1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Active] Clean up needed

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by Franksee, Nov 2, 2017.

  1. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  2. Franksee

    Franksee Established Techie7 Member

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
    Ran by paulf (administrator) on DESKTOP-EF1V79E (25-11-2017 17:05:43)
    Running from H:\Google Downloads
    Loaded Profiles: paulf (Available Profiles: paulf)
    Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Valve Corporation) H:\Steam\Steam.exe
    (MY.COM B.V.) C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\wgc.exe
    () C:\Users\paulf\Desktop\DS4Windows.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\dlls\wgc_watchdog.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
    (Farbar) H:\Google Downloads\FRST64 (1).exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    "Path" (C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully
    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Steam] => H:\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [MyComGames] => C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe [5856656 2017-11-17] (MY.COM B.V.)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Wargaming.net Game Center] => H:\Wargaming.net\GameCenter\wgc.exe [2000632 2017-11-13] (Wargaming.net)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\MountPoints2: {f44f6101-0e59-11e6-8651-806e6f6e6963} - "G:\.\Bin\Assetup.exe"
    Startup: C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-11-09]
    ShortcutTarget: DS4Windows.lnk -> C:\Users\paulf\Desktop\DS4Windows.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4e80d0d1-7973-46bb-8e64-d0f78b1cdc3d}: [DhcpNameServer] 10.14.0.1
    Tcpip\..\Interfaces\{e7fd5a58-669b-4e99-a226-61d19b0401bf}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-20] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
    CHR Profile: C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
    CHR Extension: (Slides) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-16]
    CHR Extension: (Docs) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-16]
    CHR Extension: (Google Drive) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-16]
    CHR Extension: (YouTube) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-16]
    CHR Extension: (Sheets) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-16]
    CHR Extension: (Google Docs Offline) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-16]
    CHR Extension: (Gmail) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-16]
    CHR Extension: (Chrome Media Router) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-11-14] (NVIDIA Corporation)
    R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
    S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
    R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-10-31] (Intel(R) Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
    S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
    R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-19] (Malwarebytes)
    R1 MpKsl505a9cef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{560A40B9-A5A3-44DE-9DE0-3A37D9ED0390}\MpKsl505a9cef.sys [58120 2017-11-25] (Microsoft Corporation)
    R3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] ()
    R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
    S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Windows (R) Win 7 DDK provider)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-14] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
    R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
    S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
    S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-21] (Oracle Corporation)
    S3 veebeampol; C:\WINDOWS\System32\drivers\veebeampol.sys [14952 2013-10-24] (Veebeam Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-11-24 22:34 - 2017-11-24 22:34 - 000002295 _____ C:\Users\paulf\Desktop\CoD WWII.lnk
    2017-11-24 21:30 - 2017-11-24 21:30 - 000000000 ____D C:\ProgramData\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000471 _____ C:\Users\Public\Desktop\Tom Clancy's Ghost Recon Wildlands.lnk
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000718 _____ C:\Users\paulf\Desktop\Crysis 3.lnk
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
    2017-11-22 14:17 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\uTorrent
    2017-11-22 14:10 - 2017-11-22 14:10 - 000001181 _____ C:\Users\paulf\Desktop\Spintires Mudrunner.lnk
    2017-11-22 13:56 - 2017-11-22 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SpinTires MudRunner
    2017-11-22 13:56 - 2017-11-22 13:56 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SmartSteamEmu
    2017-11-21 20:27 - 2017-11-22 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-22 13:42 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-21 22:50 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
    2017-11-21 20:27 - 2017-11-21 22:49 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 20:28 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA
    2017-11-21 20:27 - 2017-11-16 01:41 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2017-11-21 20:26 - 2017-11-21 20:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-11-21 20:26 - 2017-11-16 01:41 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2017-11-21 20:26 - 2017-11-16 01:41 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2017-11-21 20:26 - 2017-11-16 00:53 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2017-11-21 20:26 - 2017-09-13 23:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-11-21 20:26 - 2017-09-13 23:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-11-21 20:24 - 2017-11-16 01:41 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2017-11-21 20:24 - 2017-11-14 22:48 - 040237504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 035156600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 029272000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 023264864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 019038976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 011780376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 010883928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001673664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001135280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001044664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001031288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000980928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000885496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000794576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000598648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2017-11-21 20:21 - 2017-11-21 20:21 - 000000000 ____D C:\NVIDIA
    2017-11-21 20:05 - 2017-11-21 20:26 - 000000000 ____D C:\WINDOWS\LastGood
    2017-11-21 20:04 - 2017-11-21 20:04 - 673040100 _____ C:\WINDOWS\MEMORY.DMP
    2017-11-21 20:04 - 2017-11-21 20:04 - 000790916 _____ C:\WINDOWS\Minidump\112117-10000-01.dmp
    2017-11-21 20:04 - 2017-11-21 20:04 - 000000000 ____D C:\WINDOWS\Minidump
    2017-11-21 15:00 - 2017-11-21 15:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2017-11-21 14:30 - 2017-11-21 14:30 - 000000000 ____D C:\ProgramData\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Intel
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\Program Files\RogueKiller
    2017-11-21 03:29 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashDumps
    2017-11-20 17:28 - 2010-08-24 15:16 - 000013440 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
    2017-11-20 17:28 - 2010-06-29 15:41 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
    2017-11-20 17:26 - 2017-11-20 17:28 - 000000000 ____D C:\Program Files (x86)\ASUS
    2017-11-20 16:12 - 2017-11-20 16:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-11-20 16:09 - 2017-11-20 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2017-11-20 15:52 - 2017-11-20 15:54 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2017-11-19 23:42 - 2017-11-19 23:42 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Skype
    2017-11-19 21:22 - 2017-11-19 21:22 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2017-11-19 21:19 - 2017-11-20 15:51 - 000000000 ____D C:\Program Files\Microsoft Office
    2017-11-19 21:16 - 2017-11-19 21:18 - 000000000 ____D C:\Users\paulf\AppData\Local\MSfree Inc
    2017-11-19 20:06 - 2017-11-19 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\NVIDIA
    2017-11-19 20:05 - 2017-11-19 20:07 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Novabench
    2017-11-19 20:05 - 2017-11-19 20:06 - 000000000 ____D C:\ProgramData\Novabench
    2017-11-19 20:05 - 2017-11-19 20:05 - 000000000 ____D C:\Users\paulf\AppData\Local\Novabench
    2017-11-19 16:57 - 2017-11-19 21:19 - 000000000 ____D C:\Users\paulf\AppData\Local\SKIDROW
    2017-11-19 16:42 - 2017-11-22 14:19 - 000000000 ____D C:\ProgramData\Betternet
    2017-11-19 16:42 - 2017-11-19 16:42 - 000002026 _____ C:\Users\Public\Desktop\Betternet.lnk
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\OpenVPN
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\Betternet
    2017-11-19 16:41 - 2017-11-19 16:41 - 000000000 ____D C:\Users\paulf\AppData\Local\Downloaded Installations
    2017-11-19 12:16 - 2017-11-19 12:16 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\SKS
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\Program Files\7-Zip
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000815 _____ C:\Users\paulf\Desktop\Homefront The Revolution.lnk
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homefront The Revolution
    2017-11-18 16:42 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-11-18 16:42 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-11-18 16:41 - 2017-11-18 16:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2017-11-18 15:44 - 2017-11-18 15:44 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Anno 2205
    2017-11-18 14:46 - 2017-11-18 14:46 - 000000000 ____D C:\Users\paulf\AppData\Local\Rockstar Games
    2017-11-18 14:45 - 2017-11-24 21:29 - 000000000 ____D C:\ProgramData\Package Cache
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Steam
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Socialclub
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files\Rockstar Games
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
    2017-11-18 12:32 - 2017-11-18 12:32 - 000002259 _____ C:\WINDOWS\epplauncher.mif
    2017-11-18 09:00 - 2017-11-18 09:00 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\Program Files\VS Revo Group
    2017-11-18 08:45 - 2017-11-18 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
    2017-11-18 08:20 - 2017-11-21 13:01 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2017-11-18 08:19 - 2017-11-18 08:22 - 000000000 ____D C:\ProgramData\RogueKiller
    2017-11-17 21:22 - 2017-11-18 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2
    2017-11-17 15:36 - 2017-11-17 15:36 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashRpt
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000772 _____ C:\Users\Public\Desktop\Anno 2205.lnk
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
    2017-11-17 14:03 - 2017-11-17 16:09 - 000000581 _____ C:\Users\paulf\Desktop\Crossout Launcher.lnk
    2017-11-17 12:25 - 2017-11-17 12:25 - 000001624 _____ C:\Users\paulf\Desktop\World of Tanks EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:16 - 000000702 _____ C:\Users\paulf\Desktop\World of Warships EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:12 - 000000000 ____D C:\ProgramData\boost_interprocess
    2017-11-17 12:24 - 2017-11-17 12:24 - 000000790 _____ C:\Users\paulf\Desktop\Game Center.lnk
    2017-11-17 12:23 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Local\MyComGames
    2017-11-17 12:23 - 2017-11-17 12:23 - 000002089 _____ C:\Users\paulf\Desktop\My.com Game Center.lnk
    2017-11-17 12:23 - 2017-11-17 12:23 - 000000140 _____ C:\Users\paulf\Desktop\Armored Warfare.url
    2017-11-17 12:21 - 2017-11-17 12:21 - 000000000 ____D C:\ProgramData\Wargaming.net
    2017-11-17 12:16 - 2017-11-17 12:24 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Wargaming.net
    2017-11-17 12:03 - 2017-11-17 12:03 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\Program Files\Malwarebytes
    2017-11-17 12:03 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-11-17 11:59 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Roaming\DS4Windows
    2017-11-17 11:59 - 2013-05-19 01:02 - 000039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
    2017-11-17 11:56 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uTorrent
    2017-11-17 11:56 - 2017-11-17 11:56 - 000000896 _____ C:\Users\paulf\Desktop\µTorrent.lnk
    2017-11-17 11:15 - 2017-11-17 11:16 - 000000000 ____D C:\Users\paulf\AppData\Local\Microsoft Windows
    2017-11-17 11:08 - 2017-11-17 12:30 - 000000000 ____D C:\Users\paulf\AppData\Local\Ubisoft Game Launcher
    2017-11-17 10:26 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
    2017-11-17 10:26 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
    2017-11-17 10:26 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
    2017-11-17 10:26 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
    2017-11-17 10:26 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2017-11-17 10:26 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
    2017-11-17 10:26 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
    2017-11-17 10:26 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
    2017-11-17 10:26 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
    2017-11-17 10:26 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
    2017-11-17 10:26 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
    2017-11-17 10:26 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
    2017-11-17 10:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
    2017-11-17 10:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
    2017-11-17 10:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
    2017-11-16 17:20 - 2017-11-16 17:20 - 000000000 ____D C:\Users\paulf\AppData\Local\Gaijin
    2017-11-16 17:18 - 2015-11-08 15:36 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uplay
    2017-11-16 17:14 - 2017-11-16 17:15 - 000000000 ____D C:\Users\paulf\AppData\Local\Steam
    2017-11-16 17:14 - 2017-11-16 17:14 - 000000000 ____D C:\Users\paulf\AppData\Local\CEF
    2017-11-16 17:13 - 2017-11-16 17:13 - 000000000 ____D C:\Users\paulf\AppData\Local\Targem
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000549 _____ C:\Users\Public\Desktop\Steam.lnk
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-16 17:02 - 2017-11-16 17:02 - 000000000 ____D C:\ProgramData\Gaijin
    2017-11-16 16:50 - 2017-11-16 16:50 - 000001358 _____ C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\explorer.lnk
    2017-11-16 16:11 - 2017-11-16 16:11 - 000000000 ___HD C:\ProgramData\CanonBJ
    2017-11-16 15:41 - 2017-11-21 13:08 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2017-11-16 15:39 - 2017-11-21 15:55 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
     
