 2014-09-08 14:26 - 00024824 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2016-09-01 16:05 - 2016-09-01 16:05 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2016-09-01 15:55 - 2016-09-01 15:55 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_B85M-G.alu
2016-09-01 15:52 - 2016-09-01 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-09-01 15:52 - 2011-09-20 12:25 - 00046152 _____ (MCCI Corporation) C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys
2016-09-01 15:51 - 2013-02-21 11:40 - 00032840 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2016-09-01 15:50 - 2016-09-01 16:17 - 00000000 ____D C:\ProgramData\ASUS
2016-09-01 15:50 - 2016-09-01 15:52 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-09-01 15:50 - 2014-02-24 17:49 - 00014464 _____ C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2016-09-01 14:16 - 2016-09-01 14:16 - 00000698 _____ C:\Users\Public\Desktop\Origin.lnk
2016-09-01 14:16 - 2016-09-01 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-09-01 02:36 - 2016-09-07 21:53 - 00000909 _____ C:\Users\Public\Desktop\Battlefield 1 Open Beta.lnk
2016-09-01 02:36 - 2016-09-01 02:36 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-09-01 02:36 - 2016-09-01 02:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 Open Beta
2016-09-01 01:56 - 2016-09-01 01:56 - 00000000 ____D C:\Windows\Simple Shutdown Timer
2016-09-01 01:56 - 2016-09-01 01:56 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Shutdown Timer
2016-09-01 01:32 - 2016-09-07 15:01 - 00000000 ____D C:\Users\AzE\AppData\Roaming\vlc
2016-09-01 01:29 - 2016-09-01 01:29 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-01 01:29 - 2016-09-01 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-01 01:29 - 2016-09-01 01:29 - 00000000 ____D C:\Program Files\VideoLAN
2016-08-31 10:25 - 2016-08-31 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-08-31 10:23 - 2016-08-31 10:32 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-08-31 10:23 - 2016-08-31 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-08-31 10:23 - 2016-08-31 10:25 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-08-31 10:23 - 2013-02-13 08:52 - 02580552 _____ C:\Windows\SysWOW64\pbsvc.exe
2016-08-30 23:12 - 2016-08-30 23:12 - 00000000 ____D C:\Users\AzE\AppData\Local\PunkBuster
2016-08-30 23:09 - 2016-08-30 23:10 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-30 23:09 - 2016-08-30 23:09 - 00000000 ____D C:\ProgramData\EA Core
2016-08-30 23:08 - 2016-08-30 23:39 - 00000863 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2016-08-30 23:08 - 2016-08-30 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-08-30 21:28 - 2016-08-31 17:50 - 00000000 ____D C:\ProgramData\EA Logs
2016-08-30 21:19 - 2016-09-07 21:56 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Origin
2016-08-30 21:19 - 2016-08-30 23:09 - 00000000 ____D C:\Users\AzE\AppData\Local\Origin
2016-08-30 21:11 - 2016-09-08 17:16 - 00000000 ____D C:\ProgramData\Origin
2016-08-30 16:23 - 2016-08-30 16:23 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Wargaming.net
2016-08-30 16:21 - 2016-08-30 16:21 - 00000000 ____D C:\Program Files\Realtek
2016-08-30 16:21 - 2016-06-07 12:46 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-08-30 16:21 - 2016-06-07 12:46 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-08-30 16:21 - 2016-06-07 12:45 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-08-30 16:21 - 2016-06-07 12:30 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-08-30 16:21 - 2016-06-07 12:16 - 05118208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-08-30 16:21 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-08-30 16:21 - 2014-07-23 09:59 - 00003008 ____N C:\Windows\system32\Drivers\DTSU2P.DAT
2016-08-30 16:20 - 2016-09-01 15:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-30 16:20 - 2015-03-11 18:04 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-08-30 13:18 - 2016-08-30 16:21 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-08-30 13:18 - 2016-08-30 13:18 - 00001769 _____ C:\Windows\Language_trs.ini
2016-08-30 13:18 - 2016-08-30 13:18 - 00000000 ____D C:\Users\AzE\Intel
2016-08-30 13:18 - 2016-08-30 13:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-08-30 11:26 - 2016-08-30 11:26 - 00000000 ____D C:\ProgramData\SoftPerfect
2016-08-30 11:26 - 2016-08-30 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2016-08-30 11:26 - 2016-08-30 11:26 - 00000000 ____D C:\Program Files\NetWorx
2016-08-30 08:17 - 2016-08-30 08:17 - 01843480 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll
2016-08-30 08:17 - 2016-08-30 08:17 - 00067736 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGJoyXlCore.sys
2016-08-30 08:17 - 2016-08-30 08:17 - 00064280 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGSHidFilt.Sys
2016-08-30 08:17 - 2016-08-30 08:17 - 00036496 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys
2016-08-30 08:17 - 2016-08-30 08:17 - 00026008 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys
2016-08-30 00:30 - 2016-08-30 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2016-08-30 00:29 - 2016-08-30 00:29 - 00000000 ____D C:\Windows\Minidump
2016-08-29 22:47 - 2016-08-29 22:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-29 21:54 - 2016-08-29 21:54 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2016-08-29 21:54 - 2016-08-29 21:54 - 00000000 ____D C:\Program Files\LinkShellExtension
2016-08-29 21:52 - 2016-08-30 00:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-29 21:52 - 2016-08-29 21:52 - 01198049 _____ C:\Windows\unins000.exe
2016-08-29 21:52 - 2016-08-29 21:52 - 00010810 _____ C:\Windows\unins000.dat
2016-08-29 21:52 - 2016-08-29 21:52 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-08-29 21:52 - 2016-08-29 21:52 - 00001460 _____ C:\AiOLog.txt
2016-08-29 21:52 - 2016-08-29 21:52 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-08-29 21:52 - 2016-08-29 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-29 21:52 - 2016-08-29 21:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-29 21:52 - 2016-08-29 21:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-29 21:52 - 2016-01-28 18:44 - 01261568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2016-08-29 21:52 - 2016-01-28 18:44 - 00297472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2016-08-29 21:52 - 2016-01-28 18:44 - 00297472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2016-08-29 21:52 - 2015-07-10 10:51 - 00456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2016-08-29 21:52 - 2015-07-08 09:29 - 03477818 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2016-08-29 21:52 - 2014-01-31 02:14 - 01055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2016-08-29 21:52 - 2014-01-25 13:30 - 00131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2016-08-29 21:52 - 2013-12-23 14:44 - 00163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 01070232 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00444328 _____ (Microsoft Corporation) C:\Windows\system32\mshflxgd.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2016-08-29 21:52 - 2013-12-20 00:48 - 00127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00108696 _____ (Microsoft Corporation) C:\Windows\system32\msstkprp.dll
2016-08-29 21:52 - 2013-12-20 00:48 - 00104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2016-08-29 21:52 - 2013-12-20 00:48 - 00084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2016-08-29 21:52 - 2012-06-14 14:36 - 00107520 _____ C:\Windows\system32\zlib1.dll
2016-08-29 21:52 - 2012-04-03 16:11 - 00138752 _____ C:\Windows\system32\libpng15.dll
2016-08-29 21:52 - 2011-10-12 03:09 - 04033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2016-08-29 21:52 - 2011-10-01 08:16 - 00445016 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-08-29 21:52 - 2011-10-01 08:16 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\openal32.dll
2016-08-29 21:52 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71DEU.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ITA.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71FRA.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ESP.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ENU.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71KOR.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71JPN.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHT.dll
2016-08-29 21:52 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHS.dll
2016-08-29 21:52 - 2011-01-12 13:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2016-08-29 21:52 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2016-08-29 21:52 - 2010-06-27 17:44 - 00053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2016-08-29 21:52 - 2010-03-18 20:21 - 00799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2016-08-29 21:52 - 2008-08-26 06:40 - 00162304 _____ C:\Windows\system32\libpng13.dll
2016-08-29 21:52 - 2007-02-01 22:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2016-08-29 21:52 - 2007-02-01 19:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2016-08-29 21:52 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2016-08-29 21:52 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ITA.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70FRA.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ESP.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70DEU.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ENU.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70KOR.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70JPN.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHT.dll
2016-08-29 21:52 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHS.dll
2016-08-29 21:52 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2016-08-29 21:52 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2016-08-29 21:52 - 2005-05-06 13:52 - 00103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2016-08-29 21:52 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll
2016-08-29 21:52 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2016-08-29 21:52 - 1996-01-12 03:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll
2016-08-29 21:52 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll
2016-08-29 21:52 - 1994-11-17 13:00 - 00210944 _____ C:\Windows\system\msvcrt10.dll
2016-08-29 21:52 - 1993-05-11 19:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll
2016-08-29 21:52 - 1992-10-21 00:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2016-08-29 21:52 - 1991-05-10 01:00 - 00271264 _____ C:\Windows\system\vbrun100.dll
