Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016 Ran by Varak (administrator) on VARAK-PC (31-10-2016 23:38:16) Running from E:\Download\Mozilla Loaded Profiles: Varak (Available Profiles: Varak & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) D:\Avast\AvastSvc.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe (Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (VMware, Inc.) D:\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Valve Corporation) D:\Steam\Steam.exe (Akamai Technologies, Inc.) C:\Users\Varak\AppData\Local\Akamai\netsession_win.exe (Octoshape ApS) C:\Users\Varak\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Akamai Technologies, Inc.) C:\Users\Varak\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe (Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Dropbox, Inc.) C:\Users\Varak\AppData\Roaming\Dropbox\bin\Dropbox.exe (VMware, Inc.) D:\VMware Player\hqtray.exe (NCSOFT Corporation) C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (AVAST Software) D:\Avast\avastui.exe (Disc Soft Ltd) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Razer, Inc.) C:\Users\Varak\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Almico Software (almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [VMware hqtray] => D:\VMware Player\hqtray.exe [64112 2010-11-11] (VMware, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2014-03-29] (NCSOFT Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-13] (Razer Inc.) HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast\AvastUI.exe [9099440 2016-10-28] (AVAST Software) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-10] (Plays.tv, LLC) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [2352832 2016-08-29] (Disc Soft Ltd) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [GG] => C:\Users\Varak\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-01] (GG Network S.A.) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3639280 2016-03-30] (Electronic Arts) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Varak\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Octoshape Streaming Services] => C:\Users\Varak\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [13969920 2014-09-13] () HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Kadu] => D:\Kadu\kadu.exe [1354452 2015-03-24] (Kadu Team) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Dropbox Update] => C:\Users\Varak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Battle.net] => D:\GRY\Battle.net\Battle.net Launcher.exe [3122152 2016-07-14] (Blizzard Entertainment) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [World of Tanks] => D:\GRY\World of Tanks\WargamingGameUpdater.exe [3134728 2016-09-26] (Wargaming.net) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14439584 2014-10-15] (Gadwin Systems) HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Run: [SimpleNoteApp3] => "C:\Users\Varak\AppData\Roaming\SimpleNotepad4\SimpleNoteApp5.exe" <===== ATTENTION HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\...\Policies\system: [DisableLockWorkstation] 0 HKLM\...\Providers\06zqxz49: C:\Users\Varak\AppData\LocalLow\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\0ak7f0z0: D:\Program Files\UDPdp\UDPnp4_\local64spl.dll HKLM\...\Providers\1od682xz: C:\Program Files (x86)\Mozilla Firefox\browser\features_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\2buzgj5q: D:\K-Lite Codec Pack_\local64spl.dll HKLM\...\Providers\2co2ctdz: C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\2ffof5fu: C:\Users\Varak\AppData\Local\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\35kzpcko: C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\3kfz9rqx: D:\Origin_\local64spl.dll HKLM\...\Providers\3sybvo0k: D:\MyFreeCodec\\local64spl.dll HKLM\...\Providers\4ahqll75: D:\Internet Download Manager\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\4gbsg7os: C:\WINDOWS\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\50v2bbew: C:\Users\DefaultAppPool\AppData\Local\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\52ic5l08: D:\Program Files\UDPdp\UDPnp4_\local64spl.dll HKLM\...\Providers\6f0fym51: C:\Program Files (x86)\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\6iynuoql: D:\Program Files\UDPdp\UDPnp4\\local64spl.dll HKLM\...\Providers\789cvtd2: C:\Program Files (x86)\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\8zdayf58: D:\MyFreeCodec_\local64spl.dll HKLM\...\Providers\99fuhxjd: D:\MyFreeCodec\\local64spl.dll HKLM\...\Providers\awr6aunc: C:\Users\Varak\AppData\Local\Google\Chrome\User Data_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\c3jqrco7: C:\Program Files (x86)\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\f6fvij7h: C:\Users\Varak\AppData\Local\Google\Chrome\User Data\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\g31rnpnx: C:\Users\Varak\AppData\LocalLow\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\ggn1q39w: D:\Origin\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\hlwxy87e: C:\Users\DefaultAppPool\AppData\Local\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\hs72lykk: D:\Internet Download Manager_\local64spl.dll HKLM\...\Providers\iblpcje3: C:\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\is8k79rj: C:\Users\DefaultAppPool\AppData\Local\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\j9c2ama5: D:\Origin\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\jxr219e4: C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\k44d47zy: C:\Users\Varak\AppData\Local\Google\Chrome\User Data_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\klncjwkm: D:\K-Lite Codec Pack\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\krzlkd59: C:\Users\Varak\AppData\Local\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\me26x14v: C:\WINDOWS\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\me9s7zon: D:\K-Lite Codec Pack\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\mkmgpr50: D:\Program Files\UDPdp\UDPnp4\\local64spl.dll HKLM\...\Providers\n3qrckfw: C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\nwnsdn0a: C:\Users\Varak\AppData\Local\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\ofgopzaa: C:\WINDOWS\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\oo0i4bw6: C:\Program Files (x86)\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\pthnnqjs: C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\pu6l1ivl: C:\Users\DefaultAppPool\AppData\Local\Temp\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\q32jqf6t: D:\Internet Download Manager\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\qhsk0mls: C:\Users\Varak\AppData\LocalLow\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\rawdpp92: C:\_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\rvg6s8el: D:\K-Lite Codec Pack_\local64spl.dll HKLM\...\Providers\rz46f4vi: C:\Program Files (x86)\Mozilla Firefox\browser\features_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\sf841o4s: C:\\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\t4tl8w5v: C:\WINDOWS\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\tsgq6stz: C:\_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\unh4d8nw: D:\MyFreeCodec_\local64spl.dll HKLM\...