  3. Franksee

    Franksee Established Techie7 Member

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
    Ran by paulf (administrator) on DESKTOP-EF1V79E (25-11-2017 17:05:43)
    Running from H:\Google Downloads
    Loaded Profiles: paulf (Available Profiles: paulf)
    Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Valve Corporation) H:\Steam\Steam.exe
    (MY.COM B.V.) C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\wgc.exe
    () C:\Users\paulf\Desktop\DS4Windows.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\dlls\wgc_watchdog.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
    (Farbar) H:\Google Downloads\FRST64 (1).exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    "Path" (C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully
    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Steam] => H:\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [MyComGames] => C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe [5856656 2017-11-17] (MY.COM B.V.)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Wargaming.net Game Center] => H:\Wargaming.net\GameCenter\wgc.exe [2000632 2017-11-13] (Wargaming.net)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\MountPoints2: {f44f6101-0e59-11e6-8651-806e6f6e6963} - "G:\.\Bin\Assetup.exe"
    Startup: C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-11-09]
    ShortcutTarget: DS4Windows.lnk -> C:\Users\paulf\Desktop\DS4Windows.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4e80d0d1-7973-46bb-8e64-d0f78b1cdc3d}: [DhcpNameServer] 10.14.0.1
    Tcpip\..\Interfaces\{e7fd5a58-669b-4e99-a226-61d19b0401bf}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-20] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
    CHR Profile: C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
    CHR Extension: (Slides) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-16]
    CHR Extension: (Docs) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-16]
    CHR Extension: (Google Drive) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-16]
    CHR Extension: (YouTube) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-16]
    CHR Extension: (Sheets) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-16]
    CHR Extension: (Google Docs Offline) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-16]
    CHR Extension: (Gmail) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-16]
    CHR Extension: (Chrome Media Router) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-11-14] (NVIDIA Corporation)
    R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
    S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
    R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-10-31] (Intel(R) Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
    S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
    R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-19] (Malwarebytes)
    R1 MpKsl505a9cef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{560A40B9-A5A3-44DE-9DE0-3A37D9ED0390}\MpKsl505a9cef.sys [58120 2017-11-25] (Microsoft Corporation)
    R3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] ()
    R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
    S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Windows (R) Win 7 DDK provider)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-14] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
    R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
    S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
    S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-21] (Oracle Corporation)
    S3 veebeampol; C:\WINDOWS\System32\drivers\veebeampol.sys [14952 2013-10-24] (Veebeam Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-11-24 22:34 - 2017-11-24 22:34 - 000002295 _____ C:\Users\paulf\Desktop\CoD WWII.lnk
    2017-11-24 21:30 - 2017-11-24 21:30 - 000000000 ____D C:\ProgramData\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000471 _____ C:\Users\Public\Desktop\Tom Clancy's Ghost Recon Wildlands.lnk
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000718 _____ C:\Users\paulf\Desktop\Crysis 3.lnk
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
    2017-11-22 14:17 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\uTorrent
    2017-11-22 14:10 - 2017-11-22 14:10 - 000001181 _____ C:\Users\paulf\Desktop\Spintires Mudrunner.lnk
    2017-11-22 13:56 - 2017-11-22 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SpinTires MudRunner
    2017-11-22 13:56 - 2017-11-22 13:56 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SmartSteamEmu
    2017-11-21 20:27 - 2017-11-22 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-22 13:42 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-21 22:50 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
    2017-11-21 20:27 - 2017-11-21 22:49 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 20:28 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA
    2017-11-21 20:27 - 2017-11-16 01:41 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2017-11-21 20:26 - 2017-11-21 20:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-11-21 20:26 - 2017-11-16 01:41 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2017-11-21 20:26 - 2017-11-16 01:41 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2017-11-21 20:26 - 2017-11-16 00:53 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2017-11-21 20:26 - 2017-09-13 23:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-11-21 20:26 - 2017-09-13 23:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-11-21 20:24 - 2017-11-16 01:41 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2017-11-21 20:24 - 2017-11-14 22:48 - 040237504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 035156600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 029272000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 023264864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 019038976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 011780376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 010883928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001673664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001135280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001044664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001031288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000980928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000885496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000794576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000598648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2017-11-21 20:21 - 2017-11-21 20:21 - 000000000 ____D C:\NVIDIA
    2017-11-21 20:05 - 2017-11-21 20:26 - 000000000 ____D C:\WINDOWS\LastGood
    2017-11-21 20:04 - 2017-11-21 20:04 - 673040100 _____ C:\WINDOWS\MEMORY.DMP
    2017-11-21 20:04 - 2017-11-21 20:04 - 000790916 _____ C:\WINDOWS\Minidump\112117-10000-01.dmp
    2017-11-21 20:04 - 2017-11-21 20:04 - 000000000 ____D C:\WINDOWS\Minidump
    2017-11-21 15:00 - 2017-11-21 15:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2017-11-21 14:30 - 2017-11-21 14:30 - 000000000 ____D C:\ProgramData\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Intel
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\Program Files\RogueKiller
    2017-11-21 03:29 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashDumps
    2017-11-20 17:28 - 2010-08-24 15:16 - 000013440 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
    2017-11-20 17:28 - 2010-06-29 15:41 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
    2017-11-20 17:26 - 2017-11-20 17:28 - 000000000 ____D C:\Program Files (x86)\ASUS
    2017-11-20 16:12 - 2017-11-20 16:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-11-20 16:09 - 2017-11-20 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2017-11-20 15:52 - 2017-11-20 15:54 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2017-11-19 23:42 - 2017-11-19 23:42 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Skype
    2017-11-19 21:22 - 2017-11-19 21:22 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2017-11-19 21:19 - 2017-11-20 15:51 - 000000000 ____D C:\Program Files\Microsoft Office
    2017-11-19 21:16 - 2017-11-19 21:18 - 000000000 ____D C:\Users\paulf\AppData\Local\MSfree Inc
    2017-11-19 20:06 - 2017-11-19 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\NVIDIA
    2017-11-19 20:05 - 2017-11-19 20:07 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Novabench
    2017-11-19 20:05 - 2017-11-19 20:06 - 000000000 ____D C:\ProgramData\Novabench
    2017-11-19 20:05 - 2017-11-19 20:05 - 000000000 ____D C:\Users\paulf\AppData\Local\Novabench
    2017-11-19 16:57 - 2017-11-19 21:19 - 000000000 ____D C:\Users\paulf\AppData\Local\SKIDROW
    2017-11-19 16:42 - 2017-11-22 14:19 - 000000000 ____D C:\ProgramData\Betternet
    2017-11-19 16:42 - 2017-11-19 16:42 - 000002026 _____ C:\Users\Public\Desktop\Betternet.lnk
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\OpenVPN
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\Betternet
    2017-11-19 16:41 - 2017-11-19 16:41 - 000000000 ____D C:\Users\paulf\AppData\Local\Downloaded Installations
    2017-11-19 12:16 - 2017-11-19 12:16 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\SKS
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\Program Files\7-Zip
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000815 _____ C:\Users\paulf\Desktop\Homefront The Revolution.lnk
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homefront The Revolution
    2017-11-18 16:42 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-11-18 16:42 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-11-18 16:41 - 2017-11-18 16:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2017-11-18 15:44 - 2017-11-18 15:44 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Anno 2205
    2017-11-18 14:46 - 2017-11-18 14:46 - 000000000 ____D C:\Users\paulf\AppData\Local\Rockstar Games
    2017-11-18 14:45 - 2017-11-24 21:29 - 000000000 ____D C:\ProgramData\Package Cache
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Steam
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Socialclub
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files\Rockstar Games
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
    2017-11-18 12:32 - 2017-11-18 12:32 - 000002259 _____ C:\WINDOWS\epplauncher.mif
    2017-11-18 09:00 - 2017-11-18 09:00 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\Program Files\VS Revo Group
    2017-11-18 08:45 - 2017-11-18 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
    2017-11-18 08:20 - 2017-11-21 13:01 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2017-11-18 08:19 - 2017-11-18 08:22 - 000000000 ____D C:\ProgramData\RogueKiller
    2017-11-17 21:22 - 2017-11-18 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2
    2017-11-17 15:36 - 2017-11-17 15:36 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashRpt
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000772 _____ C:\Users\Public\Desktop\Anno 2205.lnk
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
    2017-11-17 14:03 - 2017-11-17 16:09 - 000000581 _____ C:\Users\paulf\Desktop\Crossout Launcher.lnk
    2017-11-17 12:25 - 2017-11-17 12:25 - 000001624 _____ C:\Users\paulf\Desktop\World of Tanks EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:16 - 000000702 _____ C:\Users\paulf\Desktop\World of Warships EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:12 - 000000000 ____D C:\ProgramData\boost_interprocess
    2017-11-17 12:24 - 2017-11-17 12:24 - 000000790 _____ C:\Users\paulf\Desktop\Game Center.lnk
    2017-11-17 12:23 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Local\MyComGames
    2017-11-17 12:23 - 2017-11-17 12:23 - 000002089 _____ C:\Users\paulf\Desktop\My.com Game Center.lnk
    2017-11-17 12:23 - 2017-11-17 12:23 - 000000140 _____ C:\Users\paulf\Desktop\Armored Warfare.url
    2017-11-17 12:21 - 2017-11-17 12:21 - 000000000 ____D C:\ProgramData\Wargaming.net
    2017-11-17 12:16 - 2017-11-17 12:24 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Wargaming.net
    2017-11-17 12:03 - 2017-11-17 12:03 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\Program Files\Malwarebytes
    2017-11-17 12:03 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-11-17 11:59 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Roaming\DS4Windows
    2017-11-17 11:59 - 2013-05-19 01:02 - 000039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
    2017-11-17 11:56 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uTorrent
    2017-11-17 11:56 - 2017-11-17 11:56 - 000000896 _____ C:\Users\paulf\Desktop\µTorrent.lnk
    2017-11-17 11:15 - 2017-11-17 11:16 - 000000000 ____D C:\Users\paulf\AppData\Local\Microsoft Windows
    2017-11-17 11:08 - 2017-11-17 12:30 - 000000000 ____D C:\Users\paulf\AppData\Local\Ubisoft Game Launcher
    2017-11-17 10:26 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
    2017-11-17 10:26 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
    2017-11-17 10:26 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
    2017-11-17 10:26 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
    2017-11-17 10:26 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2017-11-17 10:26 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
    2017-11-17 10:26 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
    2017-11-17 10:26 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
    2017-11-17 10:26 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
    2017-11-17 10:26 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
    2017-11-17 10:26 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
    2017-11-17 10:26 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
    2017-11-17 10:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
     
