Please help safesearch.ch

Status
Not open for further replies.

Dron3

New Member
Thread author
Oct 27, 2015
2
Hello I have just noticed that I can change the search engine and started tinkering with the PC and discovered its a malware. Please help me remove it because everything I have tried so far did help. It still says that the "safesearch.ch this setting is enforced by your administrator".

Thanks you for your help.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by AndyK (administrator) on DESKTOP-1RUD97B (27-10-2015 16:54:17)
Running from C:\Users\AndyK\Downloads
Loaded Profiles: AndyK (Available Profiles: AndyK)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Golden Frog, GmbH.) C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(© 2015 Microsoft Corporation) C:\Users\AndyK\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-08-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-21] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-01] (Logitech Inc.)
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\Run: [MyComGames] => C:\Users\AndyK\AppData\Local\MyComGames\MyComGames.exe [4111304 2015-08-28] (MY.COM B.V.)
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\Run: [BingSvc] => C:\Users\AndyK\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\Run: [GameCenterMailRu] => "C:\Users\AndyK\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-10-27]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 206.248.154.22 206.248.154.170
Tcpip\..\Interfaces\{042947df-0d79-46d5-82f3-2728e58148ba}: [DhcpNameServer] 206.248.154.22 206.248.154.170
Tcpip\..\Interfaces\{97530375-01d8-4d8f-86ea-0a08918ba9f9}: [DhcpNameServer] 10.3.28.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3117560243-3129920269-3089857592-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Simple -> {d94f51b0-ba26-454b-bf8d-7c495c5e3db6} -> C:\Windows\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\AndyK\AppData\Roaming\Mozilla\Firefox\Profiles\qlyut6ps.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3117560243-3129920269-3089857592-1001: @mail.ru/GameCenter -> C:\Users\AndyK\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [No File]
FF Plugin HKU\S-1-5-21-3117560243-3129920269-3089857592-1001: @my.com/Games -> C:\Users\AndyK\AppData\Local\MyComGames\NPMyComDetector.dll [2015-08-24] (My.com, Inc)
FF Extension: Adblock Plus - C:\Users\AndyK\AppData\Roaming\Mozilla\Firefox\Profiles\qlyut6ps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{jid1-vS7biDmom8YxhA@jetpack}] - C:\Users\AndyK\AppData\Roaming\Mozilla\Firefox\Profiles\qlyut6ps.default\extensions\{jid1-vS7biDmom8YxhA@jetpack} => not found