2016-08-29 21:51 - 2016-08-29 21:51 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-08-29 21:51 - 2016-08-29 21:51 - 00000000 ____D C:\Program Files\Java
2016-08-29 21:50 - 2016-08-29 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-29 21:50 - 2016-08-29 21:50 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-08-29 21:50 - 2016-08-29 21:50 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Sun
2016-08-29 21:50 - 2016-08-29 21:50 - 00000000 ____D C:\Users\AzE\AppData\LocalLow\Sun
2016-08-29 21:50 - 2016-08-29 21:50 - 00000000 ____D C:\ProgramData\Oracle
2016-08-29 21:50 - 2016-08-29 21:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-29 21:35 - 2016-09-09 00:50 - 00000000 ____D C:\Users\AzE\AppData\Local\CrashDumps
2016-08-29 21:33 - 2016-08-29 21:33 - 00000894 _____ C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-08-29 21:32 - 2016-08-29 21:32 - 00000000 ___DL C:\Users\AzE\AppData\Roaming\Bittorrent
2016-08-29 21:32 - 2016-08-29 21:32 - 00000000 ___DL C:\Users\AzE\AppData\Roaming\.minecraft
2016-08-29 21:27 - 2016-09-09 00:50 - 00000000 ____D C:\Users\AzE\AppData\Local\Free Download Manager
2016-08-29 21:27 - 2016-08-29 21:27 - 00002806 _____ C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor
2016-08-29 21:27 - 2016-08-29 21:27 - 00000681 _____ C:\Users\Public\Desktop\Free Download Manager 5.lnk
2016-08-29 21:27 - 2016-08-29 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2016-08-29 14:03 - 2016-09-03 22:01 - 00000000 ____D C:\Users\AzE\AppData\Local\NVIDIA Corporation
2016-08-29 14:00 - 2016-09-03 18:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-29 14:00 - 2016-07-11 10:34 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-08-29 14:00 - 2016-07-11 10:34 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-08-29 13:59 - 2016-09-03 18:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-29 13:56 - 2016-08-22 18:50 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2016-08-29 13:55 - 2016-09-03 21:59 - 00000000 ____D C:\Program Files\Hyper-V
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ___SD C:\Windows\system32\containers
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ____D C:\Windows\system32\BestPractices
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ____D C:\Program Files\MSBuild
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-29 13:55 - 2016-08-29 13:55 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-29 13:52 - 2016-08-29 13:52 - 00000000 ___DL C:\Steam
2016-08-29 13:47 - 2016-08-29 13:47 - 00000000 ___DL C:\Windows\system32\Steam
2016-08-29 06:54 - 2016-08-29 06:54 - 00002848 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-08-29 06:54 - 2016-08-29 06:54 - 00000739 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-29 06:54 - 2016-08-29 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-29 06:54 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-08-29 06:54 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 06:54 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-08-29 06:54 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-08-29 06:54 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 06:54 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-08-29 06:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-08-29 06:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-08-29 06:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-08-29 06:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-08-29 06:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-08-29 06:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-08-29 06:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-08-29 06:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-08-29 06:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-08-29 06:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-08-29 06:18 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-08-29 06:18 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-08-29 06:18 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-08-29 06:18 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-08-29 06:18 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-08-29 06:18 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-08-29 06:18 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-08-29 06:18 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-08-29 06:18 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-08-29 06:18 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-08-29 06:18 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-08-29 06:18 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-08-29 06:18 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-08-29 06:18 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-08-29 06:18 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-08-29 06:18 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-08-29 06:18 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-08-29 06:18 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-08-29 06:18 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-08-29 06:18 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-08-29 06:18 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-08-29 06:18 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-08-29 06:18 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-08-29 06:18 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-08-29 06:18 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-08-29 06:18 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-08-29 06:18 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-08-29 06:18 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-08-29 06:18 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-08-29 06:18 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-08-29 06:18 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-08-29 06:18 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-08-29 06:18 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-08-29 06:18 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-08-29 06:18 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-08-29 06:18 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-08-29 06:18 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-08-29 06:18 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-08-29 06:18 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-08-29 06:18 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-08-29 06:18 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-08-29 06:18 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-08-29 06:18 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-08-29 06:18 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-08-29 06:18 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-08-29 06:18 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-08-29 06:18 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-08-29 06:18 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-08-29 06:18 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-08-29 06:18 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-08-29 06:18 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-08-29 06:18 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-08-29 06:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-08-29 06:18 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-08-29 06:18 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-08-29 06:18 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-08-29 06:18 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-08-29 06:18 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-08-29 06:18 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-08-29 06:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-08-29 06:18 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-08-29 06:18 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-08-29 06:18 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-08-29 06:18 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-08-29 06:18 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-08-29 06:18 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-08-29 06:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-08-29 06:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-08-29 06:18 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-08-29 06:18 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-08-29 06:18 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-08-29 06:18 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-08-29 06:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-08-29 06:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-08-29 06:18 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-08-29 06:18 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-08-29 06:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-08-29 06:18 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-08-29 06:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-08-29 06:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-08-29 06:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-08-29 06:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-08-29 06:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-08-29 06:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-08-29 06:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-08-29 06:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-08-29 06:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-08-29 06:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-08-29 06:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-08-29 06:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-08-29 06:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-08-29 06:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-08-29 06:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-08-29 06:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-08-29 06:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-08-29 06:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-08-29 06:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-08-29 06:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-08-29 06:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-08-29 06:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-08-29 06:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-08-29 06:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-08-29 06:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-08-29 06:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-08-29 06:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-08-29 06:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-08-29 06:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-08-29 06:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-08-29 06:12 - 2016-08-29 06:12 - 00000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2016-08-29 06:11 - 2016-08-29 06:11 - 00000000 ____D C:\Program Files\CMAK