  4. Franksee

    Franksee Established Techie7 Member

    2017-11-17 10:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
    2017-11-17 10:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
    2017-11-16 17:20 - 2017-11-16 17:20 - 000000000 ____D C:\Users\paulf\AppData\Local\Gaijin
    2017-11-16 17:18 - 2015-11-08 15:36 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uplay
    2017-11-16 17:14 - 2017-11-16 17:15 - 000000000 ____D C:\Users\paulf\AppData\Local\Steam
    2017-11-16 17:14 - 2017-11-16 17:14 - 000000000 ____D C:\Users\paulf\AppData\Local\CEF
    2017-11-16 17:13 - 2017-11-16 17:13 - 000000000 ____D C:\Users\paulf\AppData\Local\Targem
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000549 _____ C:\Users\Public\Desktop\Steam.lnk
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-16 17:02 - 2017-11-16 17:02 - 000000000 ____D C:\ProgramData\Gaijin
    2017-11-16 16:50 - 2017-11-16 16:50 - 000001358 _____ C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\explorer.lnk
    2017-11-16 16:11 - 2017-11-16 16:11 - 000000000 ___HD C:\ProgramData\CanonBJ
    2017-11-16 15:41 - 2017-11-21 13:08 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2017-11-16 15:39 - 2017-11-21 15:55 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-11-16 15:36 - 2017-11-16 15:36 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Google
    2017-11-16 15:34 - 2017-11-16 15:34 - 000002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-11-16 15:33 - 2017-11-16 15:48 - 000000000 ____D C:\Users\paulf\AppData\Local\Google
    2017-11-16 15:33 - 2017-11-16 15:34 - 000000000 ____D C:\Program Files (x86)\Google
    2017-11-16 15:33 - 2017-11-16 15:33 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-11-16 15:33 - 2017-11-16 15:33 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-11-16 15:33 - 2017-11-16 15:33 - 000000000 ____D C:\Users\paulf\AppData\Local\MicrosoftEdge
    2017-11-16 02:04 - 2017-11-19 06:00 - 000000000 ____D C:\Windows.old
    2017-11-16 02:04 - 2017-11-16 02:04 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2017-11-16 02:04 - 2017-11-16 02:04 - 000000000 ____D C:\WINDOWS\InfusedApps
    2017-11-16 02:04 - 2017-11-15 18:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2017-11-16 02:02 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\Setup
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\winrm
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\WCN
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\slmgr
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\0409
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\OCR
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\DigitalLocker
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\MSBuild
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-11-16 01:57 - 2017-11-05 01:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-11-16 01:57 - 2017-11-05 01:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-11-16 01:55 - 2017-11-23 16:42 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-11-16 01:55 - 2017-11-23 16:42 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-11-16 01:55 - 2017-11-22 15:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-11-16 01:55 - 2017-11-21 22:06 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-11-16 01:55 - 2017-11-21 20:26 - 000000000 ___RD C:\Program Files (x86)
    2017-11-16 01:55 - 2017-11-21 14:59 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-11-16 01:55 - 2017-11-20 16:20 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-11-16 01:55 - 2017-11-19 14:26 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2017-11-16 01:55 - 2017-11-18 20:07 - 000000000 ____D C:\WINDOWS\rescache
    2017-11-16 01:55 - 2017-11-16 19:17 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
    2017-11-16 01:55 - 2017-11-16 19:17 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___SD C:\WINDOWS\system32\F12
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\setup
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\oobe
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\config\TxR
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\Provisioning
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-11-16 01:55 - 2017-11-16 06:58 - 000000000 ____D C:\WINDOWS\appcompat
    2017-11-16 01:55 - 2017-11-16 02:04 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ___RD C:\Program Files\Windows Defender
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\system32\Dism
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\system32\dsc
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SystemApps
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\MUI
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\Com
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\IME
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\Common Files\System
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __SHD C:\Program Files\Windows Sidebar
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __RSD C:\WINDOWS\Media
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\system32\Nui
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\system32\Configuration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Web
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Vss
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\tracing
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\TAPI
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SystemResources
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\winevt
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ras
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\PointOfService
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\MsDtc
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Ipmi
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\inetsrv
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\IME
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\icsxml
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ias
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\downlevel
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\config\Journal
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Bthprops
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\AppLocker
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\System
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SKB
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\security
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\schemas
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SchCache
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Resources
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Registration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\PLA
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Performance
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\ModemLogs
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\L2Schemas
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Globalization
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Cursors
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Branding
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\bcastdvr
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\addins
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Security
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Portable Devices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows NT
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Common Files\Services
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows NT
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2017-11-16 01:55 - 2017-11-16 01:54 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
    2017-11-16 01:55 - 2017-11-16 01:54 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
    2017-11-16 01:55 - 2017-11-16 01:54 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
    2017-11-16 01:55 - 2017-11-16 01:54 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2017-11-16 01:55 - 2017-11-16 01:54 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
    2017-11-16 01:55 - 2017-11-16 01:54 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
    2017-11-16 01:55 - 2017-11-16 01:54 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000219 _____ C:\WINDOWS\system.ini
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000092 _____ C:\WINDOWS\win.ini
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\system32\spool
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\ProgramData\USOPrivate
    2017-11-16 01:55 - 2017-11-15 18:25 - 000000000 __RHD C:\Users\Public\Libraries
    2017-11-16 01:55 - 2017-11-15 18:25 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2017-11-16 01:55 - 2017-11-15 18:23 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ___RD C:\WINDOWS\MiracastView
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ____D C:\WINDOWS\HoloShell
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ____D C:\WINDOWS\Help
    2017-11-16 01:55 - 2017-11-15 18:20 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
    2017-11-16 01:54 - 2017-11-22 15:11 - 000000000 ____D C:\WINDOWS\INF
    2017-11-16 01:50 - 2017-11-16 15:41 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-11-16 01:49 - 2017-11-22 14:38 - 091226112 _____ C:\WINDOWS\system32\config\SOFTWARE
    2017-11-16 01:49 - 2017-11-22 14:38 - 014417920 _____ C:\WINDOWS\system32\config\SYSTEM
    2017-11-16 01:49 - 2017-11-22 14:38 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2017-11-16 01:49 - 2017-11-22 14:38 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
    2017-11-16 01:49 - 2017-11-22 14:38 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY
    2017-11-16 01:49 - 2017-11-16 02:20 - 000057344 _____ C:\WINDOWS\system32\config\SAM
    2017-11-16 01:49 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\servicing
    2017-11-16 01:49 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\SMI
    2017-11-16 01:49 - 2017-11-15 18:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2017-11-16 00:24 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\Panther
    2017-11-16 00:23 - 2017-11-16 02:04 - 000000000 ___HD C:\$SysReset
    2017-11-15 18:30 - 2017-11-15 18:30 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2516327635-2037600327-2752607068-1001
    2017-11-15 18:29 - 2017-11-17 14:34 - 000000000 ____D C:\Users\paulf\AppData\Local\Comms
    2017-11-15 18:29 - 2017-11-15 18:30 - 000002367 _____ C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-11-15 18:29 - 2017-11-15 18:29 - 000000000 ____D C:\Users\paulf\AppData\Local\DBG
    2017-11-15 18:29 - 2017-11-15 18:29 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2017-11-15 18:27 - 2017-11-22 13:46 - 000998954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-11-15 18:27 - 2017-11-17 11:13 - 000000000 ____D C:\Users\paulf\AppData\Local\Packages
    2017-11-15 18:27 - 2017-11-16 06:59 - 000000000 ____D C:\Users\paulf\AppData\Local\Publishers
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000020 ___SH C:\Users\paulf\ntuser.ini
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 _SHDL C:\Users\Default User
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 _SHDL C:\Users\All Users
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Adobe
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\VirtualStore
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\TileDataLayer
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\ConnectedDevicesPlatform
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\ProgramData\USOShared
    2017-11-15 18:26 - 2017-11-22 15:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-11-15 18:24 - 2017-11-25 15:10 - 000000000 ____D C:\Users\paulf
    2017-11-15 18:23 - 2017-03-18 20:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2017-11-15 18:22 - 2017-11-25 13:26 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-11-15 18:22 - 2017-11-22 15:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-11-15 18:22 - 2017-11-14 20:15 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-11-15 18:22 - 2017-11-14 19:56 - 005960640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 002587584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 001766336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000607352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000449472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2017-11-15 18:22 - 2017-11-10 06:09 - 007855841 _____ C:\WINDOWS\system32\nvcoproc.bin
    2017-11-15 18:21 - 2017-11-22 13:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-11-15 18:21 - 2017-11-21 22:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____H C:\ProgramData\DP45977C.lfl
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\WINDOWS\system32\DAX2
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\Program Files\Realtek
    2017-11-15 18:20 - 2017-11-25 14:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-11-15 18:20 - 2017-11-21 12:22 - 000405072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-11-15 07:39 - 2017-11-15 07:39 - 006375008 _____ (Wargaming.net (c) 2009-2017 ) C:\Users\paulf\Downloads\world_of_warships_install_eu_bh6xk6nqzf3x (1).exe
    2017-11-14 22:29 - 2017-11-17 12:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
    2017-11-14 22:11 - 2017-11-14 22:12 - 006375008 _____ (Wargaming.net (c) 2009-2017 ) C:\Users\paulf\Downloads\world_of_warships_install_eu_bh6xk6nqzf3x.exe
    2017-11-14 19:18 - 2017-11-02 05:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2017-11-14 19:18 - 2017-11-02 04:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2017-11-14 19:18 - 2017-11-02 04:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2017-11-14 19:18 - 2017-11-02 04:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2017-11-14 19:18 - 2017-11-02 04:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2017-11-14 19:18 - 2017-11-02 04:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-11-14 19:18 - 2017-11-02 04:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2017-11-14 19:18 - 2017-10-15 14:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
    2017-11-14 19:18 - 2017-10-15 14:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-11-14 19:18 - 2017-10-15 14:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2017-11-14 19:18 - 2017-10-15 14:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2017-11-14 19:18 - 2017-10-15 14:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2017-11-14 19:17 - 2017-11-02 05:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2017-11-14 19:17 - 2017-11-02 05:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-11-14 19:17 - 2017-11-02 05:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2017-11-14 19:17 - 2017-11-02 05:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-11-14 19:17 - 2017-11-02 05:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2017-11-14 19:17 - 2017-11-02 05:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2017-11-14 19:17 - 2017-11-02 05:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-11-14 19:17 - 2017-11-02 05:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-11-14 19:17 - 2017-11-02 05:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2017-11-14 19:17 - 2017-11-02 05:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2017-11-14 19:17 - 2017-11-02 05:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2017-11-14 19:17 - 2017-11-02 05:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2017-11-14 19:17 - 2017-11-02 05:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-11-14 19:17 - 2017-11-02 05:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-11-14 19:17 - 2017-11-02 05:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2017-11-14 19:17 - 2017-11-02 05:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2017-11-14 19:17 - 2017-11-02 05:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-11-14 19:17 - 2017-11-02 04:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2017-11-14 19:17 - 2017-11-02 04:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2017-11-14 19:17 - 2017-11-02 04:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2017-11-14 19:17 - 2017-11-02 04:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-11-14 19:17 - 2017-11-02 04:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-11-14 19:17 - 2017-11-02 04:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2017-11-14 19:17 - 2017-11-02 04:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-11-14 19:17 - 2017-11-02 04:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2017-11-14 19:17 - 2017-11-02 04:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2017-11-14 19:17 - 2017-11-02 04:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2017-11-14 19:17 - 2017-11-02 04:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
    2017-11-14 19:17 - 2017-11-02 04:35 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-11-14 19:17 - 2017-11-02 04:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-11-14 19:17 - 2017-11-02 04:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-11-14 19:17 - 2017-11-02 04:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2017-11-14 19:17 - 2017-11-02 04:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-11-14 19:17 - 2017-11-02 04:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-11-14 19:17 - 2017-11-02 04:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-11-14 19:17 - 2017-11-02 04:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-11-14 19:17 - 2017-11-02 04:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2017-11-14 19:17 - 2017-10-25 07:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2017-11-14 19:17 - 2017-10-15 15:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2017-11-14 19:17 - 2017-10-15 15:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-11-14 19:17 - 2017-10-15 15:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2017-11-14 19:17 - 2017-10-15 14:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2017-11-14 19:17 - 2017-10-15 14:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2017-11-14 19:17 - 2017-10-15 14:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2017-11-14 19:17 - 2017-10-15 14:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2017-11-14 19:17 - 2017-10-15 14:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2017-11-14 19:17 - 2017-10-15 14:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2017-11-14 19:17 - 2017-10-15 14:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
    2017-11-14 19:17 - 2017-10-15 14:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2017-11-14 19:17 - 2017-10-15 14:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2017-11-14 19:17 - 2017-10-15 14:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-11-14 19:17 - 2017-10-15 14:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2017-11-14 19:17 - 2017-10-15 14:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-11-14 19:17 - 2017-10-15 14:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-11-14 19:17 - 2017-10-15 14:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2017-11-14 19:17 - 2017-10-15 14:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2017-11-14 19:17 - 2017-10-15 14:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
    2017-11-14 19:17 - 2017-10-15 14:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
    2017-11-14 19:17 - 2017-10-15 14:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2017-11-14 19:17 - 2017-10-15 14:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-11-14 19:17 - 2017-10-15 14:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-11-14 19:17 - 2017-10-15 14:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-11-14 19:17 - 2017-10-15 14:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2017-11-14 19:17 - 2017-10-15 14:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2017-11-14 19:17 - 2017-10-15 14:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-11-14 19:17 - 2017-10-15 14:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-11-14 19:17 - 2017-10-15 14:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-11-14 19:17 - 2017-10-15 14:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
    2017-11-14 19:17 - 2017-10-15 14:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
    2017-11-13 17:51 - 2017-11-15 18:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2017-11-13 17:51 - 2017-11-13 17:51 - 072185968 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller (2).exe
    2017-11-13 08:05 - 2017-11-13 08:06 - 072185968 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller (1).exe
    2017-11-12 21:02 - 2017-11-12 21:02 - 000022164 _____ C:\Users\paulf\Downloads\1CCE29AD4F1E46239E4AFD4560084DD4D230F1C2.torrent
    2017-11-12 20:05 - 2017-11-12 20:05 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\TomTom
    2017-11-10 13:43 - 2017-11-15 18:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
    2017-11-10 13:42 - 2017-11-10 13:42 - 039234032 _____ C:\Users\paulf\Downloads\Afterburner_4.4.0.zip
    2017-11-10 13:29 - 2017-11-10 13:32 - 459940794 _____ C:\Users\paulf\Downloads\nvidia_388.13_w1064.zip
    2017-11-09 20:47 - 2016-10-08 22:17 - 003168256 _____ () C:\Users\paulf\Desktop\DS4Windows.exe
    2017-11-09 20:42 - 2017-11-09 20:42 - 001174539 _____ C:\Users\paulf\Downloads\DS4Windows.zip
    2017-11-09 16:51 - 2017-11-09 16:51 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Intel XTU Profiles
    2017-11-09 16:30 - 2017-11-09 16:30 - 038618496 _____ (Intel Corporation) C:\Users\paulf\Downloads\xtu-setup-exe.exe
    2017-11-09 16:03 - 2017-11-09 16:04 - 125914871 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-81-10_M7IGFHR_V10102 (1).zip
    2017-11-09 13:17 - 2017-11-09 13:17 - 032002048 _____ C:\Users\paulf\Downloads\EpicInstaller-6.7.0.msi
    2017-11-09 13:17 - 2017-11-09 13:17 - 032002048 _____ C:\Users\paulf\Downloads\EpicInstaller-6.7.0 (1).msi
    2017-11-09 04:39 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
    2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
    2017-11-08 22:26 - 2017-11-08 22:26 - 001743008 _____ ( ) C:\Users\paulf\Downloads\cpu-z_1.81-en.exe
    2017-11-08 16:43 - 2017-11-08 16:44 - 116602337 _____ C:\Users\paulf\Downloads\AISuiteIII_V10159_DIP5_10390.zip
    2017-11-07 17:41 - 2017-11-07 17:41 - 008983107 _____ C:\Users\paulf\Downloads\Manual (1).pdf
    2017-11-07 17:34 - 2017-11-07 17:35 - 008983107 _____ C:\Users\paulf\Downloads\Manual.pdf
    2017-11-07 11:04 - 2017-11-07 11:05 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet (2).pdf
    2017-11-07 11:04 - 2017-11-07 11:04 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet.pdf
    2017-11-07 11:04 - 2017-11-07 11:04 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet (1).pdf
    2017-11-05 21:23 - 2017-11-05 21:23 - 000012290 _____ C:\Users\paulf\Downloads\Paul-Heaton- -Jacqui-Abbott--What-Have-We-Become-(Deluxe-Edition)-Album-2014-zip.torrent
    2017-11-05 21:04 - 2017-11-05 21:04 - 002403328 _____ (Farbar) C:\Users\paulf\Downloads\FRST64 (1).exe
    2017-11-05 18:25 - 2017-11-05 18:26 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8 (2).exe
    2017-11-05 18:12 - 2017-11-05 18:13 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8 (1).exe
    2017-11-05 18:11 - 2017-11-05 18:12 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8.exe
    2017-11-05 10:39 - 2017-11-05 10:39 - 008261584 _____ (Malwarebytes) C:\Users\paulf\Downloads\AdwCleaner.exe
    2017-11-05 10:30 - 2017-11-05 10:31 - 078346672 _____ (Malwarebytes ) C:\Users\paulf\Downloads\mb3-setup-consumer-3.3.1.2183.exe
    2017-11-04 20:47 - 2017-11-04 20:47 - 005603499 _____ (UserBenchmark.com) C:\Users\paulf\Desktop\UserBenchMark.exe
    2017-11-04 08:51 - 2017-11-04 08:56 - 460431568 _____ (NVIDIA Corporation) C:\Users\paulf\Downloads\388.13-desktop-win10-64bit-international-whql.exe
    2017-11-03 07:16 - 2017-11-03 07:16 - 036097984 _____ (Adlice Software ) C:\Users\paulf\Downloads\RogueKiller_setup_ref3.exe
    2017-11-02 20:40 - 2017-11-05 21:06 - 000065242 _____ C:\Users\paulf\Downloads\Addition.txt
    2017-11-02 20:39 - 2017-11-05 21:06 - 000157782 _____ C:\Users\paulf\Downloads\FRST.txt
    2017-11-02 20:38 - 2017-11-25 17:05 - 000000000 ____D C:\FRST
    2017-11-02 20:38 - 2017-11-02 20:38 - 002403328 _____ (Farbar) C:\Users\paulf\Downloads\FRST64.exe
    2017-11-02 20:28 - 2017-11-02 20:28 - 000656608 _____ (PC Drivers HeadQuarters LP) C:\Users\paulf\Downloads\DriverSupport.exe
    2017-11-02 16:30 - 2017-11-02 16:30 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Paradox Interactive
    2017-11-02 07:11 - 2017-11-02 07:11 - 000016523 _____ C:\Users\paulf\Downloads\charterhouse-invoice-194783.pdf
    2017-10-31 16:53 - 2017-10-31 16:54 - 016082320 _____ (Logitech Inc.) C:\Users\paulf\Downloads\lgs510_x64.exe
    2017-10-30 07:19 - 2017-10-30 07:19 - 000000000 ____D C:\Users\paulf\ansel
    2017-10-29 09:21 - 2017-10-29 09:21 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\Kite Games
    2017-10-28 14:43 - 2017-10-28 14:44 - 096575488 _____ C:\Users\paulf\Downloads\novabench.msi
    2017-10-28 13:37 - 2017-10-28 13:37 - 001949047 _____ C:\Users\paulf\Downloads\The Last of US PC Installer.rar
    2017-10-28 12:30 - 2017-10-28 12:34 - 072177800 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller.exe
    2017-10-28 11:34 - 2017-10-28 11:34 - 076775409 _____ C:\Users\paulf\Downloads\AISuite3_Win10_V10147.zip
    2017-10-28 10:56 - 2017-10-28 10:56 - 125914871 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-81-10_M7IGFHR_V10102.zip
    2017-10-28 10:54 - 2017-10-28 10:54 - 019191253 _____ C:\Users\paulf\Downloads\AISuiteV10425.zip
    2017-10-28 10:53 - 2017-10-28 10:53 - 021616952 _____ C:\Users\paulf\Downloads\AISuite_V10524.zip
    2017-10-28 10:52 - 2017-10-28 10:52 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7 (2).zip
    2017-10-28 10:52 - 2017-10-28 10:52 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7 (2).zip
    2017-10-27 20:44 - 2017-10-27 20:44 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\DyingLight
    2017-10-27 15:10 - 2017-10-27 15:10 - 004355608 _____ C:\Users\paulf\Downloads\TurboV_V10204_XpVistaWin7.zip
    2017-10-27 15:02 - 2017-10-27 15:02 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7 (1).zip
    2017-10-27 15:01 - 2017-10-27 15:01 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7 (1).zip
    2017-10-27 14:59 - 2017-10-27 14:59 - 021850479 _____ C:\Users\paulf\Downloads\AiSuite_V10532.zip
    2017-10-27 14:58 - 2017-10-27 14:58 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7.zip
    2017-10-27 14:57 - 2017-10-27 14:57 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7.zip
    2017-10-27 14:40 - 2017-10-27 14:40 - 030857076 _____ C:\Users\paulf\Downloads\AI_Suite_II_Win7_Z10215.zip
    2017-10-27 14:22 - 2017-10-27 14:26 - 167887028 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-8-1_Z87-DELUXE-1.zip
    2017-10-27 06:56 - 2017-10-27 06:56 - 000231760 _____ C:\Users\paulf\Downloads\CrucialUKScan.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-11-22 15:12 - 2016-07-07 11:51 - 000000000 ____D C:\Temp
    2017-11-21 13:31 - 2016-10-25 20:00 - 000000000 ____D C:\AdwCleaner
    2017-11-18 14:46 - 2017-09-23 12:11 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Rockstar Games
    2017-11-17 12:24 - 2016-04-29 13:49 - 000000000 ____D C:\Games
    2017-11-17 12:23 - 2017-07-14 12:31 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
    2017-11-17 12:15 - 2017-08-26 16:35 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
    2017-11-16 19:19 - 2016-02-13 13:20 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-11-16 17:18 - 2017-04-29 19:02 - 000000199 _____ C:\Users\paulf\Desktop\Counter-Strike Global Offensive.url
    2017-11-16 01:53 - 2017-03-18 20:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
    2017-11-15 18:30 - 2016-04-29 13:40 - 000000000 ___RD C:\Users\paulf\OneDrive
    2017-11-15 18:25 - 2017-07-15 10:30 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
    2017-11-15 18:25 - 2017-07-14 15:02 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
    2017-11-15 18:25 - 2016-12-21 18:10 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
    2017-11-15 18:25 - 2016-05-20 07:41 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-15 07:50 - 2017-07-25 20:54 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Outlook Files
    2017-11-14 22:48 - 2017-05-19 16:47 - 004484864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2017-11-14 22:48 - 2017-05-19 13:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
    2017-11-14 07:30 - 2017-03-28 15:15 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
    2017-11-13 22:02 - 2016-05-14 10:21 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\My Games