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR Profile: C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-27]
CHR Extension: (MSN Homepage) - C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2015-10-19]
CHR Extension: (Tab) - C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdfjhiclilbjdpeejgcgebmmihkkofji [2015-10-20]
CHR Extension: (Skype Click to Call) - C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AndyK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-20]
CHR HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-08-13] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [984768 2015-07-16] (@ByELDI) [File not signed]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-21] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [194560 2015-08-24] (Golden Frog, GmbH.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-08-13] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [41080 2015-10-27] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-20] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [49424 2015-08-21] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [57608 2015-08-21] (SoftEther Corporation)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2015-08-26] (DEVGURU Co., LTD.)
S3 ssudrmnetmp; C:\Windows\System32\drivers\ssudrmnetmp.sys [95488 2015-08-26] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-08-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapvyprvpn; C:\Windows\System32\drivers\tapvyprvpn.sys [44896 2015-07-27] (The OpenVPN Project)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 X6va031; \??\C:\Windows\SysWOW64\Drivers\X6va031 [25816 2015-08-26] ()
S3 X6va034; \??\C:\Windows\SysWOW64\Drivers\X6va034 [26840 2015-10-21] ()
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-27 16:54 - 2015-10-27 16:54 - 00015345 _____ C:\Users\AndyK\Downloads\FRST.txt
2015-10-27 16:54 - 2015-10-27 16:54 - 00000000 ____D C:\FRST
2015-10-27 16:53 - 2015-10-27 16:53 - 02197504 _____ (Farbar) C:\Users\AndyK\Downloads\FRST64.exe
2015-10-27 16:33 - 2015-10-27 16:33 - 00016148 _____ C:\Windows\system32\DESKTOP-1RUD97B_AndyK_HistoryPrediction.bin
2015-10-27 16:30 - 2015-10-27 16:32 - 00000000 ____D C:\AdwCleaner
2015-10-27 16:30 - 2015-10-27 16:30 - 01694208 _____ C:\Users\AndyK\Downloads\adwcleaner_5.015.exe
2015-10-27 15:56 - 2015-10-27 15:56 - 00000000 ___HD C:\OneDriveTemp
2015-10-27 15:50 - 2015-10-27 15:50 - 00003464 _____ C:\Windows\system32\.crusader
2015-10-27 15:47 - 2015-10-27 16:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-27 15:47 - 2015-10-27 15:55 - 00041080 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-10-27 15:46 - 2015-10-27 15:54 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-27 15:46 - 2015-10-27 15:50 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-27 15:46 - 2015-10-27 15:46 - 22908888 _____ (Malwarebytes ) C:\Users\AndyK\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-27 15:46 - 2015-10-27 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-27 15:46 - 2015-10-27 15:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-27 15:46 - 2015-10-27 15:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-27 15:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-27 15:46 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-27 15:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-27 15:45 - 2015-10-27 15:46 - 11336600 _____ (SurfRight B.V.) C:\Users\AndyK\Downloads\HitmanPro_x64.exe
2015-10-26 17:24 - 2015-10-26 17:21 - 06196192 _____ C:\Users\AndyK\Desktop\CFReplay20151026_fraGGh4k.cfr
2015-10-21 15:53 - 2015-10-21 15:53 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.10.21.21.30.38
2015-10-21 15:16 - 2015-10-21 15:16 - 00000000 ____D C:\Program Files (x86)\NpackdDetected
2015-10-20 19:24 - 2015-10-27 15:54 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-19 18:23 - 2015-10-19 18:23 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\TeamViewer
2015-10-19 17:13 - 2015-10-27 15:54 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-19 17:13 - 2015-10-27 15:54 - 00001098 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-10-19 17:13 - 2015-10-24 15:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-19 17:13 - 2015-10-21 15:16 - 00000000 ____D C:\Program Files (x86)\Simple
2015-10-19 17:13 - 2015-10-19 17:13 - 00000000 ____D C:\Windows\System32\Tasks\Component System
2015-10-19 17:12 - 2015-10-27 15:54 - 00002206 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Search.lnk
2015-10-19 17:12 - 2015-10-27 15:54 - 00002198 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Amazon.lnk
2015-10-19 17:12 - 2015-10-21 15:16 - 00000000 ____D C:\ProgramData\Npackd
2015-10-19 17:12 - 2015-10-19 17:34 - 00000000 ____D C:\Users\AndyK\AppData\Local\Fast Browser
2015-10-19 17:12 - 2015-10-19 17:13 - 00000884 __RSH C:\Users\AndyK\ntuser.pol
2015-10-19 17:12 - 2015-10-19 17:12 - 00002640 __RSH C:\ProgramData\ntuser.pol
2015-10-19 17:12 - 2015-10-19 17:12 - 00000000 ____D C:\Program Files (x86)\NpackdCL
2015-10-19 17:11 - 2015-10-19 17:11 - 00231024 _____ C:\Users\AndyK\Downloads\TeamViewer_Download.exe
2015-10-19 14:38 - 2015-10-21 15:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-17 16:47 - 2015-10-17 16:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-15 21:58 - 2015-10-15 21:58 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.10.16.15.57.27
2015-10-13 13:37 - 2015-10-10 03:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-13 13:37 - 2015-10-10 02:40 - 21875712 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-13 13:37 - 2015-10-10 02:07 - 18806272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-10-13 13:37 - 2015-10-05 23:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-10-13 13:37 - 2015-10-05 22:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 13:37 - 2015-10-01 00:01 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 13:37 - 2015-10-01 00:01 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-13 13:37 - 2015-10-01 00:01 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 13:37 - 2015-10-01 00:01 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-13 13:37 - 2015-10-01 00:00 - 08020320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 13:37 - 2015-09-30 23:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-13 13:37 - 2015-09-25 00:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-13 13:37 - 2015-09-25 00:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-10-13 13:37 - 2015-09-24 23:56 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 13:37 - 2015-09-24 23:52 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2015-10-13 13:37 - 2015-09-24 23:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-13 13:37 - 2015-09-24 23:26 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 13:37 - 2015-09-24 23:17 - 24595456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 13:37 - 2015-09-24 23:11 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-10-13 13:37 - 2015-09-24 23:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-10-13 13:37 - 2015-09-24 23:09 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 13:37 - 2015-09-24 23:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-10-13 13:37 - 2015-09-24 23:04 - 02178560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-13 13:37 - 2015-09-24 23:04 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 13:37 - 2015-09-24 23:04 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-10-13 13:37 - 2015-09-24 23:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-10-13 13:37 - 2015-09-24 23:03 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 13:37 - 2015-09-24 23:02 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-10-13 13:37 - 2015-09-24 23:02 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 13:37 - 2015-09-24 23:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 13:37 - 2015-09-24 23:02 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-13 13:37 - 2015-09-24 23:01 - 04792320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 13:37 - 2015-09-24 23:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-10-13 13:37 - 2015-09-24 23:00 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-10-13 13:37 - 2015-09-24 23:00 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-10-13 13:37 - 2015-09-24 23:00 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-10-13 13:37 - 2015-09-24 23:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-10-13 13:37 - 2015-09-24 22:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-10-13 13:37 - 2015-09-24 22:58 - 01871360 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-13 13:37 - 2015-09-24 22:48 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 13:37 - 2015-09-24 22:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-13 13:37 - 2015-09-24 22:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 13:37 - 2015-09-24 22:38 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 13:37 - 2015-09-24 22:38 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 13:37 - 2015-09-24 22:38 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-10-13 13:37 - 2015-09-24 22:38 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 13:37 - 2015-09-24 22:37 - 00766976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 13:37 - 2015-09-24 22:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-10-13 13:37 - 2015-09-24 22:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 13:37 - 2015-09-24 22:36 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 13:37 - 2015-09-24 22:36 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-10-13 13:37 - 2015-09-24 22:34 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-10-13 13:37 - 2015-09-24 22:34 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-10-13 13:37 - 2015-09-24 22:34 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-13 13:37 - 2015-09-24 22:34 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-10-13 13:37 - 2015-09-24 22:34 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-10-13 13:37 - 2015-09-24 22:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-13 13:37 - 2015-09-24 22:32 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-13 13:37 - 2015-09-24 22:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-13 13:11 - 2015-10-13 13:11 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.10.13.18.10.58
2015-10-12 21:11 - 2015-10-12 21:11 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\MK10
2015-10-12 13:52 - 2015-10-12 13:52 - 15188011 _____ C:\Users\AndyK\Downloads\ZygorGuidesViewer5.0.12889.rar
2015-10-11 21:00 - 2015-10-11 21:00 - 00010009 _____ C:\Windows\DirectX.log
2015-10-11 21:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-10-11 21:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-10-11 21:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-10-11 21:00 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-10-11 21:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-10-11 21:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-10-11 21:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-10-11 21:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-11 21:00 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-10-11 21:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-10-11 21:00 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-10-11 21:00 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-10-11 21:00 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-10-11 21:00 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-10-11 21:00 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-10-11 21:00 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-10-11 21:00 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-10-11 21:00 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-10-11 21:00 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-10-11 21:00 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-10-11 21:00 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-10-11 21:00 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-10-11 21:00 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-10-11 21:00 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-10-11 21:00 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-10-11 21:00 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-10-11 21:00 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-10-11 21:00 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-10-11 21:00 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-10-11 21:00 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-10-11 21:00 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-10-11 21:00 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-10-11 21:00 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-10-11 21:00 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-10-11 21:00 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-10-11 21:00 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-10-11 21:00 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-10-11 21:00 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-10-11 21:00 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-10-11 21:00 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-10-11 21:00 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-10-11 21:00 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-10-11 21:00 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-10-11 21:00 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-10-11 21:00 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-10-11 21:00 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-10-11 21:00 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-10-11 21:00 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-10-11 21:00 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-10-11 21:00 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-10-11 21:00 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-10-11 21:00 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-10-11 21:00 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-10-11 21:00 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-10-11 21:00 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-10-11 21:00 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-10-11 21:00 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-10-11 21:00 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-10-11 21:00 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-10-11 21:00 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-10-11 21:00 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-10-11 21:00 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-10-11 21:00 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-10-11 21:00 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-10-11 21:00 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-10-11 21:00 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-10-11 21:00 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-10-11 21:00 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-10-11 21:00 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-10-11 21:00 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-10-11 21:00 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-10-11 21:00 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-10-11 21:00 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-10-11 21:00 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-10-11 21:00 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-10-11 21:00 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-10-11 