\Providers\uwj69ldk: C:\Users\Varak\AppData\Local\Temp_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\vnyc24py: C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock_\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\xa0ymysw: C:\Users\Varak\AppData\Local\Google\Chrome\User Data\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\xkccmba4: D:\Origin_\local64spl.dll HKLM\...\Providers\y10cusnu: C:\Users\Varak\AppData\LocalLow\Youtube AdBlock\local64spl.dll [142848 2016-10-31] () HKLM\...\Providers\zyhdrw8z: D:\Internet Download Manager_\local64spl.dll ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast\ashShA64.dll [2016-09-10] (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Varak\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-09-05] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () Startup: C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-27] ShortcutTarget: Dropbox.lnk -> C:\Users\Varak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LOA2.lnk [2016-08-18] ShortcutTarget: LOA2.lnk -> C:\LoA2\LOA2.exe () Startup: C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2015-12-07] ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (almico.com)) GroupPolicy: Restriction - Chrome <======= ATTENTION GroupPolicyScripts: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{391046f1-1670-434b-8219-5a988454ebba}: [DhcpNameServer] 62.179.1.61 62.179.1.63 Tcpip\..\Interfaces\{3cc40a6d-0dbf-4648-acd5-4bf7087d9724}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1879993363-3360728001-3534206898-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=sft&utm_medium=installer&utm_campaign=sft BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\GRY\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-06-25] (Perfect World Entertainment Inc) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-08-16] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\k1r9fk2p.default\Profiles\k1r9fk2p.default [not found] FF ProfilePath: C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default [2016-10-31] FF NewTab: Mozilla\Firefox\Profiles\k1r9fk2p.default -> hxxp://www.trotux.com/?z=349fce8dee365a20969cafdg1zbmam7m5mcz1m6b2c&from=isr&uid=ST1000DM003-9YN162_S1D1162QXXXXS1D1162Q&type=hp FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k1r9fk2p.default -> trotux FF SelectedSearchEngine: Mozilla\Firefox\Profiles\k1r9fk2p.default -> trotux FF Homepage: Mozilla\Firefox\Profiles\k1r9fk2p.default -> about:home FF Extension: (MEGA) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\firefox@mega.co.nz.xpi [2016-10-21] FF Extension: (LavaFox V2) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\info@djzig.com [2016-10-15] FF Extension: (Eliminator Slajdów) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2015-09-17] FF Extension: (Night Mode Pro) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\jid1-w2rQFrS7t0PHJo@jetpack.xpi [2016-10-20] FF Extension: (Pin It button) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-12-01] FF Extension: (Foxtrick) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}.xpi [2016-06-05] FF Extension: (Adblock Plus) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28] FF Extension: (Greasemonkey) - C:\Users\Varak\AppData\Roaming\Mozilla\Firefox\Profiles\k1r9fk2p.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-19] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - D:\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - D:\Avast\SafePrice\FF [2016-09-16] FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => not found FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - D:\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\GRY\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1879993363-3360728001-3534206898-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Varak\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS) FF Plugin HKU\S-1-5-21-1879993363-3360728001-3534206898-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Varak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-02] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Varak\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-21] (Octoshape ApS) Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR StartupUrls: ChromeDefaultData -> "hxxp://nutaku.net/" CHR Profile: C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-10-31] <==== ATTENTION CHR Extension: (Google Docs) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28] CHR Extension: (Google Drive) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28] CHR Extension: (James White) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-04-03] CHR Extension: (YouTube) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28] CHR Extension: (Google Exels) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-10-29] CHR Extension: (Google Search) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28] CHR Extension: (Dropbox for Gmail) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2016-08-16] CHR Extension: (グランブルーファンタジー[ChromeApps版]) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eablgejicbklomgaiclcolfilbkckngf [2016-08-16] CHR Extension: (Google Docs Offline) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (e-pity 2015 - dodatek) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2016-04-23] CHR Extension: (Gmail) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28] CHR Extension: (Chrome Media Router) - C:\Users\Varak\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ArcService; D:\GRY\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-06-25] (Perfect World Entertainment Inc) R2 avast! Antivirus; D:\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-07-23] (BitRaider, LLC) S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-02-09] (BitRaider, LLC) R2 Coalerly; C:\Program Files (x86)\Ckifasy\ZapingdreqisServer.dll [275968 2016-10-29] () [File not signed] R3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd) S3 GalaxyClientService; D:\GalaxyClient\GalaxyClientService.exe [281152 2016-09-22] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6394432 2016-09-28] (GOG.com) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2119688 2016-03-30] (Electronic Arts) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-10] (Plays.tv, LLC) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] () R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7953776 2016-09-28] (Reimage®) R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-10-14] (Razer Inc) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation) S3 ufad-ws60; D:\VMware Player\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.) R2 VMAuthdService; D:\VMware Player\vmware-authd.exe [113264 2010-11-11] (VMware, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307329.inf_amd64_55b6bd3e40065979\atikmdag.sys [26559504 2016-10-01] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307329.inf_amd64_55b6bd3e40065979\atikmpag.sys [527264 2016-10-01] (Advanced Micro Devices, Inc.