2016-08-29 06:11 - 2016-08-29 06:11 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-29 06:01 - 2016-08-29 06:01 - 00000000 ____D C:\Users\AzE\AppData\Local\Steam
2016-08-29 06:01 - 2016-08-29 06:01 - 00000000 ____D C:\Users\AzE\AppData\Local\CEF
2016-08-29 05:56 - 2016-08-29 05:58 - 00000000 ____D C:\Windows\system32\MRT
2016-08-29 05:56 - 2016-08-29 05:56 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-29 05:55 - 2016-08-29 03:25 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-08-29 05:27 - 2016-08-06 12:33 - 00354264 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-08-29 05:27 - 2016-08-06 12:31 - 00041824 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2016-08-29 05:27 - 2016-08-06 12:29 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-08-29 05:27 - 2016-08-06 12:18 - 00396168 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-08-29 05:27 - 2016-08-06 12:17 - 00450400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-29 05:27 - 2016-08-06 12:17 - 00224096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-29 05:27 - 2016-08-06 12:16 - 00435040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-29 05:27 - 2016-08-06 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2016-08-29 05:27 - 2016-08-06 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2016-08-29 05:27 - 2016-08-06 11:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2016-08-29 05:27 - 2016-08-06 11:43 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2016-08-29 05:27 - 2016-08-06 11:41 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-08-29 05:27 - 2016-08-06 11:41 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-08-29 05:27 - 2016-08-06 11:41 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2016-08-29 05:27 - 2016-08-06 11:40 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2016-08-29 05:27 - 2016-08-06 11:39 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2016-08-29 05:27 - 2016-08-06 11:38 - 17187328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-29 05:27 - 2016-08-06 11:33 - 01082368 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-08-29 05:27 - 2016-08-06 11:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-08-29 05:27 - 2016-08-06 11:30 - 13080576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-29 05:27 - 2016-08-06 11:23 - 02370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-08-29 05:27 - 2016-08-06 11:19 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2016-08-29 05:27 - 2016-08-05 17:14 - 01066328 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2016-08-29 05:27 - 2016-08-05 17:12 - 05622600 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-29 05:27 - 2016-08-05 17:10 - 00939872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2016-08-29 05:27 - 2016-08-05 17:05 - 00665768 _____ (Microsoft Corporation) C:\Windows\system32\GenValObj.exe
2016-08-29 05:27 - 2016-08-05 16:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2016-08-29 05:27 - 2016-08-05 16:22 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2016-08-29 05:27 - 2016-08-05 16:20 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2016-08-29 05:27 - 2016-08-05 16:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2016-08-29 05:27 - 2016-08-02 16:10 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-08-29 05:26 - 2016-08-06 12:31 - 00077664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-29 05:26 - 2016-08-06 12:29 - 00199008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-08-29 05:26 - 2016-08-06 12:26 - 01176664 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-29 05:26 - 2016-08-06 12:23 - 00168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-29 05:26 - 2016-08-06 12:18 - 02745224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-29 05:26 - 2016-08-06 12:18 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-08-29 05:26 - 2016-08-06 12:17 - 00790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-29 05:26 - 2016-08-06 12:17 - 00619368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-29 05:26 - 2016-08-06 12:15 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2016-08-29 05:26 - 2016-08-06 12:13 - 01847048 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-08-29 05:26 - 2016-08-06 12:13 - 01694200 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-08-29 05:26 - 2016-08-06 12:13 - 01066096 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-08-29 05:26 - 2016-08-06 12:13 - 00595488 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-08-29 05:26 - 2016-08-06 12:13 - 00381760 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-08-29 05:26 - 2016-08-06 12:13 - 00044472 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-08-29 05:26 - 2016-08-06 12:09 - 00151224 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-29 05:26 - 2016-08-06 12:08 - 02251432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-29 05:26 - 2016-08-06 12:08 - 01469120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-29 05:26 - 2016-08-06 12:08 - 00587968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-29 05:26 - 2016-08-06 12:08 - 00509784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-29 05:26 - 2016-08-06 12:08 - 00313560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-08-29 05:26 - 2016-08-06 12:08 - 00050880 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-29 05:26 - 2016-08-06 12:04 - 00361096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2016-08-29 05:26 - 2016-08-06 12:03 - 01557296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-08-29 05:26 - 2016-08-06 12:03 - 01343928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-08-29 05:26 - 2016-08-06 12:03 - 00955008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-08-29 05:26 - 2016-08-06 12:03 - 00529928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-08-29 05:26 - 2016-08-06 12:03 - 00036168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-08-29 05:26 - 2016-08-06 12:02 - 00321280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-08-29 05:26 - 2016-08-06 11:48 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-29 05:26 - 2016-08-06 11:48 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-08-29 05:26 - 2016-08-06 11:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2016-08-29 05:26 - 2016-08-06 11:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-08-29 05:26 - 2016-08-06 11:48 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-08-29 05:26 - 2016-08-06 11:48 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-08-29 05:26 - 2016-08-06 11:48 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-08-29 05:26 - 2016-08-06 11:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-29 05:26 - 2016-08-06 11:47 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-29 05:26 - 2016-08-06 11:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-08-29 05:26 - 2016-08-06 11:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-08-29 05:26 - 2016-08-06 11:46 - 09260032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-08-29 05:26 - 2016-08-06 11:46 - 09260032 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-08-29 05:26 - 2016-08-06 11:46 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2016-08-29 05:26 - 2016-08-06 11:46 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2016-08-29 05:26 - 2016-08-06 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-08-29 05:26 - 2016-08-06 11:46 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-29 05:26 - 2016-08-06 11:45 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\gpupvdev.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2016-08-29 05:26 - 2016-08-06 11:45 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-29 05:26 - 2016-08-06 11:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2016-08-29 05:26 - 2016-08-06 11:44 - 00272384 _____ C:\Windows\system32\PrivateCloudHNSPlugin.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-08-29 05:26 - 2016-08-06 11:44 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\vpcievdev.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\vmwpctrl.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\wnvapi.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2016-08-29 05:26 - 2016-08-06 11:44 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2016-08-29 05:26 - 2016-08-06 11:43 - 00537088 _____ (Microsoft Corporation) C:\Windows\system32\HostNetSvc.dll
2016-08-29 05:26 - 2016-08-06 11:43 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_WorkAccess.dll
2016-08-29 05:26 - 2016-08-06 11:43 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-08-29 05:26 - 2016-08-06 11:43 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-29 05:26 - 2016-08-06 11:42 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\vmprox.dll
2016-08-29 05:26 - 2016-08-06 11:42 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-29 05:26 - 2016-08-06 11:42 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\vmsynthfcvdev.dll
2016-08-29 05:26 - 2016-08-06 11:42 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\NetMgmtIF.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 13867520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\vmuidevices.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wnv.sys
2016-08-29 05:26 - 2016-08-06 11:41 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2016-08-29 05:26 - 2016-08-06 11:41 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2016-08-29 05:26 - 2016-08-06 11:40 - 02801152 _____ (Microsoft Corporation) C:\Windows\system32\vmchipset.dll
2016-08-29 05:26 - 2016-08-06 11:40 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-29 05:26 - 2016-08-06 11:40 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-29 05:26 - 2016-08-06 11:40 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2016-08-29 05:26 - 2016-08-06 11:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2016-08-29 05:26 - 2016-08-06 11:39 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2016-08-29 05:26 - 2016-08-06 11:39 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\VmEmulatedStorage.dll