21:00 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-10-11 21:00 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-10-11 21:00 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-10-11 21:00 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-10-11 21:00 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-10-11 21:00 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-10-11 21:00 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-10-11 21:00 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-10-11 21:00 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-10-11 21:00 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-10-11 21:00 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-10-11 21:00 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-11 21:00 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-10-11 21:00 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-10-11 21:00 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-10-11 21:00 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-10-11 21:00 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-10-11 21:00 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-10-11 21:00 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-10-11 21:00 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-10-11 21:00 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-10-11 21:00 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-11 21:00 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-10-11 21:00 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-10-11 21:00 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-10-11 21:00 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-10-11 21:00 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-10-11 21:00 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-10-11 21:00 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-10-11 21:00 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-10-11 21:00 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-10-11 21:00 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-10-11 21:00 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-10-11 21:00 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-11 21:00 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-10-11 21:00 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-10-11 21:00 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-10-11 21:00 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-10-11 21:00 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-10-11 21:00 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-10-11 21:00 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-10-11 21:00 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-10-11 20:45 - 2015-10-27 15:53 - 00001084 _____ C:\Users\AndyK\Desktop\Mortal Kombat X Premium Edition.lnk
2015-10-11 20:45 - 2015-10-11 21:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-10-11 20:45 - 2015-10-11 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2015-10-11 20:05 - 2015-10-02 22:28 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-11 20:04 - 2015-10-03 00:58 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 22342264 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 18387064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 16548768 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 15837152 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 14841232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 13525200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 12038368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 02313336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 01994360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00787200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00689968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00632664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00539464 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00445216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00388048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00376112 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00339064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00315936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-11 20:04 - 2015-10-03 00:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-04 20:47 - 2015-10-04 23:36 - 1961361408 _____ C:\Users\AndyK\Downloads\_Oceanofgames.com_Dragonball_Xenoverse.iso
2015-10-03 12:52 - 2015-10-03 12:52 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.10.04.00.49.00
2015-10-02 16:05 - 2015-10-02 16:05 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.10.02.20.06.35
2015-10-02 15:29 - 2015-10-15 23:10 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-02 15:29 - 2015-10-15 23:10 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-02 00:25 - 2015-10-27 15:54 - 00002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
2015-10-02 00:25 - 2015-10-02 00:25 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-10-02 00:25 - 2015-10-02 00:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-02 00:24 - 2015-10-02 00:24 - 00058822 _____ C:\Users\AndyK\Downloads\Quins Wep Rerolls.xlsx
2015-10-02 00:20 - 2015-10-02 00:20 - 00057611 _____ C:\Users\AndyK\Downloads\Weapon Rerolls.xlsx
2015-09-30 22:57 - 2015-09-19 01:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-09-30 22:57 - 2015-09-17 02:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-09-30 22:57 - 2015-09-17 02:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-09-30 22:57 - 2015-09-17 02:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-09-30 22:57 - 2015-09-17 02:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-09-30 22:57 - 2015-09-17 02:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-09-30 22:57 - 2015-09-17 02:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-09-30 22:57 - 2015-09-17 02:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-09-30 22:57 - 2015-09-17 02:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-09-30 22:57 - 2015-09-17 02:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-09-30 22:57 - 2015-09-17 02:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-09-30 22:57 - 2015-09-17 02:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-09-30 22:57 - 2015-09-17 02:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-09-30 22:57 - 2015-09-17 02:47 - 01397088 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-09-30 22:57 - 2015-09-17 02:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-09-30 22:57 - 2015-09-17 02:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-09-30 22:57 - 2015-09-17 02:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-09-30 22:57 - 2015-09-17 02:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-09-30 22:57 - 2015-09-17 02:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-09-30 22:57 - 2015-09-17 02:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-09-30 22:57 - 2015-09-17 02:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-09-30 22:57 - 2015-09-17 02:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-09-30 22:57 - 2015-09-17 02:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-09-30 22:57 - 2015-09-17 02:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-09-30 22:57 - 2015-09-17 02:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-09-30 22:57 - 2015-09-17 02:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-09-30 22:57 - 2015-09-17 02:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-09-30 22:57 - 2015-09-17 02:25 - 00962400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-09-30 22:57 - 2015-09-17 02:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-09-30 22:57 - 2015-09-17 02:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-09-30 