    Some files in TEMP:
    ====================
    2017-11-18 08:19 - 2017-10-24 23:36 - 001930840 _____ (Microsoft Corporation) C:\Users\paulf\AppData\Local\Temp\dllnt_dump.dll
    2017-11-21 20:05 - 2017-10-27 16:06 - 000874368 _____ (NVIDIA Corporation) C:\Users\paulf\AppData\Local\Temp\nvSCPAPI64.dll
    2017-11-21 20:24 - 2017-10-27 16:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\paulf\AppData\Local\Temp\nvStInst.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-11-15 18:05

    ==================== End of FRST.txt ============================
     
  5. Franksee

    Franksee Established Techie7 Member

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
    Ran by paulf (25-11-2017 17:06:51)
    Running from H:\Google Downloads
    Windows 10 Home Version 1703 15063.726 (X64) (2017-11-15 18:27:39)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2516327635-2037600327-2752607068-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2516327635-2037600327-2752607068-503 - Limited - Disabled)
    Guest (S-1-5-21-2516327635-2037600327-2752607068-501 - Limited - Disabled)
    paulf (S-1-5-21-2516327635-2037600327-2752607068-1001 - Administrator - Enabled) => C:\Users\paulf

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
    7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
    Anno 2205 / RePack by Baracuda (HKLM-x32\...\Anno 2205_is1) (Version: 1.1.2124.38702 - )
    Armored Warfare MyCom (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Armored Warfare MyCom) (Version: 1.131 - My.com B.V.)
    Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703900}) (Version: 3.9.0.0 - Betternet Technologies Inc.)
    Crossout Launcher 1.0.3.25 (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\CrossOutLauncher_is1) (Version: - )
    Crysis 3, âåðñèÿ 2.0 (HKLM-x32\...\Crysis 3_is1) (Version: 2.0 - Electronic Arts)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
    Homefront The Revolution (HKLM-x32\...\Homefront The Revolution_is1) (Version: - )
    Intel Extreme Tuning Utility (HKLM-x32\...\{09bb3c48-fafb-45a9-b0f2-3694c6c6e012}) (Version: 6.4.1.15 - Intel Corporation)
    Intel Extreme Tuning Utility (HKLM-x32\...\{1FDC7997-C78F-4E04-B841-F2150FC06B58}) (Version: 6.4.1.15 - Intel Corporation) Hidden
    Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4981.1001 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    My.com Game Center (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\MyComGames) (Version: 3.219 - My.com B.V.)
    NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
    OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
    RogueKiller version 12.11.25.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.25.0 - Adlice Software)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
    Tom Clancy's Ghost Recon Wildlands (HKLM\...\Tom Clancys Ghost Recon Wildlands_is1) (Version: 1.0 - )
    Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    Wargaming.net Game Center (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Wargaming.net Game Center) (Version: 17.8.1.6304 - Wargaming.net)
    World of Tanks EU (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
    World of Warships EU (HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-14] (NVIDIA Corporation)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {4E89703C-4271-49BB-9B32-2F8B4E44B46E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
    Task: {62E562C2-2F3B-43F4-97AC-97D5CC7F0024} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-11-20] (Microsoft Corporation)
    Task: {67D5D8E9-9025-4B83-B3DA-A375CF67A0F3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
    Task: {768818E2-8921-4E43-AD24-08ED8AEACC45} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-16] (NVIDIA Corporation)
    Task: {83E5A636-2FE4-4957-9EFA-C130DFFA4A89} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-11-20] (Microsoft Corporation)
    Task: {8800786D-4B76-4367-A101-433BF3483060} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
    Task: {B4E3487D-4284-456E-A7BD-1C25D7A4D9A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-16] (Google Inc.)
    Task: {BCB5C6BF-A6E4-499B-92DC-393B98502BFB} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
    Task: {BD480B0E-8072-4B43-A03C-1709DE9BE9A2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
    Task: {C9E42B0E-431A-4F83-B692-8B1FBD362EDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-16] (Google Inc.)
    Task: {D4D1FECC-AE19-4DEB-82D5-4165E5123DD3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)
    Task: {DEE75A44-B293-4492-B969-E03F423E2118} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
    Task: {E879BC81-D156-42F3-AD53-3E61FEBFA6EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
    Task: {F7738267-8B68-444B-847D-CAA0039A3584} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
    Task: {F7C9D09D-2240-47B7-A476-936C5D8C5DAE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-11-20 17:28 - 2011-10-29 09:59 - 000918448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
    2017-11-20 15:52 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2017-11-17 12:03 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2017-03-18 20:58 - 2017-03-18 20:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2017-11-20 16:13 - 2017-11-20 16:13 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2017-03-18 20:59 - 2017-03-19 02:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-11-16 15:40 - 2017-11-16 15:41 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2017-11-16 15:40 - 2017-11-16 15:41 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2017-11-16 15:40 - 2017-11-16 15:41 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2017-11-16 15:40 - 2017-11-16 15:41 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
    2017-11-16 15:40 - 2017-11-16 15:41 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
    2017-11-09 20:47 - 2016-10-08 22:17 - 003168256 _____ () C:\Users\paulf\Desktop\DS4Windows.exe
    2017-11-16 15:34 - 2017-11-10 09:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
    2017-11-16 15:34 - 2017-11-10 09:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
    2017-11-20 17:28 - 2010-06-29 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll
    2017-11-16 17:14 - 2017-09-09 19:25 - 000688416 _____ () H:\Steam\SDL2.dll
    2017-11-16 17:14 - 2017-10-31 03:22 - 002546976 _____ () H:\Steam\video.dll
    2017-11-16 17:14 - 2016-09-01 01:02 - 004969248 _____ () H:\Steam\v8.dll
    2017-11-16 17:14 - 2016-01-27 07:49 - 000491008 _____ () H:\Steam\libavformat-56.dll
    2017-11-16 17:14 - 2016-01-27 07:49 - 000332800 _____ () H:\Steam\libavresample-2.dll
    2017-11-16 17:14 - 2016-01-27 07:49 - 000442880 _____ () H:\Steam\libavutil-54.dll
    2017-11-16 17:14 - 2016-01-27 07:49 - 002549760 _____ () H:\Steam\libavcodec-56.dll
    2017-11-16 17:14 - 2016-01-27 07:49 - 000485888 _____ () H:\Steam\libswscale-3.dll
    2017-11-16 17:14 - 2016-09-01 01:02 - 001195296 _____ () H:\Steam\icuuc.dll
    2017-11-16 17:14 - 2016-09-01 01:02 - 001563936 _____ () H:\Steam\icui18n.dll
    2017-11-16 17:14 - 2017-10-31 03:22 - 000901408 _____ () H:\Steam\bin\chromehtml.DLL
    2017-11-16 17:14 - 2016-07-04 22:17 - 000266560 _____ () H:\Steam\openvr_api.dll
    2017-11-17 12:23 - 2017-11-17 12:23 - 000144896 _____ () C:\Users\paulf\AppData\Local\MyComGames\zlib1.dll
    2017-11-17 12:23 - 2017-11-17 12:23 - 000076176 _____ () C:\Users\paulf\AppData\Local\MyComGames\pxd.dll
    2017-11-17 12:23 - 2017-11-17 12:23 - 000249744 _____ () C:\Users\paulf\AppData\Local\MyComGames\LightUpdate.dll
    2017-11-17 12:23 - 2017-11-17 12:23 - 002495376 _____ () C:\Users\paulf\AppData\Local\MyComGames\BigUp2.dll
    2017-10-03 21:18 - 2017-10-03 21:18 - 071411712 _____ () C:\Users\paulf\AppData\Local\MyComGames\Chrome\3.3202.1673\libcef.dll
    2017-11-17 12:24 - 2017-11-13 21:20 - 001663736 _____ () \\?\H:\Wargaming.net\GameCenter\dlls\libGLESv2.dll
    2017-11-17 12:24 - 2017-11-13 21:20 - 000091896 _____ () \\?\H:\Wargaming.net\GameCenter\dlls\libEGL.dll
    2017-11-17 12:24 - 2017-11-13 21:20 - 048874744 _____ () \\?\H:\Wargaming.net\GameCenter\dlls\libcef.dll
    2017-11-16 17:14 - 2017-09-07 02:04 - 000678400 _____ () H:\Steam\bin\cef\cef.win7\SDL2.dll
    2017-11-16 17:14 - 2017-08-16 22:28 - 073130272 _____ () H:\Steam\bin\cef\cef.win7\libcef.dll
    2017-11-16 17:14 - 2015-09-24 23:52 - 000119208 _____ () H:\Steam\winh264.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-11-16 01:55 - 2017-11-16 01:54 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{98614ED1-33CB-4395-8D0F-40E1AF0E898D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [TCP Query User{CDAE1B45-5B3B-4351-822C-06AC074494A2}F:\games\crossout\launcher.exe] => (Allow) F:\games\crossout\launcher.exe
    FirewallRules: [UDP Query User{CE2CEE09-1F3F-44F4-81E3-DC35FC5809BE}F:\games\crossout\launcher.exe] => (Allow) F:\games\crossout\launcher.exe
    FirewallRules: [{119DE6B8-D4C1-49BF-B49C-5F5BE6AFD1E2}] => (Allow) H:\Steam\Steam.exe
    FirewallRules: [{6A15EF31-FFBB-4DD0-AA99-C04E1A26BDA2}] => (Allow) H:\Steam\Steam.exe
    FirewallRules: [{6B0D4D49-FDAB-44EE-8BF2-4DD5C48CAC7D}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{235AAC5F-FFA2-45AC-A2F7-06F841F639F5}] => (Allow) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [TCP Query User{0D7F0D1D-132F-452D-A964-5A49F423F388}F:\games\warthunder\launcher.exe] => (Allow) F:\games\warthunder\launcher.exe
    FirewallRules: [UDP Query User{32485366-8DAE-4330-A63F-D26301F2AD63}F:\games\warthunder\launcher.exe] => (Allow) F:\games\warthunder\launcher.exe
    FirewallRules: [{E7B8D548-EA73-474B-9141-3B61D4DAE37A}] => (Allow) H:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{ABD56C39-1214-42C4-BD72-BB3A5DA0E39A}] => (Allow) H:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{1D06825F-06FB-49B9-891E-2B9E422A7BA0}] => (Allow) C:\Users\paulf\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{83677260-0C0A-4D7F-9484-7DD38EC949C9}] => (Allow) C:\Users\paulf\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{FFEF107E-A2B5-4F98-BB4B-716A7BF7F125}H:\crossout\launcher.exe] => (Allow) H:\crossout\launcher.exe
    FirewallRules: [UDP Query User{20B6F45C-C0C5-4DF2-8722-4398B8C8BE5A}H:\crossout\launcher.exe] => (Allow) H:\crossout\launcher.exe
    FirewallRules: [TCP Query User{4698FB5F-B256-465C-B081-18623AF5A02B}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
    FirewallRules: [UDP Query User{BDE062C1-E2BA-4AC2-8318-A1D6EB7C8426}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
    FirewallRules: [TCP Query User{D1CB5E90-DA45-4D49-B750-8947CE1DBA4F}C:\users\paulf\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\paulf\appdata\local\mycomgames\mycomgames.exe
    FirewallRules: [UDP Query User{04543774-CA6C-42E4-8092-D8728BC30FAE}C:\users\paulf\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\paulf\appdata\local\mycomgames\mycomgames.exe
    FirewallRules: [TCP Query User{86B15DB8-EDB5-459D-B5FA-ADBDD628F4C9}H:\wargaming.net\gamecenter\wgc.exe] => (Allow) H:\wargaming.net\gamecenter\wgc.exe
    FirewallRules: [UDP Query User{E4948625-3333-4F86-AD95-4F91A0C0919D}H:\wargaming.net\gamecenter\wgc.exe] => (Allow) H:\wargaming.net\gamecenter\wgc.exe
    FirewallRules: [TCP Query User{B332986C-6C5A-4BBD-AF57-DA84369788F1}H:\grand theft auto v\gta5.exe] => (Allow) H:\grand theft auto v\gta5.exe
    FirewallRules: [UDP Query User{67BCD33F-0127-4AC1-9A22-32C6A34238D9}H:\grand theft auto v\gta5.exe] => (Allow) H:\grand theft auto v\gta5.exe
    FirewallRules: [TCP Query User{C8CA1A14-43D0-476C-97F9-727171AA4FD3}H:\homefront the revolution\bin64\homefront2_release.exe] => (Block) H:\homefront the revolution\bin64\homefront2_release.exe
    FirewallRules: [UDP Query User{13A3D3B9-F2EF-4CDC-8A2E-8E83AB651FC8}H:\homefront the revolution\bin64\homefront2_release.exe] => (Block) H:\homefront the revolution\bin64\homefront2_release.exe
    FirewallRules: [{6E5045A1-3EF9-4A8F-8819-CD0BE9D477B4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{343D4B3F-B051-478D-BD68-3669CD2C3796}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{9D541884-A581-40E9-A624-0581370EAB0F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{CF62288B-D9E8-4A48-A157-6D052B37EE34}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{08ACE402-9C67-4682-B58A-02B9508A6B52}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{A72082E5-7431-47DF-8EA2-62BCE9535003}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{A9DC3D51-EB63-4A3A-BD9F-80016C8CA17C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{0585AC13-4285-46A7-81A0-3C509FA13EDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{749E5081-5E25-4FA9-B45B-8FF4AE20CD55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{7885CAE7-9254-423A-9C5D-21FBB78191FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{C9917323-692C-440E-9B30-EB3509F84EEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{F9A266DF-2E6B-44F5-A76C-04174F1B80A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [TCP Query User{2B8AD47D-E927-4541-B4A2-C3DD8FA5DC68}H:\downloads\spintires.mudrunner\spintiresmudrunner\spintires mudrunner\mudrunner.exe] => (Block) H:\downloads\spintires.mudrunner\spintiresmudrunner\spintires mudrunner\mudrunner.exe
    FirewallRules: [UDP Query User{C5A8663E-5DB1-429A-B959-6DCC866B2E48}H:\downloads\spintires.mudrunner\spintiresmudrunner\spintires mudrunner\mudrunner.exe] => (Block) H:\downloads\spintires.mudrunner\spintiresmudrunner\spintires mudrunner\mudrunner.exe
    FirewallRules: [TCP Query User{9568E9FA-209D-4BF3-9E33-38113A2CE332}H:\tom clancy's ghost recon wildlands\grw.exe] => (Block) H:\tom clancy's ghost recon wildlands\grw.exe
    FirewallRules: [UDP Query User{D23BA37D-2433-457B-8924-22B44619DAC9}H:\tom clancy's ghost recon wildlands\grw.exe] => (Block) H:\tom clancy's ghost recon wildlands\grw.exe