2016-08-29 05:26 - 2016-08-06 11:39 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2016-08-29 05:26 - 2016-08-06 11:39 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2016-08-29 05:26 - 2016-08-06 11:38 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-29 05:26 - 2016-08-06 11:38 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\VmEmulatedNic.dll
2016-08-29 05:26 - 2016-08-06 11:38 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\vmsynthstor.dll
2016-08-29 05:26 - 2016-08-06 11:37 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-29 05:26 - 2016-08-06 11:36 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2016-08-29 05:26 - 2016-08-06 11:36 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\VmSynthNic.dll
2016-08-29 05:26 - 2016-08-06 11:33 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-08-29 05:26 - 2016-08-06 11:31 - 12174336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-29 05:26 - 2016-08-06 11:31 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-29 05:26 - 2016-08-06 11:31 - 01052672 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-08-29 05:26 - 2016-08-06 11:31 - 00884224 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-08-29 05:26 - 2016-08-06 11:30 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-08-29 05:26 - 2016-08-06 11:30 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-08-29 05:26 - 2016-08-06 11:29 - 13433856 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-29 05:26 - 2016-08-06 11:29 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2016-08-29 05:26 - 2016-08-06 11:29 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2016-08-29 05:26 - 2016-08-06 11:29 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-08-29 05:26 - 2016-08-06 11:28 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2016-08-29 05:26 - 2016-08-06 11:28 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2016-08-29 05:26 - 2016-08-06 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-08-29 05:26 - 2016-08-06 11:26 - 02422784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll
2016-08-29 05:26 - 2016-08-06 11:26 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-29 05:26 - 2016-08-06 11:26 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-29 05:26 - 2016-08-06 11:25 - 03116032 _____ (Microsoft Corporation) C:\Windows\system32\MSAJApi.dll
2016-08-29 05:26 - 2016-08-06 11:25 - 01595904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-29 05:26 - 2016-08-06 11:24 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-29 05:26 - 2016-08-06 11:24 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-29 05:26 - 2016-08-06 11:23 - 01780736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-29 05:26 - 2016-08-06 11:23 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-08-29 05:26 - 2016-08-06 11:23 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-29 05:26 - 2016-08-06 11:23 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-08-29 05:26 - 2016-08-06 11:23 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-08-29 05:26 - 2016-08-06 11:23 - 00860672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-08-29 05:26 - 2016-08-06 11:23 - 00520192 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2016-08-29 05:26 - 2016-08-06 11:21 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2016-08-29 05:26 - 2016-08-06 11:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2016-08-29 05:26 - 2016-08-06 11:19 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2016-08-29 05:26 - 2016-08-05 16:29 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2016-08-29 05:26 - 2016-08-05 16:23 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2016-08-29 05:26 - 2016-08-05 16:20 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2016-08-29 05:26 - 2016-08-05 16:18 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2016-08-29 05:26 - 2016-08-02 16:11 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-08-29 05:26 - 2016-08-02 15:58 - 01656320 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-29 05:26 - 2016-08-02 12:25 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-29 05:26 - 2016-07-22 09:32 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-08-29 05:26 - 2016-07-22 09:25 - 00389000 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2016-08-29 05:26 - 2016-07-22 09:18 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-08-29 05:26 - 2016-07-22 09:18 - 00297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2016-08-29 05:26 - 2016-07-22 09:11 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-08-29 05:26 - 2016-07-22 08:32 - 01708544 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-08-29 05:26 - 2016-07-22 08:31 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-08-29 05:22 - 2016-09-08 23:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-29 05:21 - 2016-08-29 05:21 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-29 05:21 - 2016-08-29 05:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-29 05:21 - 2016-08-29 05:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-29 05:21 - 2016-08-29 05:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-29 05:21 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-29 05:21 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-29 05:21 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-29 04:38 - 2016-08-29 04:38 - 00003786 _____ C:\Windows\System32\Tasks\KMSAutoNet
2016-08-29 04:37 - 2016-09-04 10:00 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-08-29 04:37 - 2016-08-29 04:39 - 00000000 ____D C:\Users\AzE\AppData\Local\MSfree Inc
2016-08-29 04:36 - 2016-08-29 04:36 - 00000000 ____D C:\Users\AzE\AppData\Roaming\WinRAR
2016-08-29 04:36 - 2016-08-29 04:36 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-29 04:36 - 2016-08-29 04:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-29 04:36 - 2016-08-29 04:36 - 00000000 ____D C:\Program Files\WinRAR
2016-08-29 04:35 - 2016-08-29 04:35 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-29 04:35 - 2016-08-29 04:35 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-08-29 04:35 - 2016-08-29 04:35 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-29 04:35 - 2016-08-29 04:35 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-29 04:35 - 2016-08-29 04:35 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-29 04:35 - 2016-08-29 04:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-08-29 04:34 - 2016-08-29 04:34 - 00000000 ____D C:\Windows\PCHEALTH
2016-08-29 04:34 - 2016-08-29 04:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-08-29 04:34 - 2016-08-29 04:34 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-29 04:34 - 2016-08-29 04:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-29 04:34 - 2016-08-29 04:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-08-29 04:33 - 2016-08-29 04:33 - 00000000 ____D C:\Windows\SHELLNEW
2016-08-29 04:33 - 2016-08-29 04:33 - 00000000 ____D C:\Users\AzE\AppData\Local\Microsoft Help
2016-08-29 04:33 - 2016-08-29 04:33 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-08-29 04:33 - 2016-08-29 04:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-29 04:33 - 2016-08-29 04:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-08-29 03:44 - 2016-08-29 06:56 - 00000000 ____D C:\Windows\Panther
2016-08-29 03:32 - 2016-08-29 03:32 - 00000000 ____D C:\Users\AzE\AppData\Local\PeerDistRepub
2016-08-29 03:19 - 2016-08-29 03:19 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-08-29 03:18 - 2016-09-08 22:56 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-29 03:18 - 2016-09-02 21:53 - 00000000 __SHD C:\Users\AzE\IntelGraphicsProfiles
2016-08-29 03:18 - 2016-09-01 15:51 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-29 03:18 - 2016-08-29 06:09 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-29 03:18 - 2016-08-29 03:18 - 00000000 ____D C:\Intel
2016-08-29 03:17 - 2016-08-30 13:19 - 00000000 ____D C:\Program Files\Intel
2016-08-29 03:15 - 2016-08-29 03:15 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-29 03:15 - 2016-08-29 03:15 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-29 03:05 - 2016-08-29 03:12 - 00000000 ____D C:\Users\AzE\AppData\Local\PackageStaging
2016-08-29 03:03 - 2016-09-01 15:52 - 00000000 ____D C:\Program Files\ASUS
2016-08-29 03:03 - 2016-09-01 15:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-08-29 03:03 - 2016-08-29 03:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2016-08-29 03:03 - 2013-07-04 18:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2016-08-29 03:03 - 2013-07-04 18:32 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2016-08-29 03:02 - 2016-08-31 19:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-08-29 03:02 - 2016-08-31 19:57 - 00000000 ____D C:\Windows\system32\DAX2
2016-08-29 03:02 - 2016-08-29 03:41 - 00000000 ____D C:\Users\AzE\AppData\Local\Comms
2016-08-29 03:02 - 2016-08-29 03:02 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-29 03:01 - 2010-05-27 02:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-08-29 03:01 - 2010-05-27 02:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-08-29 03:01 - 2010-05-27 02:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-08-29 03:01 - 2010-05-27 02:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-08-29 03:01 - 2010-05-27 02:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-08-29 03:01 - 2010-05-27 02:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-08-29 03:00 - 2016-08-29 03:00 - 00000000 ____D C:\Users\AzE\AppData\Local\MicrosoftEdge
2016-08-29 02:59 - 2016-09-03 18:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-29 02:58 - 2016-09-03 15:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-29 02:56 - 2016-09-08 22:47 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-29 02:56 - 2016-09-08 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-29 02:55 - 2016-08-29 14:06 - 00000000 ____D C:\Users\AzE\AppData\Local\Google
2016-08-29 02:55 - 2016-08-29 13:55 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-29 02:55 - 2016-08-29 13:55 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-29 02:55 - 2016-08-29 12:00 - 00003978 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-29 02:55 - 2016-08-29 12:00 - 00003746 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-29 02:55 - 2016-08-29 03:15 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-29 02:53 - 2016-09-08 23:02 - 01837104 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-29 02:51 - 2016-08-29 05:37 - 00000000 ___RD C:\Users\AzE\OneDrive
2016-08-29 02:51 - 2016-08-29 02:53 - 00002357 _____ C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-29 02:51 - 2016-08-29 02:51 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-29 02:49 - 2016-09-08 21:57 - 00000000 ____D C:\Users\AzE