22:57 - 2015-09-17 02:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-09-30 22:57 - 2015-09-17 02:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-09-30 22:57 - 2015-09-17 02:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-09-30 22:57 - 2015-09-17 02:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-09-30 22:57 - 2015-09-17 02:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-09-30 22:57 - 2015-09-17 02:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-09-30 22:57 - 2015-09-17 02:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-09-30 22:57 - 2015-09-17 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-09-30 22:57 - 2015-09-17 02:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-09-30 22:57 - 2015-09-17 02:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-09-30 22:57 - 2015-09-17 02:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-09-30 22:57 - 2015-09-17 02:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-09-30 22:57 - 2015-09-17 02:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-09-30 22:57 - 2015-09-17 02:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-09-30 22:57 - 2015-09-17 02:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-09-30 22:57 - 2015-09-17 02:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-09-30 22:57 - 2015-09-17 02:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-09-30 22:57 - 2015-09-17 02:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-09-30 22:57 - 2015-09-17 02:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-09-30 22:57 - 2015-09-17 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-09-30 22:57 - 2015-09-17 02:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-09-30 22:57 - 2015-09-17 02:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 22:57 - 2015-09-17 02:00 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-09-30 22:57 - 2015-09-17 02:00 - 02417664 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-09-30 22:57 - 2015-09-17 02:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-09-30 22:57 - 2015-09-17 02:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 22:57 - 2015-09-17 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-09-30 22:57 - 2015-09-17 01:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-09-30 22:57 - 2015-09-17 01:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-09-30 22:57 - 2015-09-17 01:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-09-30 22:57 - 2015-09-17 01:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-09-30 22:57 - 2015-09-17 01:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-09-30 22:57 - 2015-09-17 01:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-09-30 22:57 - 2015-09-17 01:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-09-30 22:57 - 2015-09-17 01:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-09-30 22:57 - 2015-09-17 01:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-09-30 22:57 - 2015-09-17 01:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-09-30 22:57 - 2015-09-17 01:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-09-30 22:57 - 2015-09-17 01:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 22:57 - 2015-09-17 01:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-09-30 22:57 - 2015-09-17 01:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-09-30 22:57 - 2015-09-17 01:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-09-30 22:57 - 2015-09-17 01:50 - 00929280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-09-30 22:57 - 2015-09-17 01:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-09-30 22:57 - 2015-09-17 01:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-09-30 22:57 - 2015-09-17 01:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-09-30 22:57 - 2015-09-17 01:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-09-30 22:57 - 2015-09-17 01:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-09-30 22:57 - 2015-09-17 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-09-30 22:57 - 2015-09-17 01:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-09-30 22:57 - 2015-09-17 01:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 22:57 - 2015-09-17 01:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-09-30 22:57 - 2015-09-17 01:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 22:57 - 2015-09-17 01:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-09-30 22:57 - 2015-09-17 01:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-09-30 22:57 - 2015-09-17 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-09-30 22:57 - 2015-09-17 01:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-09-30 22:57 - 2015-09-17 01:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-09-30 22:57 - 2015-09-17 01:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-09-30 22:57 - 2015-09-17 01:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-09-30 22:57 - 2015-09-17 01:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-09-30 22:57 - 2015-09-17 01:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-09-30 22:57 - 2015-09-17 01:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-09-30 22:57 - 2015-09-17 01:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-09-30 22:57 - 2015-09-17 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-09-30 22:57 - 2015-09-17 01:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-09-30 22:57 - 2015-09-17 01:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-09-30 22:57 - 2015-09-17 01:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-09-30 22:57 - 2015-09-17 01:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-09-30 22:57 - 2015-09-17 01:42 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-09-30 22:57 - 2015-09-17 01:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-09-30 22:57 - 2015-09-17 01:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-09-30 22:57 - 2015-09-17 01:40 - 01918464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-09-30 22:57 - 2015-09-17 01:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-09-30 22:57 - 2015-09-17 01:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 22:57 - 2015-09-17 01:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 22:57 - 2015-09-17 01:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-09-30 22:57 - 2015-09-17 01:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-09-30 22:57 - 2015-09-17 01:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-09-30 22:57 - 2015-09-17 01:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-09-30 22:57 - 2015-09-17 01:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-30 22:57 - 2015-09-17 01:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-09-30 22:57 - 2015-09-17 01:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 22:57 - 2015-09-17 01:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-09-30 22:57 - 2015-09-17 01:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-09-30 22:57 - 2015-09-17 01:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-09-30 22:57 - 2015-09-17 01:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 22:57 - 2015-09-17 01:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-09-30 22:57 - 2015-09-17 01:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-09-30 22:57 - 2015-09-17 01:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-09-30 22:57 - 2015-09-17 01:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-09-30 22:57 - 2015-09-17 01:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-09-30 22:57 - 2015-09-17 01:29 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-09-30 22:57 - 2015-09-17 01:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-09-30 22:57 - 2015-09-17 01:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 22:57 - 2015-09-17 01:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-09-30 22:57 - 2015-09-12 22:05 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-09-30 22:57 - 2015-09-12 21:41 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-09-30 13:06 - 2015-09-30 13:06 - 00000000 ____D C:\Users\AndyK\Tracing