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-15] (AVAST Software) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices) S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-02-09] (BitRaider) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-25] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-25] (Disc Soft Ltd) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2012-09-22] (DT Soft Ltd) R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] () S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.) R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider) R1 VBoxDrv; C:\Windows\SysWOW64\DRIVERS\VBoxDrv.sys [254240 2014-05-16] (Oracle Corporation) R2 vstor2-ws60; D:\VMware Player\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-31 23:36 - 2016-10-31 23:38 - 00000000 ____D C:\FRST 2016-10-30 22:00 - 2016-10-31 22:00 - 00142848 ____H C:\local64spl.dll 2016-10-30 22:00 - 2016-10-31 22:00 - 00000020 ____H C:\local64spl.dll.ini 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ___HD C:\WINDOWS\Temp_ 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ___HD C:\Users\Varak\AppData\LocalLow\Youtube AdBlock_ 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ___HD C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock_ 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ___HD C:\Program Files (x86)\Youtube AdBlock_ 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ___HD C:\_ 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ____D C:\Users\Varak\AppData\LocalLow\Youtube AdBlock 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ____D C:\Users\DefaultAppPool\AppData\LocalLow\Youtube AdBlock 2016-10-30 22:00 - 2016-10-30 22:00 - 00000000 ____D C:\Program Files (x86)\Youtube AdBlock 2016-10-30 12:33 - 2016-10-31 19:20 - 00005308 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Varak-PC-Varak Varak-PC 2016-10-29 22:42 - 2016-10-29 22:42 - 00000266 __RSH C:\Users\Varak\ntuser.pol 2016-10-29 22:29 - 2016-10-29 22:29 - 00003520 _____ C:\WINDOWS\System32\Tasks\Reimage Reminder 2016-10-29 22:28 - 2016-10-29 22:30 - 00000000 ____D C:\rei 2016-10-29 22:28 - 2016-10-29 22:28 - 00004338 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater 2016-10-29 22:28 - 2016-10-29 22:28 - 00001990 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk 2016-10-29 22:28 - 2016-10-29 22:28 - 00000000 ____D C:\ProgramData\Reimage Protector 2016-10-29 22:28 - 2016-10-29 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair 2016-10-29 22:28 - 2016-10-29 22:28 - 00000000 ____D C:\Program Files\Reimage 2016-10-29 22:27 - 2016-10-29 22:29 - 00000150 _____ C:\WINDOWS\Reimage.ini 2016-10-29 22:08 - 2016-10-29 22:08 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe 2016-10-29 22:08 - 2016-10-29 22:08 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll 2016-10-29 22:02 - 2016-10-29 22:02 - 00000000 ____D C:\Users\Varak\AppData\Roaming\ASPackage 2016-10-29 22:02 - 2016-10-29 22:02 - 00000000 ____D C:\Program Files (x86)\03000200-1477774947-0500-0006-000700080009 2016-10-29 22:01 - 2016-10-29 22:01 - 00002312 __RSH C:\ProgramData\ntuser.pol 2016-10-29 22:01 - 2016-10-29 22:01 - 00000000 ____D C:\ProgramData\Avira 2016-10-29 22:01 - 2016-10-29 22:01 - 00000000 ____D C:\ProgramData\Avg 2016-10-29 22:00 - 2016-10-29 22:00 - 00006072 _____ C:\WINDOWS\System32\Tasks\Clurers Server 2016-10-29 22:00 - 2016-10-29 22:00 - 00003634 _____ C:\WINDOWS\System32\Tasks\48156235445b4b0653a5d4549627ebef 2016-10-29 22:00 - 2016-10-29 22:00 - 00000000 ____D C:\Users\Varak\AppData\Roaming\BrowserModule 2016-10-29 21:59 - 2016-10-29 22:50 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Clesyphimile 2016-10-29 21:59 - 2016-10-29 22:41 - 00000000 ____D C:\Program Files (x86)\Ckifasy 2016-10-29 21:53 - 2016-10-31 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-10-29 21:52 - 2016-10-29 21:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-10-29 21:51 - 2016-10-29 22:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-10-29 21:51 - 2016-10-29 22:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-10-29 21:51 - 2016-10-29 21:51 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-10-29 21:49 - 2016-10-29 21:52 - 00000000 ____D C:\Program Files\Microsoft Office 2016-10-29 21:49 - 2016-10-29 21:49 - 00000000 __RHD C:\MSOCache 2016-10-29 21:17 - 2016-10-30 15:09 - 00016853 _____ C:\Users\Varak\Desktop\Osawari.xlsx 2016-10-29 19:56 - 2016-10-29 19:56 - 00000000 ____D C:\Users\Varak\AppData\LocalLow\uTorrent 2016-10-27 20:03 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-10-27 20:03 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-10-27 20:03 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-10-27 20:03 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2016-10-27 20:03 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-10-27 20:03 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-10-27 20:03 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2016-10-27 20:03 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-10-27 20:03 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-10-27 20:03 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-10-27 20:03 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll 2016-10-27 20:03 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-10-27 20:03 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2016-10-27 20:03 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-10-27 20:03 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2016-10-27 20:03 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-10-27 20:03 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-10-27 20:03 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-10-27 20:03 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-10-27 20:03 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-10-27 20:03 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-10-27 20:03 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-10-27 20:03 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-10-27 20:03 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-10-27 20:03 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-10-27 20:03 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-10-27 20:03 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-10-27 20:03 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2016-10-27 20:03 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-10-27 20:03 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-10-27 20:03 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-10-27 20:03 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2016-10-27 20:03 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-10-27 20:03 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-10-27 20:03 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-10-27 20:03 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll 2016-10-27 20:03 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-10-27 20:03 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2016-10-27 20:03 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-10-27 20:03 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-10-27 20:03 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-10-27 20:03 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-10-27 20:03 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-10-27 20:03 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-10-27 20:03 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-10-27 20:03 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-10-27 20:03 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-10-27 20:03 