2016-08-29 02:49 - 2016-09-06 22:29 - 00000000 ____D C:\Users\AzE\AppData\Local\Packages
2016-08-29 02:49 - 2016-09-03 22:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-29 02:49 - 2016-08-29 04:30 - 00000000 ____D C:\Users\AzE\AppData\Local\ConnectedDevicesPlatform
2016-08-29 02:49 - 2016-08-29 02:49 - 00000020 ___SH C:\Users\AzE\ntuser.ini
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 _SHDL C:\Users\AzE\My Documents
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Adobe
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\AzE\AppData\Local\VirtualStore
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\AzE\AppData\Local\TileDataLayer
2016-08-29 02:49 - 2016-08-29 02:49 - 00000000 ____D C:\Users\AzE\AppData\Local\Publishers
2016-08-29 02:47 - 2016-08-29 02:47 - 00000000 ____D C:\ProgramData\USOShared
2016-08-29 02:46 - 2016-08-29 02:46 - 00000020 ___SH C:\Users\defaultuser0\ntuser.ini
2016-08-29 02:46 - 2016-08-29 02:46 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2016-08-29 02:46 - 2016-08-29 02:46 - 00000000 _SHDL C:\Users\Default\My Documents
2016-08-29 02:46 - 2016-08-29 02:46 - 00000000 _SHDL C:\Documents and Settings
2016-08-29 02:46 - 2016-08-29 02:46 - 00000000 ____D C:\Windows\CSC
2016-08-29 02:46 - 2016-08-29 02:46 - 00000000 ____D C:\Users\defaultuser0
2016-08-29 02:46 - 2016-07-16 19:41 - 02716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-08-29 02:45 - 2016-09-08 22:56 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-29 02:45 - 2016-08-29 02:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-08-29 02:45 - 2016-08-29 02:45 - 00000000 ____D C:\Windows\ServiceProfiles
2016-08-29 02:44 - 2016-09-09 00:34 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-08-29 02:44 - 2016-09-03 21:59 - 00264312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-25 10:57 - 2016-08-25 10:57 - 00049312 _____ (Visicom Media Inc.) C:\Windows\system32\Drivers\mcvidrv.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-08 23:19 - 2016-07-16 19:45 - 00000000 ____D C:\Windows\INF
2016-09-08 22:55 - 2016-07-16 14:04 - 00786432 _____ C:\Windows\system32\config\BBI
2016-09-08 21:58 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\GameBarPresenceWriter
2016-09-08 08:53 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 08:53 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\AppReadiness
2016-09-04 12:20 - 2016-07-16 19:36 - 00000000 ____D C:\Windows\CbsTemp
2016-09-03 21:59 - 2016-07-16 22:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ___SD C:\Windows\system32\dsc
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\lv-LV
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\lt-LT
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\et-EE
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\es-MX
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\en-GB
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\Provisioning
2016-09-03 21:59 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-03 18:20 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\Help
2016-09-03 17:42 - 2016-07-16 19:43 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-09-03 17:42 - 2016-07-16 19:43 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vmsif.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-09-03 17:42 - 2016-07-16 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-09-03 17:42 - 2016-07-16 19:43 - 00033632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmsproxy.sys
2016-09-03 17:42 - 2016-07-16 19:43 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\vmsifproxystub.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-09-03 17:42 - 2016-07-16 19:42 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-03 17:42 - 2016-07-16 19:42 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-03 17:42 - 2016-07-16 19:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-09-03 17:42 - 2016-07-16 19:42 - 00114192 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00079544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-03 17:42 - 2016-07-16 19:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-09-01 04:07 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\rescache
2016-08-29 21:52 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-29 21:52 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\System
2016-08-29 21:51 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-29 21:15 - 2015-08-10 23:50 - 00000000 ____D C:\Users\AzE\AppData\Roaming\New Technology Studio
2016-08-29 21:15 - 2015-06-03 17:27 - 00000000 ____D C:\Users\AzE\AppData\Roaming\MK10
2016-08-29 21:15 - 2015-04-08 17:42 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Need for Speed Most Wanted Black Edition
2016-08-29 21:15 - 2015-01-16 21:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\MiniLyrics
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\MKKE
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\MediaMonkey
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed Revelations
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed IV - Black Flag
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed III
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed II
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed Brotherhood
2016-08-29 21:15 - 2015-01-16 15:38 - 00000000 ____D C:\Users\AzE\AppData\Roaming\Assassin's Creed
2016-08-29 13:55 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\schemas
2016-08-29 06:55 - 2016-07-16 19:43 - 04407808 _____ (Microsoft Corporation) C:\Windows\system32\rdvgm.exe
2016-08-29 06:55 - 2016-07-16 19:43 - 02315264 _____ (Microsoft Corporation) C:\Windows\system32\rdp4vs.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 01569750 _____ C:\Windows\system32\WindowsVirtualization.V2.mof
2016-08-29 06:55 - 2016-07-16 19:43 - 01241600 _____ (Microsoft Corporation) C:\Windows\system32\vmemulateddevices.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 01149404 _____ C:\Windows\system32\WindowsHyperVCluster.V2.mof
2016-08-29 06:55 - 2016-07-16 19:43 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\vmconnect.exe
2016-08-29 06:55 - 2016-07-16 19:43 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\vsconfig.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\vmcompute.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\vmsmb.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\vmicvdev.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00336296 _____ (Microsoft Corporation) C:\Windows\system32\TpmEngUM.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\vmsynth3dvideo.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\RemoteFileBrowse.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\vmdynmem.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\CCG.exe
2016-08-29 06:55 - 2016-07-16 19:43 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\CCGLaunchPad.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\vmicrdv.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\vmserial.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\vmtpm.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00144967 _____ C:\Windows\system32\virtmgmt.msc
2016-08-29 06:55 - 2016-07-16 19:43 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\vmdebug.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\vmbusvdev.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\HgsClientWmi.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00128128 _____ (Microsoft Corporation) C:\Windows\system32\vmsp.exe
2016-08-29 06:55 - 2016-07-16 19:43 - 00075616 _____ (Microsoft Corporation) C:\Windows\system32\rtpm.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\ContainerUpdater.exe
2016-08-29 06:55 - 2016-07-16 19:43 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\HyperVSysprepProvider.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00034816 _____ C:\Windows\system32\ActivationVdev.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ramparser.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\RdvgmProxy.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\RdvGpuInfo.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdparser.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00024752 _____ C:\Windows\system32\sbresources.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\passthruparser.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lunparser.sys
2016-08-29 06:55 - 2016-07-16 19:43 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RdvgmProxy.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\synth3dvideoproxy.dll
2016-08-29 06:55 - 2016-07-16 19:43 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\HostGuardianServiceClientResources.dll
2016-08-29 06:55 - 2016-07-16 19:41 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2016-08-29 06:55 - 2016-07-16 19:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbusr.sys
2016-08-29 06:55 - 2016-07-16 19:41 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsp.sys
2016-08-29 06:55 - 2016-07-16 19:41 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcip.sys
2016-08-29 06:55 - 2016-07-16 19:41 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspiper.dll
2016-08-29 06:18 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-29 06:12 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-29 04:37 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\appcompat
2016-08-29 04:34 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-29 03:46 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\LiveKernelReports
2016-08-29 03:44 - 2016-07-16 19:47 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-08-29 03:01 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-08-29 02:47 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-29 02:46 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\spool
2016-08-29 02:46 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-29 02:45 - 2016-07-16 19:47 - 00000000 ___RD C:\Windows\PrintDialog
2016-08-29 02:45 - 2016-07-16 19:47 - 00000000 ___RD C:\Windows\MiracastView
2016-08-29 02:45 - 2016-07-16 14:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2016-08-29 02:45 - 2016-07-16 14:04 - 00000000 ____D C:\Windows\system32\Sysprep
2016-08-26 13:43 - 2016-07-16 19:49 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-08-26 13:43 - 2016-07-16 19:49 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-08-29 03:02 - 2016-08-29 03:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-29 02:44