2015-09-30 13:05 - 2015-10-26 14:37 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\Skype
2015-09-30 13:05 - 2015-10-26 12:03 - 00000000 ____D C:\ProgramData\Skype
2015-09-30 13:05 - 2015-10-21 15:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-30 13:05 - 2015-09-30 13:05 - 00000000 ____D C:\Users\AndyK\AppData\Local\Skype
2015-09-30 13:05 - 2015-09-30 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-28 12:28 - 2015-09-28 12:28 - 00021208 _____ C:\Windows\SysWOW64\Drivers\X6va060_2015.09.28.18.38.12
2015-09-27 05:59 - 2015-09-13 20:24 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 05:59 - 2015-09-13 20:24 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-27 16:45 - 2015-07-10 07:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-10-27 16:39 - 2015-08-13 01:34 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-27 16:33 - 2015-08-21 23:05 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-10-27 16:33 - 2015-08-13 02:01 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-27 16:33 - 2015-08-13 01:32 - 00000000 ____D C:\Users\AndyK\OneDrive
2015-10-27 16:32 - 2015-08-13 01:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-27 16:32 - 2015-07-10 08:22 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-27 16:32 - 2015-07-10 08:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-27 16:32 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\sru
2015-10-27 16:32 - 2015-07-10 05:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-27 16:24 - 2015-08-13 02:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 16:16 - 2015-08-13 02:01 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-27 15:55 - 2015-08-13 04:26 - 00004664 _____ C:\Windows\PFRO.log
2015-10-27 15:54 - 2015-08-27 21:16 - 00000544 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.lnk
2015-10-27 15:54 - 2015-08-27 21:16 - 00000534 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (2).lnk
2015-10-27 15:54 - 2015-08-27 21:15 - 00001005 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2015-10-27 15:54 - 2015-08-27 21:15 - 00000561 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-10-27 15:54 - 2015-08-21 23:05 - 00002024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2015-10-27 15:54 - 2015-08-15 00:36 - 00001220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 15:54 - 2015-08-15 00:36 - 00001214 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 15:54 - 2015-08-14 15:48 - 00001046 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-10-27 15:54 - 2015-08-13 01:32 - 00002336 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-27 15:54 - 2015-08-13 01:31 - 00001027 _____ C:\Users\AndyK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-10-27 15:53 - 2015-08-14 22:05 - 00002089 _____ C:\Users\AndyK\Desktop\My.com Game Center.lnk
2015-10-27 15:53 - 2015-08-13 02:00 - 00000420 _____ C:\Users\AndyK\Desktop\This PC.lnk
2015-10-27 15:53 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\InputMethod
2015-10-27 15:19 - 2015-08-13 02:13 - 00000000 ____D C:\Users\AndyK\Documents\Cross Fire
2015-10-27 12:09 - 2015-08-13 16:27 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\Mumble
2015-10-27 10:52 - 2015-08-14 04:33 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C42665EF-DFE1-418D-96DC-99AEF7F95CBA}
2015-10-27 10:52 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\AppReadiness
2015-10-25 15:23 - 2015-08-13 02:13 - 00000000 ____D C:\CFLog
2015-10-24 20:49 - 2015-08-13 02:04 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-21 18:25 - 2015-08-21 22:20 - 00026840 _____ C:\Windows\SysWOW64\Drivers\X6va034
2015-10-21 15:16 - 2015-08-20 21:27 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2015-10-21 15:16 - 2015-08-15 01:47 - 00000000 ____D C:\Users\AndyK\AppData\Local\UmmyVideoDownloader
2015-10-21 15:16 - 2015-08-15 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-21 15:16 - 2015-08-14 22:04 - 00000000 ____D C:\Users\AndyK\AppData\Local\MyComGames
2015-10-21 15:16 - 2015-08-14 15:48 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-21 15:16 - 2015-08-13 02:48 - 00000000 ____D C:\Program Files (x86)\VyprVPN
2015-10-21 15:16 - 2015-08-13 02:05 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-21 15:16 - 2015-08-13 01:46 - 00000000 ____D C:\Program Files\KMSpico
2015-10-21 15:16 - 2015-08-13 01:44 - 00000000 ____D C:\Program Files\WinRAR
2015-10-21 15:16 - 2015-07-10 08:20 - 00202120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-21 15:12 - 2015-08-13 02:05 - 00000000 ____D C:\Users\AndyK\AppData\Local\Battle.net
2015-10-20 19:24 - 2015-08-13 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-19 22:33 - 2015-07-10 06:55 - 00000000 ____D C:\Windows\CbsTemp
2015-10-19 17:13 - 2015-08-13 01:30 - 00000000 ____D C:\Users\AndyK
2015-10-19 17:12 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-10-17 16:47 - 2015-07-10 08:20 - 00021476 _____ C:\Windows\setupact.log
2015-10-16 19:24 - 2015-08-13 02:04 - 00004032 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-10-15 21:54 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-13 21:44 - 2015-08-13 01:37 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:42 - 2015-08-13 01:37 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-11 21:00 - 2015-08-13 02:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-11 20:06 - 2015-08-26 22:26 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\uTorrent
2015-10-11 20:05 - 2015-08-13 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-11 20:05 - 2015-08-13 01:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-08 15:47 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\NDF
2015-10-06 14:45 - 2015-08-13 01:35 - 11210056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-04 04:23 - 2015-08-13 01:57 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-04 04:23 - 2015-08-13 01:57 - 01317192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-04 04:22 - 2015-08-13 01:57 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-04 04:22 - 2015-08-13 01:57 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-03 14:05 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\rescache
2015-10-03 13:13 - 2015-08-14 15:48 - 00000000 ____D C:\Users\AndyK\AppData\Roaming\TS3Client
2015-10-03 00:58 - 2015-08-13 01:35 - 18354984 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 15803800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 12868120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 03534888 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 03121144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-03 00:58 - 2015-08-13 01:35 - 00034392 _____ C:\Windows\system32\nvinfo.pb
2015-10-02 22:38 - 2015-08-13 01:35 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-02 22:38 - 2015-08-13 01:35 - 02982704 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-02 22:38 - 2015-08-13 01:35 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-02 22:38 - 2015-08-13 01:35 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-02 22:38 - 2015-08-13 01:35 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-02 22:38 - 2015-08-13 01:35 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ___SD C:\Windows\system32\F12
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\Provisioning
2015-10-02 15:28 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\L2Schemas
2015-10-01 19:00 - 2015-07-10 07:04 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-01 05:30 - 2015-08-13 01:35 - 05284082 _____ C:\Windows\system32\nvcoproc.bin