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-10-27 20:03 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-10-27 20:03 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-10-27 20:03 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-10-27 20:03 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-10-27 20:03 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-10-27 20:03 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-10-27 20:03 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2016-10-27 20:03 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-10-27 20:02 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-10-27 20:02 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-10-27 20:02 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-10-27 20:02 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-10-27 20:02 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-10-27 20:02 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2016-10-27 20:02 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-10-27 20:02 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-10-27 20:02 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2016-10-27 20:02 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2016-10-27 20:02 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-10-27 20:02 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-10-27 20:02 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2016-10-27 20:02 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-10-27 20:02 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-10-27 20:02 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-10-27 20:02 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-10-27 20:02 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-10-27 20:02 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-10-27 20:02 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2016-10-27 20:02 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-10-27 20:02 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2016-10-27 20:02 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-10-27 20:02 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2016-10-27 20:02 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2016-10-27 20:02 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-10-27 20:02 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-10-27 20:02 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll 2016-10-27 20:02 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-10-27 20:02 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys 2016-10-27 20:02 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-10-27 20:02 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-10-27 20:02 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-10-27 20:02 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2016-10-27 20:02 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2016-10-27 20:02 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-10-27 20:02 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-10-27 20:02 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-10-27 20:02 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-10-27 20:02 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2016-10-27 20:02 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll 2016-10-27 20:02 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-10-27 20:02 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-10-27 20:02 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2016-10-27 20:02 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-10-27 20:02 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2016-10-27 20:02 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-10-27 20:02 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-10-27 20:02 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-10-27 20:02 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-10-27 20:02 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-10-27 20:02 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll 2016-10-27 20:02 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-10-27 20:02 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-10-27 20:02 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-10-27 20:02 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-10-27 20:02 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2016-10-27 20:02 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-10-27 20:02 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb 2016-10-27 20:02 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-10-27 20:02 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-10-27 20:02 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2016-10-27 20:02 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-10-27 20:02 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2016-10-27 20:02 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2016-10-27 20:02 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll 2016-10-27 20:02 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll 2016-10-27 20:02 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2016-10-27 20:02 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2016-10-27 20:02 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2016-10-27 20:02 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-10-27 20:02 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2016-10-27 20:02 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll 2016-10-27 20:02 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2016-10-27 20:02 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll 2016-10-27 20:02 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll 2016-10-27 20:02 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-10-27 20:02 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2016-10-27 20:02 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll 2016-10-27 20:02 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-10-27 20:02 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-10-27 20:02 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2016-10-27 20:02 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-10-27 20:02 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-10-27 20:02 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-10-27 20:02 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-10-27 20:02 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-10-27 20:02 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-10-27 20:02 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-10-27 20:02 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-10-27 20:02 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-10-27 20:02 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2016-10-27 20:02 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-10-27 20:02 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-10-27 20:02 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-10-27 20:02 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-10-27 20:02 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-10-27 20:02 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-10-27 20:02 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2016-10-27 20:02 