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled

    ==================== Faulty Device Manager Devices =============

    Name: Unknown USB Device (Device Descriptor Request Failed)
    Description: Unknown USB Device (Device Descriptor Request Failed)
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service:
    Problem: : Windows has stopped this device because it has reported problems. (Code 43)
    Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/25/2017 02:52:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EF1V79E)
    Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (11/24/2017 10:54:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: utorrentie.exe, version: 1.0.0.44090, time stamp: 0x59a491fe
    Faulting module name: utorrentie.exe, version: 1.0.0.44090, time stamp: 0x59a491fe
    Exception code: 0xc0000005
    Fault offset: 0x00014529
    Faulting process id: 0x20e4
    Faulting application start time: 0x01d3656ef8723b94
    Faulting application path: C:\Users\paulf\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
    Faulting module path: C:\Users\paulf\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
    Report Id: 15192852-e50e-4c90-8e7d-f4c5a066a906
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/24/2017 09:12:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-EF1V79E)
    Description: Package Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

    Error: (11/24/2017 01:48:53 PM) (Source: COM) (EventID: 10031) (User: )
    Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected

    Error: (11/24/2017 11:48:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-EF1V79E)
    Description: Package Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

    Error: (11/23/2017 06:50:40 PM) (Source: COM) (EventID: 10031) (User: )
    Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected

    Error: (11/22/2017 05:20:15 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

    Error: (11/21/2017 02:30:31 PM) (Source: Perflib) (EventID: 1023) (User: )
    Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

    Error: (11/21/2017 02:03:38 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

    Error: (11/21/2017 01:49:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: setup.exe_InstallShield (R), version: 6.31.100.1190, time stamp: 0x3b95f860
    Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
    Exception code: 0xc0000005
    Fault offset: 0x00041161
    Faulting process id: 0x1380
    Faulting application start time: 0x01d362cf9be7c260
    Faulting application path: G:\Software\AISuite\setup.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: 3bed92cd-3c87-421a-929e-3d1de8f44a0e
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (11/25/2017 02:53:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2017 09:12:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2017 03:31:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2017 01:56:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2017 11:48:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2017 11:09:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/23/2017 11:17:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EF1V79E)
    Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

    Error: (11/23/2017 11:17:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EF1V79E)
    Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

    Error: (11/22/2017 03:11:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The CldFlt service failed to start due to the following error:
    The request is not supported.

    Error: (11/22/2017 03:11:08 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 2:39:27 PM on ‎11/‎22/‎2017 was unexpected.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz
    Percentage of memory in use: 18%
    Total physical RAM: 12279.11 MB
    Available physical RAM: 9958.23 MB
    Total Virtual: 14135.11 MB
    Available Virtual: 11207.46 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:119.14 GB) (Free:37.55 GB) NTFS
    Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive e: () (Fixed) (Total:229.26 GB) (Free:229.13 GB) NTFS
    Drive f: () (Fixed) (Total:931.41 GB) (Free:240.09 GB) NTFS
    Drive g: (MB Support CD) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS
    Drive h: () (Fixed) (Total:1863.01 GB) (Free:892.66 GB) NTFS
    Drive j: (GRW) (CDROM) (Total:56.49 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F5AB8698)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 232.8 GB) (Disk ID: D0F4738C)
    Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
    Partition 2: (Active) - (Size=229.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=3.5 GB) - (Type=DB)

    ========================================================
    Disk: 2 (Size: 1863 GB) (Disk ID: 2B7E7AE6)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B130B9A3)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  6. Franksee