==================== End of FRST.txt ============================

 

Additional.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by AzE (09-09-2016 00:50:59)
Running from U:\Users\AzE\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-28 18:49:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-573256979-2979429187-2047617625-500 - Administrator - Disabled)
AzE (S-1-5-21-573256979-2979429187-2047617625-1001 - Administrator - Enabled) => C:\Users\AzE
DefaultAccount (S-1-5-21-573256979-2979429187-2047617625-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-573256979-2979429187-2047617625-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-573256979-2979429187-2047617625-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.02 - ASUSTeK Computer Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
BitTorrent (HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\BitTorrent) (Version: 7.9.2.37954 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.2.37954 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.17.4597 - FreeDownloadManager.ORG)
G.SKILL RIPJAWS KM780 RGB Keyboard (HKLM-x32\...\{3E72A82A-DF2C-41A8-BDD6-2C39148033C5}_is1) (Version: 15.10.0 - G.SKILL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
LatencyMon 6.50 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.8 - Hermann Schinagl)
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.3.2 (HKLM-x32\...\ManyCam) (Version: 5.3.2 - Visicom Media Inc.)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
NetWorx 5.5.4 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.209.0 - Overwolf Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.12.201608221014 - Sony Mobile Communications Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WhoCrashed 5.52 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\WinDirStat) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\AzE\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-573256979-2979429187-2047617625-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\AzE\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04304067-E736-4F73-8BA4-EA7133D69EB2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-08-29] (Overwolf LTD)
Task: {29B0D61B-8D83-4908-8E48-737DCB7C178C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => D:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {2B496BA2-7C06-4465-9192-089DB71722A9} - System32\Tasks\ASUS\ASUS AISuiteIII => D:\Program Files\AI Suite III\AISuite3.exe [2015-03-25] (ASUSTeK Computer Inc.)
Task: {38792B1D-D319-40A4-B2F0-6AC228AD494F} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => D:\Program Files\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {5A7E0657-FB62-4112-BFAB-1BF9EA282327} - System32\Tasks\FreeDownloadManagerNetworkMonitor => D:\Program Files\FDM\winwfpmonitor.exe [2016-08-23] ()
Task: {5ACEF5F4-BF97-4CDF-A9F4-0EE35A087791} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-29] (Google Inc.)
Task: {6C44CB11-6A30-4A3C-812E-E9E08EE8B633} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => D:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {6C6385C9-65BC-495B-9A6A-CB84D8997D75} - System32\Tasks\ASUS\Ez Update => D:\Program Files\AI Suite III\EZ Update\EzUpdt.exe [2015-01-09] ()
Task: {794F931C-6C14-4C9F-9D34-49189004E6C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-29] (Google Inc.)
Task: {9583BA89-4BB0-421B-AAE7-F25309202BEA} - System32\Tasks\ASUS\ASUS DIPAwayMode => D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-02-26] ()
Task: {CD7BA19B-9F9B-453B-B7CB-5A4F38A69304} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-29] (Adobe Systems Incorporated)
Task: {DC632E5B-71CE-489A-869F-96E87932B6B7} - System32\Tasks\ASUS\USB 3.0 Boost Service => D:\Program Files\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {DED68D1F-27AD-46C7-B613-090974EDAE93} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2016-08-06] (Piriform Ltd)
Task: {E867EBF1-65A4-4411-A878-C699B2EBB1AC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {F981BDDC-40CD-45B7-8734-F8A628B579ED} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-10-03] (MSFree Inc.)
Task: {FC1DDBDE-C720-4674-BDB9-5501A40AB852} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\AzE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.html