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-10-27 20:02 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-10-27 20:02 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-10-27 20:02 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2016-10-27 20:02 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe 2016-10-27 20:02 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-10-27 20:02 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-10-27 20:02 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll 2016-10-27 20:02 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-10-27 20:02 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-10-27 20:02 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-10-27 20:02 - 2016-10-15 04:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll 2016-10-27 20:02 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 02781184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2016-10-27 20:02 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-10-27 20:02 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2016-10-27 20:02 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-10-27 20:02 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-10-27 20:02 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2016-10-27 20:02 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-10-27 20:02 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-10-27 20:02 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-10-27 20:02 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-10-27 20:02 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-10-27 20:02 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2016-10-27 20:02 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2016-10-27 20:02 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-10-27 20:02 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-10-27 20:02 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2016-10-27 20:02 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2016-10-27 20:02 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-10-27 20:01 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2016-10-27 20:01 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb 2016-10-27 20:01 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-10-27 20:01 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2016-10-27 20:01 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-10-27 20:01 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-10-27 20:01 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-10-27 20:01 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-10-27 20:01 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-10-27 20:01 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-10-27 20:01 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2016-10-27 20:01 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe 2016-10-27 20:01 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-10-27 20:01 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-10-27 18:45 - 2016-10-27 18:45 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-10-27 16:32 - 2016-10-27 16:32 - 00000000 ____D C:\Users\Varak\AppData\LocalLow\AMD 2016-10-25 16:49 - 2016-10-25 16:49 - 00000000 ____D C:\WINDOWS\system32\˙˙˙˙˙˙˙˙erStore 2016-10-25 16:19 - 2016-10-25 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2016-10-21 23:10 - 2016-10-21 23:10 - 00000849 _____ C:\Users\Public\Desktop\Sid Meiers Civilization VI.lnk 2016-10-21 23:10 - 2016-10-21 23:10 - 00000849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI.lnk 2016-10-16 12:23 - 2016-10-16 12:23 - 00000761 _____ C:\Users\Public\Desktop\Cum on! Bukkake Ranch!.lnk 2016-10-16 12:23 - 2016-10-16 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cum on! Bukkake Ranch! 2016-10-16 12:04 - 2016-10-16 12:04 - 00049176 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\RzSurroundVAD.sys 2016-10-15 21:05 - 2016-10-15 21:05 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Gadwin 2016-10-15 21:04 - 2016-10-15 21:04 - 00002185 _____ C:\Users\Public\Desktop\Gadwin PrintScreen (64-Bit).lnk 2016-10-15 21:04 - 2016-10-15 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin 2016-10-15 21:04 - 2016-10-15 21:04 - 00000000 ____D C:\Program Files\Gadwin 2016-10-15 13:35 - 2016-09-17 01:12 - 00044144 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys 2016-10-12 16:06 - 2016-10-05 11:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2016-10-12 16:06 - 2016-10-05 11:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-10-12 16:06 - 2016-10-05 11:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-10-12 16:06 - 2016-10-05 11:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2016-10-12 16:06 - 2016-10-05 11:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-10-12 16:06 - 2016-10-05 11:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2016-10-12 16:06 - 2016-10-05 11:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-10-12 16:06 - 2016-10-05 11:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-10-12 16:06 - 2016-10-05 11:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-10-12 16:06 - 2016-10-05 11:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2016-10-12 16:06 - 2016-10-05 11:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-10-12 16:06 - 2016-10-05 11:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-10-12 16:06 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-10-12 16:06 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2016-10-12 16:06 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-10-12 16:06 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-10-12 16:06 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-10-12 16:06 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-10-12 16:06 - 2016-10-05 10:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2016-10-12 16:06 - 2016-10-05 10:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2016-10-12 16:06 - 2016-10-05 10:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 16:06 - 2016-10-05 10:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-10-12 16:06 - 2016-10-05 10:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2016-10-12 16:06 - 2016-10-05 10:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-10-12 16:06 - 2016-10-05 10:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2016-10-12 16:06 - 2016-10-05 10:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-10-12 16:06 - 2016-10-05 10:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2016-10-12 16:06 - 2016-10-05 10:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-10-12 16:06 - 2016-10-05 10:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll 2016-10-12 16:06 - 2016-10-05 10:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-10-12 16:06 - 2016-10-05 10:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-10-12 16:06 - 2016-10-05 10:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2016-10-12 16:06 - 2016-10-05 10:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2016-10-12 16:06 - 2016-10-05 10:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-10-12 16:06 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-10-12 16:06 - 2016-10-05 10:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2016-10-12 16:06 - 2016-10-05 10:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-10-12 16:06 - 2016-10-05 10:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2016-10-12 16:06 - 2016-10-05 10:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-10-12 16:06 - 2016-10-05 10:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-10-12 16:06 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2016-10-12 16:06 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2016-10-12 16:06 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2016-10-12 16:06 - 2016-10-05 10:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2016-10-12 16:06 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-10-12 16:06 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 16:06 - 2016-10-05 10:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-10-12 16:06 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-10-12 16:06 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll 2016-10-12 16:06 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2016-10-12 16:06 - 2016-10-05 10:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-10-12 16:06 - 2016-10-05 10:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-10-12 16:06 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2016-10-12 16:06 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-10-12 16:06 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2016-10-12 16:06 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2016-10-12 16:06 - 2016-10-05 10:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2016-10-12 16:06 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-10-12 16:06 - 2016-10-05 10:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2016-10-12 16:06 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-10-12 16:06 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-10-12 16:06 - 2016-10-05 10:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-10-12 16:06 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2016-10-12 16:06 - 2016-10-05 10:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-10-12 16:06 - 2016-10-05 10:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2016-10-12 16:06 - 2016-10-05 10:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-10-12 16:06 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-10-12 16:06 - 2016-10-05 10:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-10-12 16:06 - 2016-10-05 10:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-10-12 16:06 - 2016-10-05 10:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-10-12 16:06 - 2016-10-05 10:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-10-12 16:06 - 2016-10-05 10:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-10-12 16:06 - 2016-10-05 10:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-10-12 16:06 - 2016-10-05 10:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-10-12 16:06 - 2016-10-05 10:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2016-10-12 16:06 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-10-12 16:06 - 2016-10-05 10:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-10-12 16:06 - 2016-10-05 10:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-10-12 16:06 - 2016-10-05 10:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-10-12 16:06 - 2016-10-05 10:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-10-12 16:06 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2016-10-12 16:06 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-10-12 16:06 - 2016-10-05 10:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-10-12 16:06 - 2016-10-05 10:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-10-12 16:06 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2016-10-12 16:06 - 2016-10-05 10:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-10-12 16:06 - 2016-10-05 10:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2016-10-12 16:06 - 2016-10-05 10:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2016-10-12 16:06 - 2016-10-05 10:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-10-12 16:06 - 2016-10-05 10:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-10-12 16:06 - 2016-10-05 10:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-10-12 16:06 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-10-12 16:06 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-10-12 16:06 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-10-12 16:06 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-10-12 16:06 - 2016-10-05 10:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-10-12 16:06 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-10-12 16:06 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-10-12 16:06 - 2016-10-05 10:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-10-12 16:06 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-10-12 16:06 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-10-12 16:06 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-10-12 16:06 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-10-12 16:06 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-10-12 16:06 - 2016-10-05 10:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-10-12 16:06 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-10-12 16:06 - 2016-10-05 01:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-10-12 16:06 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-10-12 16:05 - 2016-10-05 11:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-10-12 16:05 - 2016-10-05 11:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-10-12 16:05 - 2016-10-05 10:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2016-10-12 16:05 - 2016-10-05 10:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2016-10-12 16:05 - 2016-10-05 10:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-10-12 16:05 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2016-10-12 16:05 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-10-12 16:05 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2016-10-09 19:15 - 2016-10-09 19:15 - 00000000 ____D C:\ProgramData\.mono 2016-10-09 18:17 - 2016-10-09 18:17 - 00000202 _____ C:\Users\Varak\Desktop\Cities Skylines.url 2016-10-08 11:23 - 2016-10-08 11:23 - 00000201 _____ C:\Users\Varak\Desktop\Sid Meier's Civilization Beyond Earth.url 2016-10-06 16:55 - 2016-10-06 16:55 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0 2016-10-02 17:31 - 2016-10-02 17:31 - 00000735 _____ C:\Users\Public\Desktop\Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~.lnk 2016-10-02 17:31 - 2016-10-02 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~ 2016-10-01 10:10 - 2016-10-01 10:10 - 00474992 _____ C:\WINDOWS\system32\amdmiracast.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00155616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00151456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00135288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2016-10-01 10:10 - 2016-10-01 10:10 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00900000 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00301472 _____ C:\WINDOWS\system32\dgtrayicon.exe 2016-10-01 10:08 - 2016-10-01 10:08 - 00284064 _____ C:\WINDOWS\system32\GameManager64.