    Franksee Established Techie7 Member

    can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
    Ran by paulf (administrator) on DESKTOP-EF1V79E (25-11-2017 17:05:43)
    Running from H:\Google Downloads
    Loaded Profiles: paulf (Available Profiles: paulf)
    Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
    (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Valve Corporation) H:\Steam\Steam.exe
    (MY.COM B.V.) C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\wgc.exe
    () C:\Users\paulf\Desktop\DS4Windows.exe
    (Wargaming.net) H:\Wargaming.net\GameCenter\dlls\wgc_watchdog.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve Corporation) H:\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
    (Farbar) H:\Google Downloads\FRST64 (1).exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    "Path" (C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files\RogueKiller;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully
    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Steam] => H:\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [MyComGames] => C:\Users\paulf\AppData\Local\MyComGames\MyComGames.exe [5856656 2017-11-17] (MY.COM B.V.)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\Run: [Wargaming.net Game Center] => H:\Wargaming.net\GameCenter\wgc.exe [2000632 2017-11-13] (Wargaming.net)
    HKU\S-1-5-21-2516327635-2037600327-2752607068-1001\...\MountPoints2: {f44f6101-0e59-11e6-8651-806e6f6e6963} - "G:\.\Bin\Assetup.exe"
    Startup: C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-11-09]
    ShortcutTarget: DS4Windows.lnk -> C:\Users\paulf\Desktop\DS4Windows.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4e80d0d1-7973-46bb-8e64-d0f78b1cdc3d}: [DhcpNameServer] 10.14.0.1
    Tcpip\..\Interfaces\{e7fd5a58-669b-4e99-a226-61d19b0401bf}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-20] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-20] (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-20] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-11-20] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
    CHR Profile: C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
    CHR Extension: (Slides) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-16]
    CHR Extension: (Docs) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-16]
    CHR Extension: (Google Drive) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-16]
    CHR Extension: (YouTube) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-16]
    CHR Extension: (Sheets) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-16]
    CHR Extension: (Google Docs Offline) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-16]
    CHR Extension: (Gmail) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-16]
    CHR Extension: (Chrome Media Router) - C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.16\aaHMSvc.exe [947328 2011-08-09] (ASUSTeK Computer Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
    S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-11-14] (NVIDIA Corporation)
    R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
    S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
    R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-10-31] (Intel(R) Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
    S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation)
    R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-19] (Malwarebytes)
    R1 MpKsl505a9cef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{560A40B9-A5A3-44DE-9DE0-3A37D9ED0390}\MpKsl505a9cef.sys [58120 2017-11-25] (Microsoft Corporation)
    R3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] ()
    R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
    S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Windows (R) Win 7 DDK provider)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-14] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
    R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
    S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
    S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-21] (Oracle Corporation)
    S3 veebeampol; C:\WINDOWS\System32\drivers\veebeampol.sys [14952 2013-10-24] (Veebeam Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-11-24 22:34 - 2017-11-24 22:34 - 000002295 _____ C:\Users\paulf\Desktop\CoD WWII.lnk
    2017-11-24 21:30 - 2017-11-24 21:30 - 000000000 ____D C:\ProgramData\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000471 _____ C:\Users\Public\Desktop\Tom Clancy's Ghost Recon Wildlands.lnk
    2017-11-22 21:59 - 2017-11-22 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon Wildlands
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000718 _____ C:\Users\paulf\Desktop\Crysis 3.lnk
    2017-11-22 14:25 - 2017-11-22 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
    2017-11-22 14:17 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\uTorrent
    2017-11-22 14:10 - 2017-11-22 14:10 - 000001181 _____ C:\Users\paulf\Desktop\Spintires Mudrunner.lnk
    2017-11-22 13:56 - 2017-11-22 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SpinTires MudRunner
    2017-11-22 13:56 - 2017-11-22 13:56 - 000000000 ____D C:\Users\paulf\AppData\Roaming\SmartSteamEmu
    2017-11-21 20:27 - 2017-11-22 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-22 13:42 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA Corporation
    2017-11-21 20:27 - 2017-11-21 22:50 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:50 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
    2017-11-21 20:27 - 2017-11-21 22:49 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 22:49 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-11-21 20:27 - 2017-11-21 20:28 - 000000000 ____D C:\Users\paulf\AppData\Local\NVIDIA
    2017-11-21 20:27 - 2017-11-16 01:41 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2017-11-21 20:27 - 2017-11-16 01:41 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2017-11-21 20:26 - 2017-11-21 20:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2017-11-21 20:26 - 2017-11-16 01:41 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2017-11-21 20:26 - 2017-11-16 01:41 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2017-11-21 20:26 - 2017-11-16 00:53 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2017-11-21 20:26 - 2017-09-13 23:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2017-11-21 20:26 - 2017-09-13 23:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
    2017-11-21 20:26 - 2017-09-13 23:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2017-11-21 20:24 - 2017-11-16 01:41 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2017-11-21 20:24 - 2017-11-14 22:48 - 040237504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 035156600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 029272000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 023264864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 019038976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 011780376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 010883928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001673664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438831.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001135280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001044664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 001031288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000980928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000885496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000794576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000598648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2017-11-21 20:24 - 2017-11-14 22:48 - 000050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2017-11-21 20:21 - 2017-11-21 20:21 - 000000000 ____D C:\NVIDIA
    2017-11-21 20:05 - 2017-11-21 20:26 - 000000000 ____D C:\WINDOWS\LastGood
    2017-11-21 20:04 - 2017-11-21 20:04 - 673040100 _____ C:\WINDOWS\MEMORY.DMP
    2017-11-21 20:04 - 2017-11-21 20:04 - 000790916 _____ C:\WINDOWS\Minidump\112117-10000-01.dmp
    2017-11-21 20:04 - 2017-11-21 20:04 - 000000000 ____D C:\WINDOWS\Minidump
    2017-11-21 15:00 - 2017-11-21 15:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2017-11-21 14:30 - 2017-11-21 14:30 - 000000000 ____D C:\ProgramData\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2017-11-21 14:28 - 2017-11-21 14:28 - 000000000 ____D C:\Program Files (x86)\Intel
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2017-11-21 13:01 - 2017-11-21 13:01 - 000000000 ____D C:\Program Files\RogueKiller
    2017-11-21 03:29 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashDumps
    2017-11-20 17:28 - 2010-08-24 15:16 - 000013440 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
    2017-11-20 17:28 - 2010-06-29 15:41 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
    2017-11-20 17:26 - 2017-11-20 17:28 - 000000000 ____D C:\Program Files (x86)\ASUS
    2017-11-20 16:12 - 2017-11-20 16:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-11-20 16:09 - 2017-11-20 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2017-11-20 15:52 - 2017-11-20 15:54 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2017-11-19 23:42 - 2017-11-19 23:42 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Skype
    2017-11-19 21:22 - 2017-11-19 21:22 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2017-11-19 21:19 - 2017-11-20 15:51 - 000000000 ____D C:\Program Files\Microsoft Office
    2017-11-19 21:16 - 2017-11-19 21:18 - 000000000 ____D C:\Users\paulf\AppData\Local\MSfree Inc
    2017-11-19 20:06 - 2017-11-19 20:06 - 000000000 ____D C:\Users\paulf\AppData\Roaming\NVIDIA
    2017-11-19 20:05 - 2017-11-19 20:07 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Novabench
    2017-11-19 20:05 - 2017-11-19 20:06 - 000000000 ____D C:\ProgramData\Novabench
    2017-11-19 20:05 - 2017-11-19 20:05 - 000000000 ____D C:\Users\paulf\AppData\Local\Novabench
    2017-11-19 16:57 - 2017-11-19 21:19 - 000000000 ____D C:\Users\paulf\AppData\Local\SKIDROW
    2017-11-19 16:42 - 2017-11-22 14:19 - 000000000 ____D C:\ProgramData\Betternet
    2017-11-19 16:42 - 2017-11-19 16:42 - 000002026 _____ C:\Users\Public\Desktop\Betternet.lnk
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files\TAP-Windows
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\OpenVPN
    2017-11-19 16:42 - 2017-11-19 16:42 - 000000000 ____D C:\Program Files (x86)\Betternet
    2017-11-19 16:41 - 2017-11-19 16:41 - 000000000 ____D C:\Users\paulf\AppData\Local\Downloaded Installations
    2017-11-19 12:16 - 2017-11-19 12:16 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\SKS
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2017-11-19 12:11 - 2017-11-19 12:11 - 000000000 ____D C:\Program Files\7-Zip
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000815 _____ C:\Users\paulf\Desktop\Homefront The Revolution.lnk
    2017-11-19 10:39 - 2017-11-19 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homefront The Revolution
    2017-11-18 16:42 - 2017-11-09 04:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2017-11-18 16:42 - 2017-11-09 04:43 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2017-11-18 16:41 - 2017-11-18 16:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2017-11-18 15:44 - 2017-11-18 15:44 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Anno 2205
    2017-11-18 14:46 - 2017-11-18 14:46 - 000000000 ____D C:\Users\paulf\AppData\Local\Rockstar Games
    2017-11-18 14:45 - 2017-11-24 21:29 - 000000000 ____D C:\ProgramData\Package Cache
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Steam
    2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\ProgramData\Socialclub
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files\Rockstar Games
    2017-11-18 14:44 - 2017-11-18 14:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
    2017-11-18 14:02 - 2017-11-18 14:02 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
    2017-11-18 12:32 - 2017-11-18 12:32 - 000002259 _____ C:\WINDOWS\epplauncher.mif
    2017-11-18 09:00 - 2017-11-18 09:00 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    2017-11-18 09:00 - 2017-11-18 09:00 - 000000000 ____D C:\Program Files\VS Revo Group
    2017-11-18 08:45 - 2017-11-18 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 7 Biohazard
    2017-11-18 08:20 - 2017-11-21 13:01 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2017-11-18 08:19 - 2017-11-18 08:22 - 000000000 ____D C:\ProgramData\RogueKiller
    2017-11-17 21:22 - 2017-11-18 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast 2
    2017-11-17 15:36 - 2017-11-17 15:36 - 000000000 ____D C:\Users\paulf\AppData\Local\CrashRpt
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000772 _____ C:\Users\Public\Desktop\Anno 2205.lnk
    2017-11-17 14:23 - 2017-11-17 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
    2017-11-17 14:03 - 2017-11-17 16:09 - 000000581 _____ C:\Users\paulf\Desktop\Crossout Launcher.lnk
    2017-11-17 12:25 - 2017-11-17 12:25 - 000001624 _____ C:\Users\paulf\Desktop\World of Tanks EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:16 - 000000702 _____ C:\Users\paulf\Desktop\World of Warships EU.lnk
    2017-11-17 12:24 - 2017-11-17 16:12 - 000000000 ____D C:\ProgramData\boost_interprocess
    2017-11-17 12:24 - 2017-11-17 12:24 - 000000790 _____ C:\Users\paulf\Desktop\Game Center.lnk
    2017-11-17 12:23 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Local\MyComGames
    2017-11-17 12:23 - 2017-11-17 12:23 - 000002089 _____ C:\Users\paulf\Desktop\My.com Game Center.lnk
    2017-11-17 12:23 - 2017-11-17 12:23 - 000000140 _____ C:\Users\paulf\Desktop\Armored Warfare.url
    2017-11-17 12:21 - 2017-11-17 12:21 - 000000000 ____D C:\ProgramData\Wargaming.net
    2017-11-17 12:16 - 2017-11-17 12:24 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Wargaming.net
    2017-11-17 12:03 - 2017-11-17 12:03 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\ProgramData\Malwarebytes
    2017-11-17 12:03 - 2017-11-17 12:03 - 000000000 ____D C:\Program Files\Malwarebytes
    2017-11-17 12:03 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-11-17 11:59 - 2017-11-25 13:23 - 000000000 ____D C:\Users\paulf\AppData\Roaming\DS4Windows
    2017-11-17 11:59 - 2013-05-19 01:02 - 000039168 _____ (Scarlet.Crush Productions) C:\WINDOWS\system32\Drivers\ScpVBus.sys
    2017-11-17 11:56 - 2017-11-24 22:54 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uTorrent
    2017-11-17 11:56 - 2017-11-17 11:56 - 000000896 _____ C:\Users\paulf\Desktop\µTorrent.lnk
    2017-11-17 11:15 - 2017-11-17 11:16 - 000000000 ____D C:\Users\paulf\AppData\Local\Microsoft Windows
    2017-11-17 11:08 - 2017-11-17 12:30 - 000000000 ____D C:\Users\paulf\AppData\Local\Ubisoft Game Launcher
    2017-11-17 10:26 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2017-11-17 10:26 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2017-11-17 10:26 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
    2017-11-17 10:26 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
    2017-11-17 10:26 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2017-11-17 10:26 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
    2017-11-17 10:26 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
    2017-11-17 10:26 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
    2017-11-17 10:26 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
    2017-11-17 10:26 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
    2017-11-17 10:26 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
    2017-11-17 10:26 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
    2017-11-17 10:26 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
    2017-11-17 10:26 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
    2017-11-17 10:26 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
    2017-11-17 10:26 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
    2017-11-17 10:26 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
    2017-11-17 10:26 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
    2017-11-17 10:26 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2017-11-17 10:26 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
    2017-11-17 10:26 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
    2017-11-17 10:26 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
    2017-11-17 10:26 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
    2017-11-17 10:26 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2017-11-17 10:26 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
    2017-11-17 10:26 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
    2017-11-17 10:26 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
    2017-11-17 10:26 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
    2017-11-17 10:26 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
    2017-11-17 10:26 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
    2017-11-17 10:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
    2017-11-17 10:26 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
    2017-11-17 10:26 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
    2017-11-17 10:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
    2017-11-17 10:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
    2017-11-17 10:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
    2017-11-17 10:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
    2017-11-17 10:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
    2017-11-17 10:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
    2017-11-17 10:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
    2017-11-16 17:20 - 2017-11-16 17:20 - 000000000 ____D C:\Users\paulf\AppData\Local\Gaijin
    2017-11-16 17:18 - 2015-11-08 15:36 - 000000000 ____D C:\Users\paulf\AppData\Roaming\uplay
    2017-11-16 17:14 - 2017-11-16 17:15 - 000000000 ____D C:\Users\paulf\AppData\Local\Steam
    2017-11-16 17:14 - 2017-11-16 17:14 - 000000000 ____D C:\Users\paulf\AppData\Local\CEF
    2017-11-16 17:13 - 2017-11-16 17:13 - 000000000 ____D C:\Users\paulf\AppData\Local\Targem
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000549 _____ C:\Users\Public\Desktop\Steam.lnk
    2017-11-16 17:06 - 2017-11-16 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-16 17:02 - 2017-11-16 17:02 - 000000000 ____D C:\ProgramData\Gaijin
    2017-11-16 16:50 - 2017-11-16 16:50 - 000001358 _____ C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\explorer.lnk
    2017-11-16 16:11 - 2017-11-16 16:11 - 000000000 ___HD C:\ProgramData\CanonBJ
    2017-11-16 15:41 - 2017-11-21 13:08 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2017-11-16 15:39 - 2017-11-21 15:55 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-11-16 15:39 - 2017-11-21 15:53 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-11-16 15:36 - 2017-11-16 15:36 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Google
    2017-11-16 15:34 - 2017-11-16 15:34 - 000002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-11-16 15:33 - 2017-11-16 15:48 - 000000000 ____D C:\Users\paulf\AppData\Local\Google
    2017-11-16 15:33 - 2017-11-16 15:34 - 000000000 ____D C:\Program Files (x86)\Google
    2017-11-16 15:33 - 2017-11-16 15:33 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-11-16 15:33 - 2017-11-16 15:33 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-11-16 15:33 - 2017-11-16 15:33 - 000000000 ____D C:\Users\paulf\AppData\Local\MicrosoftEdge
    2017-11-16 02:04 - 2017-11-19 06:00 - 000000000 ____D C:\Windows.old
    2017-11-16 02:04 - 2017-11-16 02:04 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2017-11-16 02:04 - 2017-11-16 02:04 - 000000000 ____D C:\WINDOWS\InfusedApps
    2017-11-16 02:04 - 2017-11-15 18:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2017-11-16 02:02 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\Setup
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\winrm
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\WCN
     