ShortcutWithArgument: C:\Users\AzE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AzE - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\AzE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Person 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-09-03 18:20 - 2016-08-26 05:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-29 21:27 - 2016-08-23 20:27 - 00848896 _____ () D:\Program Files\FDM\winwfpmonitor.exe
2016-08-29 21:27 - 2016-08-23 20:24 - 00029696 _____ () D:\Program Files\FDM\WinDivert.dll
2016-09-01 15:50 - 2014-09-09 10:14 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-09-03 18:21 - 2016-08-26 07:27 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-08-31 10:23 - 2016-08-31 10:32 - 00076152 _____ () C:\Windows\SysWoW64\PnkBstrA.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 00326656 _____ () C:\Windows\system32\wc_storage.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-09-01 15:51 - 2015-02-26 11:58 - 01271096 _____ () D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2016-09-01 15:50 - 2015-01-09 22:48 - 01461560 _____ () D:\Program Files\AI Suite III\EZ Update\EzUpdt.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-08-29 02:53 - 2016-08-29 02:53 - 00959168 _____ () C:\Users\AzE\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2004-10-01 02:15 - 2004-10-01 02:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00130048 _____ () C:\Windows\SYSTEM32\CHARTV.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-16 19:42 - 2016-07-16 19:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 19:43 - 2016-09-03 17:42 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-03 18:13 - 2016-08-20 12:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-30 11:26 - 2016-05-19 14:25 - 00808960 _____ () C:\Program Files\NetWorx\sqlite.dll
2015-03-07 08:07 - 2015-03-07 08:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-30 08:17 - 2016-08-30 08:17 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 08:07 - 2015-03-07 08:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-30 08:17 - 2016-08-30 08:17 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00086904 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
2016-08-29 21:27 - 2016-06-28 19:14 - 02160128 _____ () D:\Program Files\FDM\avformat-57.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 00484352 _____ () D:\Program Files\FDM\avutil-55.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 12621312 _____ () D:\Program Files\FDM\avcodec-57.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 02111488 _____ () D:\Program Files\FDM\avfilter-6.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 00663040 _____ () D:\Program Files\FDM\swscale-4.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 00071168 _____ () D:\Program Files\FDM\postproc-54.dll
2016-08-29 21:27 - 2016-06-28 19:14 - 00139264 _____ () D:\Program Files\FDM\swresample-2.dll
2016-08-29 21:27 - 2016-08-23 20:24 - 00099328 _____ () D:\Program Files\FDM\winunivappfeatures.dll
2016-08-29 21:27 - 2016-06-28 18:32 - 65771520 _____ () D:\Program Files\FDM\libcef.dll
2016-08-29 21:27 - 2016-06-28 18:32 - 02129920 _____ () D:\Program Files\FDM\libglesv2.dll
2016-08-29 21:27 - 2016-06-28 18:32 - 00087040 _____ () D:\Program Files\FDM\libegl.dll
2016-07-16 19:43 - 2016-09-03 17:42 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 19:43 - 2016-09-03 17:42 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 19:43 - 2016-09-03 17:42 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-03 18:13 - 2016-08-20 12:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-03 18:13 - 2016-08-20 12:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-29 03:15 - 2016-08-03 07:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-29 03:15 - 2016-08-03 07:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-29 21:27 - 2016-08-23 20:25 - 00823296 _____ () D:\Program Files\FDM\browsernativehost.exe
2016-07-16 19:42 - 2016-07-16 19:42 - 00236488 _____ () c:\windows\system32\WerEtw.dll
2016-09-01 15:50 - 2016-09-08 22:56 - 00033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-09-01 15:50 - 2014-09-09 10:14 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-09-01 15:51 - 2015-04-20 11:54 - 00711680 _____ () D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-09-01 15:51 - 2015-04-16 21:10 - 00857088 _____ () D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-09-01 15:51 - 2015-04-20 11:54 - 00803840 _____ () D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-09-01 15:51 - 2015-04-16 21:10 - 00814080 _____ () D:\Program Files\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-09-01 15:50 - 2014-10-09 09:31 - 00237568 _____ () D:\Program Files\AI Suite III\EZ Update\EzULIB.dll
2016-09-01 15:50 - 2014-02-24 17:49 - 00208896 _____ () D:\Program Files\AI Suite III\EZ Update\ImageHelper.dll
2016-09-01 15:50 - 2015-03-11 09:42 - 00091648 _____ () D:\Program Files\AI Suite III\Log4cxxWrapper.dll
2016-09-01 15:50 - 2015-03-11 09:42 - 00147456 _____ () D:\Program Files\AI Suite III\AssistFunc.dll
2016-09-01 15:51 - 2015-04-21 13:40 - 04407808 _____ () D:\Program Files\AI Suite III\DIP4\dip4.dll
2016-09-01 15:51 - 2015-04-20 11:54 - 00091648 _____ () D:\Program Files\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-09-01 15:50 - 2015-01-28 09:19 - 01141248 _____ () D:\Program Files\AI Suite III\EZ Update\EasyUpdt.dll
2016-09-01 15:51 - 2014-02-27 11:40 - 01181696 _____ () D:\Program Files\AI Suite III\Network iControl\Network iControl.dll
2016-09-01 15:50 - 2015-03-11 09:42 - 00828928 _____ () D:\Program Files\AI Suite III\Version\Version.dll
2016-09-01 15:51 - 2014-09-08 14:26 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-09-01 15:51 - 2014-09-26 21:40 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-09-01 15:50 - 2014-09-09 10:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-07-31 10:00 - 2015-07-31 10:00 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-09-03 18:20 - 2016-08-26 07:27 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-03 18:21 - 2016-08-26 07:27 - 00621104 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvGpuInterface.dll
2016-09-08 23:04 - 2016-08-09 07:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-09-08 23:04 - 2015-07-02 06:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-09-08 23:04 - 2016-08-24 03:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-09-08 23:04 - 2015-07-02 06:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-09-08 23:04 - 2015-07-02 06:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-09-08 23:04 - 2016-01-27 15:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-09-08 23:04 - 2016-01-27 15:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-09-08 23:04 - 2016-01-27 15:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-09-08 23:04 - 2016-01-27 15:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-09-08 23:04 - 2016-01-27 15:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-09-08 23:04 - 2016-08-24 03:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-09-08 23:04 - 2016-07-05 06:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-08 23:04 - 2016-08-05 04:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-09-08 23:04 - 2015-09-25 07:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 19:47 - 2016-07-16 19:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-573256979-2979429187-2047617625-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-573256979-2979429187-2047617625-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-573256979-2979429187-2047617625-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B21F936-0FEC-4047-98A9-675E2CE6C286}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{71621BDB-684E-493C-99D4-7722AEB348C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{34F2DEF8-CF4B-4C20-BF62-5D5146C4F733}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{582FA087-B0E8-44CE-9951-1E2ACF1AA332}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{4FDC8273-7B13-48CA-B6B0-D54E94E689BA}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{20A988E3-08BD-4A8D-9ED8-AECF67077CFF}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{1DC9ECC1-9D69-4164-8EB6-66390F1EE14D}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{51F07701-CDF9-4997-BF4F-13C1EEFAF58F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9E3A7EAD-EFF9-45AF-B271-E538FB4FCF5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{605A2EAA-32D8-4E2D-8FF9-BE566A6CBA0B}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{00685383-ACF8-41E5-9FF6-AF9B82EA4D37}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [{2187BD38-CC57-421F-AA51-4DEC1D66E074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA5677D2-ACE8-4F24-9690-7B7933D644C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3E411F8A-A3EA-4DEE-9E9E-D6E3858B26A6}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\vanguard-princess\vanpri.exe
FirewallRules: [{96507BBC-53C6-4C49-AE8C-E2D74527427C}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\vanguard-princess\vanpri.exe
FirewallRules: [{E13EFC71-6A17-4A85-9F2F-C1CBF4B4D978}] => (Allow) D:\Program Files\FDM\fdm.exe
FirewallRules: [{D6592BDA-796B-423A-9CD1-5B0726355802}] => (Allow) D:\Program Files\FDM\fdm.exe
FirewallRules: [{B856DF31-875F-4590-8C0A-2ECC2FAFABE7}] => (Allow) C:\Users\AzE\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C8A3FD3B-DFE9-40EA-9782-7279F7E81882}] => (Allow) C:\Users\AzE\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{203EA347-B1FD-4615-BE4B-7979F6E886D8}U:\users\aze\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) U:\users\aze\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{6A960C0F-24AA-4933-A7A8-89BDE0014E73}U:\users\aze\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) U:\users\aze\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{B63C427A-BC72-4FCE-AB0D-264757B24D68}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Team Fortress 2\hl2.exe
FirewallRules: [{9C16F5DA-D38F-4192-94AF-905EF978FBC6}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Team Fortress 2\hl2.exe
FirewallRules: [{279914FF-78D8-4242-AEA1-6C9FF514C866}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [TCP Query User{F0CEAC1F-4ADF-4191-9370-CE30184EB176}D:\game files\wot\worldoftanks.exe] => (Allow) D:\game files\wot\worldoftanks.exe
FirewallRules: [UDP Query User{7AFA2902-DB99-4F0A-83C5-4E7E278CDBA6}D:\game files\wot\worldoftanks.exe] => (Allow) D:\game files\wot\worldoftanks.exe
FirewallRules: [{CD2B3462-C9BA-4DDA-A29A-086730808636}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{537A0D16-FDB1-4D24-8A9A-24CAE4F6AD51}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{95B7FA9C-2374-41F3-A293-3B62FB3B6EDF}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{8285E1FA-8C94-49FF-AB50-A081CF9E0CA2}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{C75A5071-59AF-4D93-A3F9-D015D724EB36}] => (Allow) D:\Game Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{B95900A7-BA56-49DD-9B49-8ACEA65EB304}] => (Allow) D:\Game Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2883CCBF-CC34-4AED-9693-997167D288B3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1A596AB-DEF1-4965-945A-CD46A4AAE280}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{40986E2B-E0A9-4682-8A74-2B7AFA1FA633}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0D65912F-900C-4648-B06B-9907CA0D56D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9508A22A-D9D2-46A1-8F47-C5C065EFF48F}] => (Allow) D:\Game Files\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{C005EE8D-D102-4C0D-A231-CE63A4383950}] => (Allow) D:\Game Files\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{46D01181-14C3-4B90-BA7C-4AB9FED8D854}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{370F276F-65BE-4BD4-AF78-0329985965BB}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{18278337-B5A2-481F-A81C-73322EF3EE56}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{5ECF4596-E114-4D96-8589-40CB086EC359}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{6D472A21-55F7-4AA2-9FFE-B119D37DB325}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{FEA67451-CC28-473C-986D-BCDA14EA9AB0}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{582F4F94-04FD-4A41-95F9-C35F55BFE944}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{07FAA241-5579-4D39-87EE-2C72AC06BCAC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{946A1D3A-5B20-47C6-A299-01D118C25587}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{228A964F-F8A6-4CEF-A5A1-6DF970603B07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9D539EBB-E308-4678-ABA2-F1C2AE6E1FEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EA92B3E5-FB3B-4846-A29D-01BB5C62F62D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{676F2E79-EFB2-4CC8-8E94-E170F66C4909}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{188F4D46-7C9B-4565-B2C8-68D176FE3C4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{ED350FB7-372C-4A95-AF94-9E59A2EFDDD3}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [UDP Query User{DF29F52B-478F-4CBD-ABD2-60CF5B9B3E41}C:\program files\java\jre1.8.0_102\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_102\bin\javaw.exe
FirewallRules: [{F4D42248-A236-4632-B353-D9B2147C7CC7}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{879973E3-D2FD-4249-B361-CBB9A690130D}] => (Allow) D:\Game Files\Steam\STEAMAPPS\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{DAFA448B-C7E8-4780-95F4-2C0F2F3E659A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{D198E0C2-0273-41E0-981A-DEF63634A795}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR9485 Wireless Network Adapter
Description: Qualcomm Atheros AR9485 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2016 12:50:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: GDI32.dll, version: 10.0.14393.0, time stamp: 0x57899096
Exception code: 0xc000041d
Fault offset: 0x00003d46
Faulting process id: 0x1e7c
Faulting application start time: 0x01d209ef38f25181
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\System32\GDI32.dll
Report Id: af10888e-c186-4827-b353-48dafc1a9062
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/09/2016 12:50:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: ntdll.dll, version: 10.0.14393.103, time stamp: 0x57b7e09e
Exception code: 0xc0000005
Fault offset: 0x00044e7e
Faulting process id: 0x1e7c
Faulting application start time: 0x01d209ef38f25181
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 174167de-035c-4ba9-90a5-a292d93fcb91
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/09/2016 12:36:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: GDI32.dll, version: 10.0.14393.0, time stamp: 0x57899096
Exception code: 0xc000041d
Fault offset: 0x00003d46
Faulting process id: 0x2ecc
Faulting application start time: 0x01d209e354602d6c
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\System32\GDI32.dll
Report Id: 8890a67e-726d-4ccd-9860-47386709e5c7
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/09/2016 12:36:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: ntdll.dll, version: 10.0.14393.103, time stamp: 0x57b7e09e
Exception code: 0xc0000005
Fault offset: 0x00044e7e
Faulting process id: 0x2ecc
Faulting application start time: 0x01d209e354602d6c
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 551a6fc1-3d37-4d5d-93fb-377a4495d8f7
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/08/2016 11:01:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: GDI32.dll, version: 10.0.14393.0, time stamp: 0x57899096
Exception code: 0xc000041d
Fault offset: 0x00003d46
Faulting process id: 0x2104
Faulting application start time: 0x01d209e12c451596
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\System32\GDI32.dll
Report Id: ab7c13e6-baf7-4117-931a-d46061fda3ef
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/08/2016 11:01:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BitTorrent.exe, version: 7.8.2.30587, time stamp: 0x52fc1175
Faulting module name: ntdll.dll, version: 10.0.14393.103, time stamp: 0x57b7e09e
Exception code: 0xc0000005
Fault offset: 0x00044e7e
Faulting process id: 0x2104
Faulting application start time: 0x01d209e12c451596
Faulting application path: C:\Users\AzE\AppData\Roaming\Bittorrent\BitTorrent.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 3b9eb891-532b-4687-966d-c1140f3e71c3
Faulting package full name: 
Faulting package-relative application ID:

Error: (09/08/2016 10:56:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/08/2016 10:56:42 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2016 10:56:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\Windows\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/08/2016 10:56:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (09/09/2016 12:36:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{3185A766-B338-11E4-A71E-12E3F512A338}
 and APPID 
{7006698D-2974-4091-A424-85DD0B909E23}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/08/2016 11:55:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/08/2016 11:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (09/08/2016 11:04:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (09/08/2016 11:00:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/08/2016 10:55:58 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 41) (User: NT AUTHORITY)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.

Error: (09/08/2016 10:55:58 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 03225747456

Error: (09/08/2016 10:55:37 PM) (Source: DCOM) (EventID: 10010) (User: AZE-PC)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/08/2016 10:55:37 PM) (Source: DCOM) (EventID: 10010) (User: AZE-PC)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (09/08/2016 10:55:37 PM) (Source: DCOM) (EventID: 10010) (User: AZE-PC)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2016-09-09 00:25:20.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 00:25:20.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 00:25:20.477
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 00:25:20.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 00:25:19.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 00:25:19.059
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-08 23:13:10.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-08 23:13:10.320
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-08 18:41:33.261
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-08 18:41:33.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 48%
Total physical RAM: 8127.26 MB
Available physical RAM: 4152.63 MB
Total Virtual: 15586.01 MB
Available Virtual: 10726.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.07 GB) (Free:6.28 GB) NTFS
Drive d: (Game Files) (Fixed) (Total:715.84 GB) (Free:64.25 GB) NTFS
Drive e: (SSD Backup) (Fixed) (Total:59.41 GB) (Free:6.79 GB) NTFS
Drive t: (Torrents) (Fixed) (Total:377.98 GB) (Free:57.17 GB) NTFS
Drive u: (USER) (Fixed) (Total:215.67 GB) (Free:31.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: E74D027B)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3A503918)

Partition: GPT.

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 5AC00F78)

Partition: GPT.

==================== End of Addition.txt ============================

 

Link to post
Share on other sites

  • Staff

Hello,

Please update your database to 2016.09.10.03 & scan again. Issue should be fixed.

As a side note, your FRST log shows you have some strange junction points set up for several of your gaming programs which could be causing some of the error messages you are seeing in relation to your games, Bittorrent, etc.

Link to post
Share on other sites

Thank you, the updated database didn't detect steam as malware anymore.

which one did you mean, I can't find it in FRST log.

I did use junction to save space on my 64GB HDD. I also don't know which one I should use (Hardlink, junction, or symbolic link). could you point that out for me?
much appreciate it.

Link to post
Share on other sites

  • Staff

Here are the ones I spotted right off the bat..

2016-08-29 21:32 - 2016-08-29 21:32 - 00000000 ___DL C:\Users\AzE\AppData\Roaming\Bittorrent
2016-08-29 21:32 - 2016-08-29 21:32 - 00000000 ___DL C:\Users\AzE\AppData\Roaming\.minecraft
2016-08-29 13:52 - 2016-08-29 13:52 - 00000000 ___DL C:\Steam
2016-08-29 13:47 - 2016-08-29 13:47 - 00000000 ___DL C:\Windows\system32\Steam

D stands for Directory

L indicates it is a junction of some sort.

S - System H - Hidden R - Read only


This app will list all the junctions you have:

https://technet.microsoft.com/en-CA/sysinternals/bb896768.aspx

Usage instructions with examples at the bottom of the page.

Because Windows Vista and above have a fair number of junctions already by default, you probably want to output the results to a text file.

So for eg:

junction -s c:\ > myjunctions.txt

Log will be in same directory where you placed junction.exe

I am not sure which is the best to use. I have only used hardlink once to redirect the folder for my antivirus definitions to a thawed partition with Deepfreeze.

In case you are unsure of what some of the other entries in the log means:

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
Link to post
Share on other sites

I never put a "steam" folder junction in system32. I wonder how did that thing go there.

.minecraft and bittorrent folder was me, I link them for spaces. 
I will use Symbolic link for now since it doesn't register file/folder size.

Also, I found some more junction like C:\Documents and settings and some more in my user folders like "application data". "my documents" and more.
I have a feeling that this is not normal considering that I clean installed Windows 10. I found them when I enable the explorer to show hidden and system attribute files/folders.
I WAS probably infected by a malware somehow, and I assume that it is gone now.

Thank you for your help sir @blender. These extra info also helped me a lot. Thank you very much.

Link to post
Share on other sites

  • Staff

If you go to the steam directory in system32.. what is in there? Where does it link to? If different than Program Files (x86)\steam or Program Files\steam can you upload the steam.exe? I want to make sure I didn't jump the gun in fixing the initial reported issue.

Careful if you decide to delete any of these junctions... there are several that are normal.

Another way to get a list is this command:

dir /aL /s > c:\users\Research-02\myjunctions.txt (adjust output path to your liking)

I have Windows 7 but Windows 10 should be fairly close.

Just for info purposes, I'll attach my output so you get an idea. No customisation by me... whatever is there was done by Windows itself or my installed programs.

I am having difficulty finding a default junction list for Windows anything... but that output should get you started.

Blenders_junctions.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.