Some files in TEMP:
====================
C:\Users\AndyK\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\AndyK\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\AndyK\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\AndyK\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\AndyK\AppData\Local\Temp\nvStInst.exe
C:\Users\AndyK\AppData\Local\Temp\sqlite3.dll
C:\Users\AndyK\AppData\Local\Temp\UmmyVideoDownloader.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-24 13:57

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by AndyK (2015-10-27 16:54:39)
Running from C:\Users\AndyK\Downloads
Windows 10 Pro (X64) (2015-08-13 05:30:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3117560243-3129920269-3089857592-500 - Administrator - Disabled)
AndyK (S-1-5-21-3117560243-3129920269-3089857592-1001 - Administrator - Enabled) => C:\Users\AndyK
DefaultAccount (S-1-5-21-3117560243-3129920269-3089857592-503 - Limited - Disabled)
Guest (S-1-5-21-3117560243-3129920269-3089857592-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Cross Fire (HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\Cross Fire) (Version: - Mail.Ru)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mortal Kombat X Premium Edition v.1.0.96796.1 (HKLM-x32\...\Mortal Kombat X Premium Edition_is1) (Version: - )
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\MyComGames) (Version: 3.140 - My.com B.V.)
NpackdCL (HKLM-x32\...\{C32CA36A-DA63-4D55-9B17-87C61033137D}) (Version: 1.18.7 - Npackd)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Simple 1.3.1 (HKLM-x32\...\Simple) (Version: 1.3.1 - Simple)
skyforge_mycom (HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\skyforge_mycom) (Version: 1.31 - My.com B.V.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.18.9570 - SoftEther VPN Project)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.3 - )
VyprVPN (HKLM-x32\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 2.7.7.6240 - Golden Frog, GmbH.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Игровой центр@Mail.Ru (HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\GameCenterMailRu) (Version: 2.313 - LLC Mail.Ru)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 07:04 - 2015-07-10 07:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0976D1CC-6501-4DB4-B0AC-5CBCF4A9AD54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-13] (Google Inc.)
Task: {0F88F81B-DE5F-43BB-9A0D-F7ED7E57BA27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-13] (Google Inc.)
Task: {3B72BF03-1A29-4DC8-AA78-131DB1336669} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {4012B274-4B88-4108-BF33-FC888665908D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {51B6D971-34C2-4778-BCE9-0AEA83EECF8E} - System32\Tasks\Component System\Component => C:\Users\AndyK\AppData\Local\Component\com.exe
Task: {B4E5E34A-B9EC-445B-BB6F-B2BF6D3E154A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {BD558CD2-C979-482C-929D-EF6BDD461404} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-16] (@ByELDI)
Task: {D6B38897-E551-4506-8917-184D60F46BF3} - \IntegrationManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-08-13 01:34 - 2015-07-14 22:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-08-13 01:35 - 2015-10-02 22:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 17:00 - 2015-08-11 05:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-08-13 01:35 - 2015-08-13 01:35 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-09-30 22:57 - 2015-09-17 02:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-09-30 22:57 - 2015-09-17 02:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-09-30 22:57 - 2015-09-17 01:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 22:57 - 2015-09-17 01:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 22:57 - 2015-09-17 01:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 22:57 - 2015-09-17 01:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 22:57 - 2015-09-17 01:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-13 01:32 - 2015-08-13 01:32 - 00105312 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-01 20:28 - 2015-07-01 20:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-01 20:28 - 2015-07-01 20:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-13 01:35 - 2015-10-27 16:32 - 00038032 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-08-13 01:35 - 2015-08-13 01:35 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-08-24 15:46 - 2015-08-24 15:46 - 00078848 _____ () C:\Program Files (x86)\VyprVPN\GoldenFrogWFP.dll
2015-08-13 01:57 - 2015-10-04 04:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-23 12:17 - 2015-10-20 10:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 12:17 - 2015-10-20 10:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AndyK\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
DNS Servers: 206.248.154.22 - 206.248.154.170
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-3117560243-3129920269-3089857592-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BEB424E1-D1CB-44C5-9B87-514496EBD76F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BCBED96-79C5-47C6-83D8-768F1A4D6AF2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3CA9273E-B667-440F-9275-CACB505F0269}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{70B338C2-514D-47A2-8AB9-82B1F8378A0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{57F4B3A6-769B-48F2-AECE-C5DDA11A29FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5207A12C-A7A6-4630-9147-967ADD4E34DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4FA74B6A-46A5-442A-997C-7885744DB793}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{772423FA-C114-4F24-8287-E04519F7B660}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{364EE471-77A1-463B-810B-33E58582CA92}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{DF48F6DD-12C1-4CC7-9E5E-1A19C50660FB}G:\diablo iii public test\diablo iii.exe] => (Allow) G:\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{30D1E3FD-2DA0-4CB4-A7EA-EA0DD459A130}G:\diablo iii public test\diablo iii.exe] => (Allow) G:\diablo iii public test\diablo iii.exe
FirewallRules: [TCP Query User{45F1BFFB-5BBC-41B9-8879-54459D09BE19}C:\users\andyk\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\andyk\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{65A7A56F-00A1-4D79-9BBB-5E2F31B9293E}C:\users\andyk\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\andyk\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{1F4C4700-68A3-49B5-BBBB-A94A8113BAF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0688ED4A-BF0F-48DF-85D5-6102521C402D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FE4BA16-1F60-43AE-9588-193D60BFE309}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{55FB872B-3680-4EF5-BF88-72A8AF3FC951}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{38DD7998-251F-4E33-9D3D-C96883135613}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{021EB26D-6A6A-490B-8BBA-723F270A2E06}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6175AE46-B382-4C97-A6AA-ADE3BA58A828}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{88595B2F-74A7-4105-93C4-254C9844A704}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{CBA7D162-516D-45A6-BA8E-A28317DF1E1D}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{724CFF40-E548-4382-9B5D-70D8CEEF4F7E}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9AF52CEA-D513-475A-9FF0-C4F74AFBF13A}] => (Allow) H:\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F2233725-40ED-4AC7-819C-CB3635E8AFB2}] => (Allow) H:\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{7D0D46BE-F219-4637-8828-3E0A7DC56B78}I:\warcraft iii\war3.exe] => (Allow) I:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4678995C-B24E-4348-A944-93E8D2A33CC6}I:\warcraft iii\war3.exe] => (Allow) I:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{A41A9921-045D-4CF9-808C-3E3DC0509518}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0F7FD121-651B-410D-B7E4-96D43AC7C178}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{F900A9BA-2E1C-4D84-9A5B-83CDA158662D}G:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AD6D6742-FD2D-4FD6-914D-9F2D87607E9D}G:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) G:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{E212CAA2-6ACC-49D6-8C35-525F555BB9AA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{44AB7F1C-2542-4233-8E24-0B2C15AB5321}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{30A3921F-2B20-4E32-915F-A2B1A6BC2547}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{6A579514-D2AA-4150-9FBB-13CDD2823EC2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{F9E9DEED-1BAF-4437-A163-F2A9DD2E307D}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{A66B93FD-F677-4B62-816D-C8FA846445EA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{B5E2907D-0E7F-4E6C-9FBE-F123D967E202}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{1F34BB96-9BAD-4ADD-80F7-90D77A14FB33}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{79B7821F-476A-4943-B14E-DEF8A7AA6390}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F4063B59-935D-498D-8027-B9D0F9BE8488}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{10CEDEBA-8E9F-4494-9E3A-8A1A9278F6BF}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5FBC779-1C52-4B52-8B5B-3F537CAD251F}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B178379C-E954-4268-9F9D-079E02734069}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8BC6ABDA-6B12-4930-A5E0-0B3077B29C48}] => (Allow) C:\Users\AndyK\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{874A7E5A-6C28-47BA-8C4E-F150B0365B15}] => (Allow) G:\Hearthstone\Hearthstone.exe
FirewallRules: [{4A345048-7156-4B9A-9EA1-D9F53785458C}] => (Allow) G:\Hearthstone\Hearthstone.exe
FirewallRules: [{739FF744-3E6E-4DA2-BEBA-CDA309730E70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5D97E267-8A02-419C-BBDF-08BD7A25B9A9}C:\users\andyk\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\andyk\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{B3FD321B-6224-483D-9093-1B4E2DC2019E}C:\users\andyk\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\andyk\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [TCP Query User{3EB562AC-DADB-409F-92C6-DE2C4CB75613}F:\arxcf\new arx client\crossfire\updater.exe] => (Allow) F:\arxcf\new arx client\crossfire\updater.exe
FirewallRules: [UDP Query User{E0A97336-68B3-4A6B-A6D0-7F32DF7D8A13}F:\arxcf\new arx client\crossfire\updater.exe] => (Allow) F:\arxcf\new arx client\crossfire\updater.exe
FirewallRules: [{70C23AA6-AB1F-4AF9-A4D3-5F379E939818}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{29A93E0F-686F-44DF-A92C-A61D2E84B00E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{200A8E40-5C9B-482C-AF25-071DC10BF530}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECCF9D6B-BCEF-4D10-B6BC-218A9742BC24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{84A100A5-79F0-49DB-8440-86DECC7DACFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: TAP-VyprVPN Adapter V9
Description: TAP-VyprVPN Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-VyprVPN Provider V9
Service: tapvyprvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2015 03:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: crossfire.exe, version: 1.1.45.8, time stamp: 0x561470c0
Faulting module name: cshell.dll, version: 1.1.45.8, time stamp: 0x561471fe
Exception code: 0xc0000005
Fault offset: 0x0051a236
Faulting process id: 0xd40
Faulting application start time: 0xcrossfire.exe0
Faulting application path: crossfire.exe1
Faulting module path: crossfire.exe2
Report Id: crossfire.exe3
Faulting package full name: crossfire.exe4
Faulting package-relative application ID: crossfire.exe5