  7. Franksee

    Franksee Established Techie7 Member

    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\slmgr
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\0409
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\OCR
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\DigitalLocker
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\MSBuild
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-11-16 01:59 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-11-16 01:57 - 2017-11-05 01:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2017-11-16 01:57 - 2017-11-05 01:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2017-11-16 01:55 - 2017-11-23 16:42 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-11-16 01:55 - 2017-11-23 16:42 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-11-16 01:55 - 2017-11-22 15:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-11-16 01:55 - 2017-11-21 22:06 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-11-16 01:55 - 2017-11-21 20:26 - 000000000 ___RD C:\Program Files (x86)
    2017-11-16 01:55 - 2017-11-21 14:59 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-11-16 01:55 - 2017-11-20 16:20 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-11-16 01:55 - 2017-11-19 14:26 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2017-11-16 01:55 - 2017-11-18 20:07 - 000000000 ____D C:\WINDOWS\rescache
    2017-11-16 01:55 - 2017-11-16 19:17 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
    2017-11-16 01:55 - 2017-11-16 19:17 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___SD C:\WINDOWS\system32\F12
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\setup
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\oobe
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\config\TxR
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\WINDOWS\Provisioning
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-11-16 01:55 - 2017-11-16 19:17 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-11-16 01:55 - 2017-11-16 06:58 - 000000000 ____D C:\WINDOWS\appcompat
    2017-11-16 01:55 - 2017-11-16 02:04 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ___RD C:\Program Files\Windows Defender
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\WINDOWS\system32\Dism
    2017-11-16 01:55 - 2017-11-16 02:02 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\system32\dsc
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\SystemApps
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\MUI
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\system32\Com
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\IME
    2017-11-16 01:55 - 2017-11-16 01:59 - 000000000 ____D C:\Program Files\Common Files\System
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
    2017-11-16 01:55 - 2017-11-16 01:56 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __SHD C:\Program Files\Windows Sidebar
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 __RSD C:\WINDOWS\Media
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\system32\Nui
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\system32\Configuration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Web
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Vss
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\tracing
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\TAPI
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SystemResources
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\winevt
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ras
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\PointOfService
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\MsDtc
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Ipmi
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\inetsrv
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\IME
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\icsxml
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\ias
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\downlevel
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\config\Journal
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\Bthprops
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\AppLocker
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\System
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SKB
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\security
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\schemas
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\SchCache
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Resources
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Registration
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\PLA
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Performance
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\ModemLogs
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\L2Schemas
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\InputMethod
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Globalization
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Cursors
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\Branding
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\bcastdvr
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\addins
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Security
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Portable Devices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows NT
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files\Common Files\Services
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows NT
    2017-11-16 01:55 - 2017-11-16 01:55 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2017-11-16 01:55 - 2017-11-16 01:54 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
    2017-11-16 01:55 - 2017-11-16 01:54 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
    2017-11-16 01:55 - 2017-11-16 01:54 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
    2017-11-16 01:55 - 2017-11-16 01:54 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2017-11-16 01:55 - 2017-11-16 01:54 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
    2017-11-16 01:55 - 2017-11-16 01:54 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
    2017-11-16 01:55 - 2017-11-16 01:54 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000219 _____ C:\WINDOWS\system.ini
    2017-11-16 01:55 - 2017-11-16 01:54 - 000000092 _____ C:\WINDOWS\win.ini
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\system32\spool
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2017-11-16 01:55 - 2017-11-15 18:27 - 000000000 ____D C:\ProgramData\USOPrivate
    2017-11-16 01:55 - 2017-11-15 18:25 - 000000000 __RHD C:\Users\Public\Libraries
    2017-11-16 01:55 - 2017-11-15 18:25 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2017-11-16 01:55 - 2017-11-15 18:23 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ___RD C:\WINDOWS\MiracastView
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ____D C:\WINDOWS\HoloShell
    2017-11-16 01:55 - 2017-11-15 18:22 - 000000000 ____D C:\WINDOWS\Help
    2017-11-16 01:55 - 2017-11-15 18:20 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
    2017-11-16 01:54 - 2017-11-22 15:11 - 000000000 ____D C:\WINDOWS\INF
    2017-11-16 01:50 - 2017-11-16 15:41 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-11-16 01:49 - 2017-11-22 14:38 - 091226112 _____ C:\WINDOWS\system32\config\SOFTWARE
    2017-11-16 01:49 - 2017-11-22 14:38 - 014417920 _____ C:\WINDOWS\system32\config\SYSTEM
    2017-11-16 01:49 - 2017-11-22 14:38 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2017-11-16 01:49 - 2017-11-22 14:38 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
    2017-11-16 01:49 - 2017-11-22 14:38 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY
    2017-11-16 01:49 - 2017-11-16 02:20 - 000057344 _____ C:\WINDOWS\system32\config\SAM
    2017-11-16 01:49 - 2017-11-16 01:59 - 000000000 ____D C:\WINDOWS\servicing
    2017-11-16 01:49 - 2017-11-16 01:55 - 000000000 ____D C:\WINDOWS\system32\SMI
    2017-11-16 01:49 - 2017-11-15 18:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2017-11-16 00:24 - 2017-11-15 18:27 - 000000000 ____D C:\WINDOWS\Panther
    2017-11-16 00:23 - 2017-11-16 02:04 - 000000000 ___HD C:\$SysReset
    2017-11-15 18:30 - 2017-11-15 18:30 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2516327635-2037600327-2752607068-1001
    2017-11-15 18:29 - 2017-11-17 14:34 - 000000000 ____D C:\Users\paulf\AppData\Local\Comms
    2017-11-15 18:29 - 2017-11-15 18:30 - 000002367 _____ C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-11-15 18:29 - 2017-11-15 18:29 - 000000000 ____D C:\Users\paulf\AppData\Local\DBG
    2017-11-15 18:29 - 2017-11-15 18:29 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2017-11-15 18:27 - 2017-11-22 13:46 - 000998954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-11-15 18:27 - 2017-11-17 11:13 - 000000000 ____D C:\Users\paulf\AppData\Local\Packages
    2017-11-15 18:27 - 2017-11-16 06:59 - 000000000 ____D C:\Users\paulf\AppData\Local\Publishers
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000020 ___SH C:\Users\paulf\ntuser.ini
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 _SHDL C:\Users\Default User
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 _SHDL C:\Users\All Users
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Adobe
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\VirtualStore
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\TileDataLayer
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\Users\paulf\AppData\Local\ConnectedDevicesPlatform
    2017-11-15 18:27 - 2017-11-15 18:27 - 000000000 ____D C:\ProgramData\USOShared
    2017-11-15 18:26 - 2017-11-22 15:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-11-15 18:24 - 2017-11-25 15:10 - 000000000 ____D C:\Users\paulf
    2017-11-15 18:23 - 2017-03-18 20:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2017-11-15 18:22 - 2017-11-25 13:26 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-11-15 18:22 - 2017-11-22 15:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-11-15 18:22 - 2017-11-14 20:15 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-11-15 18:22 - 2017-11-14 19:56 - 005960640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 002587584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 001766336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000607352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000449472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2017-11-15 18:22 - 2017-11-14 19:56 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2017-11-15 18:22 - 2017-11-10 06:09 - 007855841 _____ C:\WINDOWS\system32\nvcoproc.bin
    2017-11-15 18:21 - 2017-11-22 13:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-11-15 18:21 - 2017-11-21 22:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____H C:\ProgramData\DP45977C.lfl
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\WINDOWS\system32\DAX2
    2017-11-15 18:21 - 2017-11-15 18:21 - 000000000 ____D C:\Program Files\Realtek
    2017-11-15 18:20 - 2017-11-25 14:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-11-15 18:20 - 2017-11-21 12:22 - 000405072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-11-15 07:39 - 2017-11-15 07:39 - 006375008 _____ (Wargaming.net (c) 2009-2017 ) C:\Users\paulf\Downloads\world_of_warships_install_eu_bh6xk6nqzf3x (1).exe
    2017-11-14 22:29 - 2017-11-17 12:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
    2017-11-14 22:11 - 2017-11-14 22:12 - 006375008 _____ (Wargaming.net (c) 2009-2017 ) C:\Users\paulf\Downloads\world_of_warships_install_eu_bh6xk6nqzf3x.exe
    2017-11-14 19:18 - 2017-11-02 05:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2017-11-14 19:18 - 2017-11-02 04:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2017-11-14 19:18 - 2017-11-02 04:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2017-11-14 19:18 - 2017-11-02 04:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2017-11-14 19:18 - 2017-11-02 04:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2017-11-14 19:18 - 2017-11-02 04:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2017-11-14 19:18 - 2017-11-02 04:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-11-14 19:18 - 2017-11-02 04:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2017-11-14 19:18 - 2017-10-15 14:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
    2017-11-14 19:18 - 2017-10-15 14:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-11-14 19:18 - 2017-10-15 14:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2017-11-14 19:18 - 2017-10-15 14:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2017-11-14 19:18 - 2017-10-15 14:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2017-11-14 19:17 - 2017-11-02 05:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2017-11-14 19:17 - 2017-11-02 05:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2017-11-14 19:17 - 2017-11-02 05:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2017-11-14 19:17 - 2017-11-02 05:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2017-11-14 19:17 - 2017-11-02 05:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-11-14 19:17 - 2017-11-02 05:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2017-11-14 19:17 - 2017-11-02 05:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-11-14 19:17 - 2017-11-02 05:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2017-11-14 19:17 - 2017-11-02 05:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2017-11-14 19:17 - 2017-11-02 05:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-11-14 19:17 - 2017-11-02 05:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-11-14 19:17 - 2017-11-02 05:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2017-11-14 19:17 - 2017-11-02 05:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-11-14 19:17 - 2017-11-02 05:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2017-11-14 19:17 - 2017-11-02 05:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2017-11-14 19:17 - 2017-11-02 05:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2017-11-14 19:17 - 2017-11-02 05:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
    2017-11-14 19:17 - 2017-11-02 05:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2017-11-14 19:17 - 2017-11-02 05:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-11-14 19:17 - 2017-11-02 05:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-11-14 19:17 - 2017-11-02 05:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2017-11-14 19:17 - 2017-11-02 05:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2017-11-14 19:17 - 2017-11-02 05:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-11-14 19:17 - 2017-11-02 04:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2017-11-14 19:17 - 2017-11-02 04:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2017-11-14 19:17 - 2017-11-02 04:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2017-11-14 19:17 - 2017-11-02 04:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-11-14 19:17 - 2017-11-02 04:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-11-14 19:17 - 2017-11-02 04:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2017-11-14 19:17 - 2017-11-02 04:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-11-14 19:17 - 2017-11-02 04:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2017-11-14 19:17 - 2017-11-02 04:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2017-11-14 19:17 - 2017-11-02 04:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2017-11-14 19:17 - 2017-11-02 04:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2017-11-14 19:17 - 2017-11-02 04:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2017-11-14 19:17 - 2017-11-02 04:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
    2017-11-14 19:17 - 2017-11-02 04:35 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
    2017-11-14 19:17 - 2017-11-02 04:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2017-11-14 19:17 - 2017-11-02 04:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-11-14 19:17 - 2017-11-02 04:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2017-11-14 19:17 - 2017-11-02 04:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-11-14 19:17 - 2017-11-02 04:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-11-14 19:17 - 2017-11-02 04:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-11-14 19:17 - 2017-11-02 04:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-11-14 19:17 - 2017-11-02 04:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2017-11-14 19:17 - 2017-11-02 04:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-11-14 19:17 - 2017-11-02 04:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-11-14 19:17 - 2017-11-02 04:28 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-11-14 19:17 - 2017-11-02 04:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2017-11-14 19:17 - 2017-11-02 04:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2017-11-14 19:17 - 2017-11-02 04:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-11-14 19:17 - 2017-11-02 04:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2017-11-14 19:17 - 2017-11-02 04:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2017-11-14 19:17 - 2017-11-02 04:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
    2017-11-14 19:17 - 2017-11-02 04:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-11-14 19:17 - 2017-11-02 04:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
    2017-11-14 19:17 - 2017-11-02 04:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-11-14 19:17 - 2017-11-02 04:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-11-14 19:17 - 2017-11-02 04:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2017-11-14 19:17 - 2017-10-25 07:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2017-11-14 19:17 - 2017-10-15 15:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2017-11-14 19:17 - 2017-10-15 15:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-11-14 19:17 - 2017-10-15 15:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2017-11-14 19:17 - 2017-10-15 14:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2017-11-14 19:17 - 2017-10-15 14:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2017-11-14 19:17 - 2017-10-15 14:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2017-11-14 19:17 - 2017-10-15 14:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2017-11-14 19:17 - 2017-10-15 14:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2017-11-14 19:17 - 2017-10-15 14:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2017-11-14 19:17 - 2017-10-15 14:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
    2017-11-14 19:17 - 2017-10-15 14:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2017-11-14 19:17 - 2017-10-15 14:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2017-11-14 19:17 - 2017-10-15 14:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-11-14 19:17 - 2017-10-15 14:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2017-11-14 19:17 - 2017-10-15 14:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-11-14 19:17 - 2017-10-15 14:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-11-14 19:17 - 2017-10-15 14:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2017-11-14 19:17 - 2017-10-15 14:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2017-11-14 19:17 - 2017-10-15 14:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
    2017-11-14 19:17 - 2017-10-15 14:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
    2017-11-14 19:17 - 2017-10-15 14:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2017-11-14 19:17 - 2017-10-15 14:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-11-14 19:17 - 2017-10-15 14:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-11-14 19:17 - 2017-10-15 14:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-11-14 19:17 - 2017-10-15 14:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2017-11-14 19:17 - 2017-10-15 14:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2017-11-14 19:17 - 2017-10-15 14:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-11-14 19:17 - 2017-10-15 14:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-11-14 19:17 - 2017-10-15 14:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-11-14 19:17 - 2017-10-15 14:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
    2017-11-14 19:17 - 2017-10-15 14:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
    2017-11-13 17:51 - 2017-11-15 18:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
    2017-11-13 17:51 - 2017-11-13 17:51 - 072185968 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller (2).exe
    2017-11-13 08:05 - 2017-11-13 08:06 - 072185968 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller (1).exe
    2017-11-12 21:02 - 2017-11-12 21:02 - 000022164 _____ C:\Users\paulf\Downloads\1CCE29AD4F1E46239E4AFD4560084DD4D230F1C2.torrent
    2017-11-12 20:05 - 2017-11-12 20:05 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\TomTom
    2017-11-10 13:43 - 2017-11-15 18:25 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
    2017-11-10 13:42 - 2017-11-10 13:42 - 039234032 _____ C:\Users\paulf\Downloads\Afterburner_4.4.0.zip
    2017-11-10 13:29 - 2017-11-10 13:32 - 459940794 _____ C:\Users\paulf\Downloads\nvidia_388.13_w1064.zip
    2017-11-09 20:47 - 2016-10-08 22:17 - 003168256 _____ () C:\Users\paulf\Desktop\DS4Windows.exe
    2017-11-09 20:42 - 2017-11-09 20:42 - 001174539 _____ C:\Users\paulf\Downloads\DS4Windows.zip
    2017-11-09 16:51 - 2017-11-09 16:51 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Intel XTU Profiles
    2017-11-09 16:30 - 2017-11-09 16:30 - 038618496 _____ (Intel Corporation) C:\Users\paulf\Downloads\xtu-setup-exe.exe
    2017-11-09 16:03 - 2017-11-09 16:04 - 125914871 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-81-10_M7IGFHR_V10102 (1).zip
    2017-11-09 13:17 - 2017-11-09 13:17 - 032002048 _____ C:\Users\paulf\Downloads\EpicInstaller-6.7.0.msi
    2017-11-09 13:17 - 2017-11-09 13:17 - 032002048 _____ C:\Users\paulf\Downloads\EpicInstaller-6.7.0 (1).msi
    2017-11-09 04:39 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2017-11-09 04:38 - 2017-11-09 04:38 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
    2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
    2017-11-08 22:26 - 2017-11-08 22:26 - 001743008 _____ ( ) C:\Users\paulf\Downloads\cpu-z_1.81-en.exe
    2017-11-08 16:43 - 2017-11-08 16:44 - 116602337 _____ C:\Users\paulf\Downloads\AISuiteIII_V10159_DIP5_10390.zip
    2017-11-07 17:41 - 2017-11-07 17:41 - 008983107 _____ C:\Users\paulf\Downloads\Manual (1).pdf
    2017-11-07 17:34 - 2017-11-07 17:35 - 008983107 _____ C:\Users\paulf\Downloads\Manual.pdf
    2017-11-07 11:04 - 2017-11-07 11:05 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet (2).pdf
    2017-11-07 11:04 - 2017-11-07 11:04 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet.pdf
    2017-11-07 11:04 - 2017-11-07 11:04 - 000359677 _____ C:\Users\paulf\Downloads\Product_Sheet (1).pdf
    2017-11-05 21:23 - 2017-11-05 21:23 - 000012290 _____ C:\Users\paulf\Downloads\Paul-Heaton- -Jacqui-Abbott--What-Have-We-Become-(Deluxe-Edition)-Album-2014-zip.torrent
    2017-11-05 21:04 - 2017-11-05 21:04 - 002403328 _____ (Farbar) C:\Users\paulf\Downloads\FRST64 (1).exe
    2017-11-05 18:25 - 2017-11-05 18:26 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8 (2).exe
    2017-11-05 18:12 - 2017-11-05 18:13 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8 (1).exe
    2017-11-05 18:11 - 2017-11-05 18:12 - 094162904 _____ (Sony Interactive Entertainment Network America LLC) C:\Users\paulf\Downloads\PlayStationNow-9.7.8.exe
    2017-11-05 10:39 - 2017-11-05 10:39 - 008261584 _____ (Malwarebytes) C:\Users\paulf\Downloads\AdwCleaner.exe
    2017-11-05 10:30 - 2017-11-05 10:31 - 078346672 _____ (Malwarebytes ) C:\Users\paulf\Downloads\mb3-setup-consumer-3.3.1.2183.exe
    2017-11-04 20:47 - 2017-11-04 20:47 - 005603499 _____ (UserBenchmark.com) C:\Users\paulf\Desktop\UserBenchMark.exe
    2017-11-04 08:51 - 2017-11-04 08:56 - 460431568 _____ (NVIDIA Corporation) C:\Users\paulf\Downloads\388.13-desktop-win10-64bit-international-whql.exe
    2017-11-03 07:16 - 2017-11-03 07:16 - 036097984 _____ (Adlice Software ) C:\Users\paulf\Downloads\RogueKiller_setup_ref3.exe
    2017-11-02 20:40 - 2017-11-05 21:06 - 000065242 _____ C:\Users\paulf\Downloads\Addition.txt
    2017-11-02 20:39 - 2017-11-05 21:06 - 000157782 _____ C:\Users\paulf\Downloads\FRST.txt
    2017-11-02 20:38 - 2017-11-25 17:05 - 000000000 ____D C:\FRST
    2017-11-02 20:38 - 2017-11-02 20:38 - 002403328 _____ (Farbar) C:\Users\paulf\Downloads\FRST64.exe
    2017-11-02 20:28 - 2017-11-02 20:28 - 000656608 _____ (PC Drivers HeadQuarters LP) C:\Users\paulf\Downloads\DriverSupport.exe
    2017-11-02 16:30 - 2017-11-02 16:30 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Paradox Interactive
    2017-11-02 07:11 - 2017-11-02 07:11 - 000016523 _____ C:\Users\paulf\Downloads\charterhouse-invoice-194783.pdf
    2017-10-31 16:53 - 2017-10-31 16:54 - 016082320 _____ (Logitech Inc.) C:\Users\paulf\Downloads\lgs510_x64.exe
    2017-10-30 07:19 - 2017-10-30 07:19 - 000000000 ____D C:\Users\paulf\ansel
    2017-10-29 09:21 - 2017-10-29 09:21 - 000000000 ____D C:\Users\paulf\AppData\LocalLow\Kite Games
    2017-10-28 14:43 - 2017-10-28 14:44 - 096575488 _____ C:\Users\paulf\Downloads\novabench.msi
    2017-10-28 13:37 - 2017-10-28 13:37 - 001949047 _____ C:\Users\paulf\Downloads\The Last of US PC Installer.rar
    2017-10-28 12:30 - 2017-10-28 12:34 - 072177800 _____ (Ubisoft) C:\Users\paulf\Downloads\UplayInstaller.exe
    2017-10-28 11:34 - 2017-10-28 11:34 - 076775409 _____ C:\Users\paulf\Downloads\AISuite3_Win10_V10147.zip
    2017-10-28 10:56 - 2017-10-28 10:56 - 125914871 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-81-10_M7IGFHR_V10102.zip
    2017-10-28 10:54 - 2017-10-28 10:54 - 019191253 _____ C:\Users\paulf\Downloads\AISuiteV10425.zip
    2017-10-28 10:53 - 2017-10-28 10:53 - 021616952 _____ C:\Users\paulf\Downloads\AISuite_V10524.zip
    2017-10-28 10:52 - 2017-10-28 10:52 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7 (2).zip
    2017-10-28 10:52 - 2017-10-28 10:52 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7 (2).zip
    2017-10-27 20:44 - 2017-10-27 20:44 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\DyingLight
    2017-10-27 15:10 - 2017-10-27 15:10 - 004355608 _____ C:\Users\paulf\Downloads\TurboV_V10204_XpVistaWin7.zip
    2017-10-27 15:02 - 2017-10-27 15:02 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7 (1).zip
    2017-10-27 15:01 - 2017-10-27 15:01 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7 (1).zip
    2017-10-27 14:59 - 2017-10-27 14:59 - 021850479 _____ C:\Users\paulf\Downloads\AiSuite_V10532.zip
    2017-10-27 14:58 - 2017-10-27 14:58 - 022614773 _____ C:\Users\paulf\Downloads\AISuite_V10538_XpVistaWin7.zip
    2017-10-27 14:57 - 2017-10-27 14:57 - 023737323 _____ C:\Users\paulf\Downloads\ASUS_AISuite_V10614_XPVISTAWIN7.zip
    2017-10-27 14:40 - 2017-10-27 14:40 - 030857076 _____ C:\Users\paulf\Downloads\AI_Suite_II_Win7_Z10215.zip
    2017-10-27 14:22 - 2017-10-27 14:26 - 167887028 _____ C:\Users\paulf\Downloads\AISuite3_Win7-8-8-1_Z87-DELUXE-1.zip
    2017-10-27 06:56 - 2017-10-27 06:56 - 000231760 _____ C:\Users\paulf\Downloads\CrucialUKScan.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-11-22 15:12 - 2016-07-07 11:51 - 000000000 ____D C:\Temp
    2017-11-21 13:31 - 2016-10-25 20:00 - 000000000 ____D C:\AdwCleaner
    2017-11-18 14:46 - 2017-09-23 12:11 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Rockstar Games
    2017-11-17 12:24 - 2016-04-29 13:49 - 000000000 ____D C:\Games
    2017-11-17 12:23 - 2017-07-14 12:31 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
    2017-11-17 12:15 - 2017-08-26 16:35 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
    2017-11-16 19:19 - 2016-02-13 13:20 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-11-16 17:18 - 2017-04-29 19:02 - 000000199 _____ C:\Users\paulf\Desktop\Counter-Strike Global Offensive.url
    2017-11-16 01:53 - 2017-03-18 20:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
    2017-11-15 18:30 - 2016-04-29 13:40 - 000000000 ___RD C:\Users\paulf\OneDrive
    2017-11-15 18:25 - 2017-07-15 10:30 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
    2017-11-15 18:25 - 2017-07-14 15:02 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
    2017-11-15 18:25 - 2016-12-21 18:10 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
    2017-11-15 18:25 - 2016-05-20 07:41 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-15 07:50 - 2017-07-25 20:54 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\Outlook Files
    2017-11-14 22:48 - 2017-05-19 16:47 - 004484864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2017-11-14 22:48 - 2017-05-19 13:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
    2017-11-14 07:30 - 2017-03-28 15:15 - 000000000 ____D C:\Users\paulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
    2017-11-13 22:02 - 2016-05-14 10:21 - 000000000 ____D C:\Users\paulf\OneDrive\Documents\My Games