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00277920 _____ C:\WINDOWS\system32\clinfo.exe 2016-10-01 10:08 - 2016-10-01 10:08 - 00242080 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00168864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00143776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00138144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00117152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2016-10-01 10:08 - 2016-10-01 10:08 - 00029088 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2016-10-01 10:07 - 2016-10-01 10:07 - 00145312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2016-10-01 10:07 - 2016-10-01 10:07 - 00126368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2016-10-01 10:06 - 2016-10-01 10:06 - 00467360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2016-10-01 10:06 - 2016-10-01 10:06 - 00295840 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2016-10-01 10:06 - 2016-10-01 10:06 - 00239008 _____ C:\WINDOWS\system32\atieah64.exe 2016-10-01 10:06 - 2016-10-01 10:06 - 00216992 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2016-10-01 10:06 - 2016-10-01 10:06 - 00210336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2016-10-01 10:06 - 2016-10-01 10:06 - 00119200 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2016-10-01 10:05 - 2016-10-01 10:05 - 09396128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2016-10-01 10:05 - 2016-10-01 10:05 - 07580064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2016-10-01 10:05 - 2016-10-01 10:05 - 02453920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2016-10-01 10:05 - 2016-10-01 10:05 - 02141600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2016-10-01 10:05 - 2016-10-01 10:05 - 00411040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2016-10-01 10:05 - 2016-10-01 10:05 - 00068512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00758688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00633760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00256928 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00229792 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00121248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00112032 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00091552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2016-10-01 10:03 - 2016-10-01 10:03 - 00075168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2016-10-01 09:57 - 2016-10-01 09:57 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2016-10-01 09:56 - 2016-10-01 09:56 - 01341856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2016-10-01 09:56 - 2016-10-01 09:56 - 00531872 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2016-10-01 09:56 - 2016-10-01 09:56 - 00276384 _____ C:\WINDOWS\system32\hsa-thunk64.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-10-31 23:38 - 2016-08-04 05:46 - 00000000 ____D C:\Users\Varak\Temp 2016-10-31 23:35 - 2016-05-05 16:38 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt 2016-10-31 23:20 - 2016-08-04 08:12 - 01307336 _____ C:\WINDOWS\system32\perfh015.dat 2016-10-31 23:20 - 2016-08-04 08:12 - 00356850 _____ C:\WINDOWS\system32\perfc015.dat 2016-10-31 23:20 - 2016-08-03 22:25 - 03293902 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-31 23:18 - 2015-10-10 09:42 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2016-10-31 23:18 - 2013-11-17 03:04 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Raptr 2016-10-31 23:17 - 2014-05-07 21:37 - 00000000 ___RD C:\Users\Varak\Dropbox 2016-10-31 23:15 - 2012-10-27 23:40 - 00000000 ____D C:\ProgramData\VMware 2016-10-31 23:14 - 2016-08-03 22:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-31 23:14 - 2016-08-03 22:26 - 00000000 ____D C:\Users\Varak 2016-10-31 23:14 - 2016-02-28 02:57 - 00000000 ____D C:\Program Files (x86)\Google 2016-10-31 22:07 - 2016-08-03 22:22 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-10-31 22:07 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-10-31 21:25 - 2013-09-16 17:23 - 00000000 ____D C:\ProgramData\TEMP 2016-10-31 21:16 - 2015-08-28 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-31 19:25 - 2016-08-03 22:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-10-30 12:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-10-29 22:50 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-10-29 22:48 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-29 22:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-10-29 22:48 - 2015-07-26 21:04 - 00000000 ____D C:\Users\Varak\.VirtualBox 2016-10-29 22:42 - 2016-08-03 22:19 - 00323360 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-10-29 22:42 - 2015-07-26 21:03 - 00000000 _____ C:\hsrv.txt 2016-10-29 22:14 - 2012-09-22 22:20 - 00000549 _____ C:\Users\Public\Desktop\WinRAR.lnk 2016-10-29 22:14 - 2012-09-22 22:20 - 00000549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk 2016-10-29 22:14 - 2012-09-22 22:20 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-10-29 22:14 - 2012-09-22 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-10-29 22:01 - 2016-08-03 22:22 - 00000000 ____D C:\Program Files (x86)\Razer 2016-10-29 22:01 - 2014-04-25 16:23 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-10-29 22:01 - 2013-10-14 16:56 - 00000000 ____D C:\Program Files (x86)\NCH Software 2016-10-29 22:01 - 2012-09-21 20:02 - 00000000 ____D C:\Program Files (x86)\Intel 2016-10-29 22:01 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-10-29 22:00 - 2016-08-04 08:15 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-10-29 22:00 - 2016-08-04 08:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-10-29 22:00 - 2016-08-04 08:00 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-10-29 22:00 - 2016-07-31 13:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-10-29 22:00 - 2016-07-31 13:06 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-10-29 22:00 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-10-29 22:00 - 2016-06-12 04:41 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-10-29 22:00 - 2016-05-25 23:42 - 00000000 ____D C:\Program Files (x86)\QuickTime 2016-10-29 22:00 - 2016-05-22 20:28 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack 2016-10-29 22:00 - 2016-05-05 17:08 - 00000000 ____D C:\Program Files (x86)\AMD 2016-10-29 22:00 - 2016-03-10 16:50 - 00000000 ____D C:\Program Files (x86)\Raptr Inc 2016-10-29 22:00 - 2015-09-05 12:06 - 00000000 ____D C:\Program Files (x86)\TP-LINK 2016-10-29 22:00 - 2015-08-29 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-10-29 22:00 - 2015-07-08 18:39 - 00000000 ____D C:\Program Files (x86)\Foxit Software 2016-10-29 22:00 - 2014-12-10 19:43 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2016-10-29 22:00 - 2014-09-18 16:26 - 00000000 ____D C:\Program Files (x86)\Bloody5 2016-10-29 22:00 - 2014-03-29 13:04 - 00000000 ____D C:\Program Files (x86)\NCWest 2016-10-29 22:00 - 2013-07-14 02:33 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-10-29 22:00 - 2013-06-10 20:26 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-10-29 22:00 - 2013-05-02 10:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0 2016-10-29 22:00 - 2013-04-08 20:13 - 00000000 ____D C:\Program Files (x86)\NuGet 2016-10-29 22:00 - 2013-04-08 20:10 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2016-10-29 22:00 - 