Error: (10/25/2015 11:24:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LockApp.exe, version: 0.0.0.0, time stamp: 0x55fa52ce
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10240.16548, time stamp: 0x56133a14
Exception code: 0xc000027b
Fault offset: 0x00000000004aee7f
Faulting process id: 0x3bc
Faulting application start time: 0xLockApp.exe0
Faulting application path: LockApp.exe1
Faulting module path: LockApp.exe2
Report Id: LockApp.exe3
Faulting package full name: LockApp.exe4
Faulting package-relative application ID: LockApp.exe5

Error: (10/24/2015 01:31:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1840

Start Time: 01d10d306f70d510

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Report Id: 6dc4fa15-7a10-11e5-9bdd-0015833d0a57

Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Error: (10/24/2015 01:31:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1RUD97B)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

Error: (10/11/2015 08:07:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1RUD97B)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

Error: (10/11/2015 08:07:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2a94

Start Time: 01d10146961542e1

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Report Id: 321a2080-7075-11e5-9bda-0015833d0a57

Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Error: (10/11/2015 08:05:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunDll32.EXE, version: 10.0.10240.16384, time stamp: 0x559f3c5a
Faulting module name: msvcrt.dll, version: 7.0.10240.16384, time stamp: 0x559f3e0e
Exception code: 0x40000015
Fault offset: 0x0003aa6b
Faulting process id: 0x3a28
Faulting application start time: 0xRunDll32.EXE0
Faulting application path: RunDll32.EXE1
Faulting module path: RunDll32.EXE2
Report Id: RunDll32.EXE3
Faulting package full name: RunDll32.EXE4
Faulting package-relative application ID: RunDll32.EXE5

Error: (10/11/2015 08:05:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: ca0

Start Time: 01d0fdfbae51e960

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Report Id: f51df601-7074-11e5-9bda-0015833d0a57

Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Error: (10/11/2015 08:05:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1RUD97B)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (10/08/2015 03:44:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program crossfire.exe version 1.1.45.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 22d0

Start Time: 01d101db0e819eee

Termination Time: 60000

Application Path: F:\CrossFire NA\crossfire.exe

Report Id: da226c67-6df4-11e5-9bda-0015833d0a57

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (10/27/2015 04:32:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VyprVPN service terminated unexpectedly. It has done this 1 time(s).

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SoftEther VPN Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/27/2015 04:32:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2015-10-20 17:29:15.756
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-20 17:29:15.748
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:45.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:45.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:42.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:42.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:40.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:40.495
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:37.455
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-31 23:26:37.450
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 15%
Total physical RAM: 16321.46 MB
Available physical RAM: 13806.99 MB
Total Virtual: 18753.46 MB
Available Virtual: 16229.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:69.77 GB) NTFS
Drive d: () (Fixed) (Total:38.28 GB) (Free:12.71 GB) NTFS
Drive e: () (Fixed) (Total:146.49 GB) (Free:39.21 GB) NTFS
Drive f: () (Fixed) (Total:58.49 GB) (Free:12.7 GB) NTFS
Drive g: () (Fixed) (Total:830.08 GB) (Free:45.27 GB) NTFS
Drive h: () (Fixed) (Total:146.48 GB) (Free:22 GB) NTFS
Drive i: () (Fixed) (Total:681.38 GB) (Free:28.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 38.3 GB) (Disk ID: 80848084)
Partition 1: (Active) - (Size=38.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 9084F95C)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 99CE99CE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top