2013-04-08 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-10-29 22:00 - 2013-04-08 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2016-10-29 22:00 - 2013-04-08 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2016-10-29 22:00 - 2013-03-23 23:37 - 00000000 ____D C:\Program Files (x86)\Origin Games 2016-10-29 22:00 - 2013-03-20 21:56 - 00000000 ____D C:\Program Files (x86)\Java 2016-10-29 22:00 - 2013-02-07 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-10-29 22:00 - 2013-01-26 12:09 - 00000000 ____D C:\Program Files (x86)\AMD APP 2016-10-29 22:00 - 2013-01-01 22:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA 2016-10-29 22:00 - 2012-12-30 16:22 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-10-29 22:00 - 2012-12-16 17:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2016-10-29 22:00 - 2012-09-22 22:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2016-10-29 22:00 - 2012-09-22 22:08 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-10-29 22:00 - 2012-09-22 19:00 - 00000000 ____D C:\Program Files (x86)\Paragon Software 2016-10-29 22:00 - 2012-09-21 23:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-10-29 22:00 - 2012-09-21 23:20 - 00000000 ____D C:\Program Files (x86)\MozBackup 2016-10-29 22:00 - 2012-09-21 22:22 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-10-29 22:00 - 2012-09-21 19:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-10-29 22:00 - 2012-09-21 19:28 - 00000000 ____D C:\Program Files (x86)\REALTEK 2016-10-29 21:52 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-10-29 21:51 - 2015-10-30 10:07 - 00000000 ____D C:\WINDOWS\ShellNew 2016-10-29 21:42 - 2012-10-15 16:44 - 00000000 ____D C:\Users\Varak\AppData\Roaming\GG 2016-10-29 21:36 - 2012-09-22 23:01 - 00000000 ____D C:\Users\Varak\AppData\Roaming\uTorrent 2016-10-29 09:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2016-10-28 22:31 - 2013-08-18 14:47 - 00000000 ____D C:\Users\Varak\AppData\Roaming\RenPy 2016-10-28 19:41 - 2015-09-03 18:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-10-28 02:19 - 2016-04-08 22:23 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-28 02:16 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-10-28 02:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-10-28 02:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-10-28 02:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-10-28 02:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-10-28 02:15 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-10-27 22:26 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-10-27 18:45 - 2014-05-07 21:35 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Dropbox 2016-10-26 16:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-10-26 16:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-10-25 21:15 - 2016-02-28 03:00 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-25 21:15 - 2016-02-28 03:00 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-25 17:02 - 2014-10-16 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-10-25 17:02 - 2013-10-21 17:05 - 00000000 ____D C:\ProgramData\Oracle 2016-10-25 17:01 - 2014-10-16 18:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-10-25 16:15 - 2016-08-03 22:22 - 00000000 ____D C:\Program Files\AMD 2016-10-25 00:30 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-10-25 00:30 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-10-24 03:08 - 2016-05-05 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt 2016-10-21 23:15 - 2015-01-18 13:16 - 00000000 ____D C:\Users\Varak\AppData\Roaming\FiraxisLive 2016-10-21 23:15 - 2012-09-29 23:34 - 00000000 ____D C:\Users\Varak\Documents\My Games 2016-10-16 14:24 - 2015-03-14 03:46 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Kadu 2016-10-15 13:51 - 2015-10-29 17:37 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys 2016-10-12 21:17 - 2013-02-07 20:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-12 21:16 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-10-12 21:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-10-12 21:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-10-12 21:16 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-10-12 16:20 - 2013-02-07 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-12 16:19 - 2013-07-11 16:05 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-10-12 16:12 - 2012-09-21 19:15 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-10-12 15:50 - 2016-07-16 12:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2016-10-12 15:49 - 2016-07-16 12:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2016-10-12 15:47 - 2016-08-03 22:50 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-10-12 15:47 - 2015-06-13 15:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-09 18:17 - 2012-09-25 18:27 - 00000000 ____D C:\Users\Varak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-10-01 10:09 - 2016-07-25 21:54 - 00134776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2016-10-01 10:08 - 2016-07-25 21:53 - 00248736 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2016-10-01 10:06 - 2016-07-25 21:55 - 00149008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2016-10-01 10:06 - 2016-07-25 21:55 - 00136616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2016-10-01 10:06 - 2016-07-25 21:55 - 00109472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2016-10-01 10:06 - 2016-07-25 21:55 - 00098208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2016-10-01 10:06 - 2016-07-25 21:52 - 00184224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2016-10-01 10:05 - 2016-07-25 21:51 - 01006496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2016-10-01 10:05 - 2016-07-25 21:51 - 01006496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2016-10-01 09:56 - 2016-07-25 21:53 - 00029088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2016-10-01 00:39 - 2016-07-16 15:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-10-01 00:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-10-01 00:39 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-10-01 00:39 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-10-01 00:39 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism ==================== Files in the root of some directories ======= 2014-05-23 22:16 - 2014-05-23 22:16 - 0000000 _____ () C:\Program Files (x86)\FallenEnchantress.exe 2015-09-03 18:53 - 2015-09-03 18:53 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD 2015-07-26 20:59 - 2015-09-14 18:01 - 0002056 _____ () C:\Users\Varak\AppData\Roaming\droid4xinstaller.log 2015-10-22 22:21 - 2015-10-22 22:21 - 0003584 _____ () C:\Users\Varak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-27 17:08 - 2016-10-24 03:28 - 0000600 _____ () C:\Users\Varak\AppData\Local\PUTTY.RND Some files in TEMP: ==================== C:\Users\Varak\Temp\jre-8u111-windows-au.exe C:\Users\Varak\Temp\ReimagePackage.exe C:\Users\Varak\Temp\sfamcc00001.dll C:\Users\Varak\Temp\sfamcc00002.dll C:\Users\Varak\Temp\sfareca00001.dll C:\Users\Varak\Temp\sfareca00002.dll C:\Users\Varak\Temp\{6B86E0DB-2D90-4C44-8BFB-260292A7D2B2}-DropboxClient_12.4.22.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-10-27 22:22 ==================== End of FRST.txt ============================