    Some files in TEMP:
    ====================
    2017-11-18 08:19 - 2017-10-24 23:36 - 001930840 _____ (Microsoft Corporation) C:\Users\paulf\AppData\Local\Temp\dllnt_dump.dll
    2017-11-21 20:05 - 2017-10-27 16:06 - 000874368 _____ (NVIDIA Corporation) C:\Users\paulf\AppData\Local\Temp\nvSCPAPI64.dll
    2017-11-21 20:24 - 2017-10-27 16:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\paulf\AppData\Local\Temp\nvStInst.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-11-15 18:05

    ==================== End of FRST.txt ============================
     
  8. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Those are clean.

    Last scans...

    [​IMG] Download Security Check from here or here and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    [​IMG] Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services

    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    [​IMG] Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    [​IMG] Download Sophos Free Virus Removal Tool and save it to your desktop.
    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program
     
  9. Franksee

    Franksee Established Techie7 Member

    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Defender
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Google Chrome (62.0.3202.94)
    Google Chrome (SetupMetrics...)
    ````````Process Check: objlist.exe by Laurent````````
    Windows Defender MSMpEng.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamtray.exe
    Windows Defender MSASCuiL.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````



    Farbar Service Scanner Version: 27-01-2016
    Ran by paulf (administrator) on 26-11-2017 at 12:47:14
    Running from "H:\Google Downloads"
    Microsoft Windows 10 Home (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Security Center:
    ============


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is set to Demand. The default start type is Auto.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     
  10. Franksee

    Franksee Established Techie7 Member

    Farbar Service Scanner Version: 27-01-2016
    Ran by paulf (administrator) on 27-11-2017 at 08:08:03
    Running from "H:\Google Downloads"
    Microsoft Windows 10 Home (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Security Center:
    ============
     
  11. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Sophos?
     
  12. Franksee

    Franksee Established Techie7 Member

    Hi Broni, Sophos still running
     
  13. Franksee

    Franksee Established Techie7 Member

    2017-11-27 08:11:37.618 Sophos Virus Removal Tool version 2.6.1
    2017-11-27 08:11:37.618 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

    2017-11-27 08:11:37.618 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2017-11-27 08:11:37.618 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2017-11-27 08:11:37.618 Checking for updates...
    2017-11-27 08:11:37.628 Update progress: proxy server not available
    2017-11-27 08:11:47.504 Option all = no
    2017-11-27 08:11:47.504 Option recurse = yes
    2017-11-27 08:11:47.508 Option archive = no
    2017-11-27 08:11:47.508 Option service = yes
    2017-11-27 08:11:47.508 Option confirm = yes
    2017-11-27 08:11:47.508 Option sxl = yes
    2017-11-27 08:11:47.508 Option max-data-age = 35
    2017-11-27 08:11:47.508 Option vdl-logging = yes
    2017-11-27 08:11:47.517 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 08:11:47.517 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 08:11:47.517 Component SVRTcli.exe version 2.6.1
    2017-11-27 08:11:47.517 Component control.dll version 2.6.1
    2017-11-27 08:11:47.517 Component SVRTservice.exe version 2.6.1
    2017-11-27 08:11:47.517 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 08:11:47.518 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 08:11:47.518 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 08:11:47.518 Component rkdisk.dll version 1.5.31.1
    2017-11-27 08:11:47.518 Version info: Product version 2.6.1
    2017-11-27 08:11:47.519 Version info: Detection engine 3.68.6
    2017-11-27 08:11:47.519 Version info: Detection data 5.44
    2017-11-27 08:11:47.519 Version info: Build date 19/09/2017
    2017-11-27 08:11:47.519 Version info: Data files added 462
    2017-11-27 08:11:47.519 Version info: Last successful update (not yet updated)
    2017-11-27 08:11:53.363 Downloading updates...
    2017-11-27 08:11:53.364 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 08:11:53.365 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
    2017-11-27 08:11:53.365 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
    2017-11-27 08:11:53.365 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 08:11:54.182 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
    2017-11-27 08:11:54.182 Update progress: [I19463] Product download size 174235198 bytes
    2017-11-27 08:11:58.787 Update progress: [I19463] Syncing product IDE545 LATEST path=
    2017-11-27 08:11:58.787 Update progress: [I19463] Product download size 2585002 bytes
    2017-11-27 08:11:59.558 Update progress: [I19463] Syncing product IDE546 LATEST path=
    2017-11-27 08:11:59.558 Update progress: [I19463] Product download size 3165416 bytes
    2017-11-27 08:12:00.560 Update progress: [I19463] Syncing product IDE547 LATEST path=
    2017-11-27 08:12:00.560 Update progress: [I19463] Product download size 3357496 bytes
    2017-11-27 08:12:01.280 Update progress: [I19463] Syncing product IDE548 LATEST path=
    2017-11-27 08:12:01.344 Installing updates...
    2017-11-27 08:12:02.146 Error level 1
    2017-11-27 08:12:09.234 Update successful
    2017-11-27 08:12:19.225 Option all = no
    2017-11-27 08:12:19.225 Option recurse = yes
    2017-11-27 08:12:19.225 Option archive = no
    2017-11-27 08:12:19.225 Option service = yes
    2017-11-27 08:12:19.225 Option confirm = yes
    2017-11-27 08:12:19.225 Option sxl = yes
    2017-11-27 08:12:19.227 Option max-data-age = 35
    2017-11-27 08:12:19.227 Option vdl-logging = yes
    2017-11-27 08:12:19.238 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 08:12:19.238 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 08:12:19.238 Component SVRTcli.exe version 2.6.1
    2017-11-27 08:12:19.238 Component control.dll version 2.6.1
    2017-11-27 08:12:19.238 Component SVRTservice.exe version 2.6.1
    2017-11-27 08:12:19.239 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 08:12:19.239 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 08:12:19.239 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 08:12:19.239 Component rkdisk.dll version 1.5.31.1
    2017-11-27 08:12:19.239 Version info: Product version 2.6.1
    2017-11-27 08:12:19.240 Version info: Detection engine 3.68.6
    2017-11-27 08:12:19.240 Version info: Detection data 5.44
    2017-11-27 08:12:19.240 Version info: Build date 19/09/2017
    2017-11-27 08:12:19.240 Version info: Data files added 463
    2017-11-27 08:12:19.240 Version info: Last successful update 27/11/2017 08:12:09

    2017-11-27 14:08:27.739 Could not open C:\hiberfil.sys
    2017-11-27 14:08:55.902 Could not open C:\pagefile.sys
    2017-11-27 14:28:46.055 Sophos Virus Removal Tool version 2.6.1
    2017-11-27 14:28:46.055 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

    2017-11-27 14:28:46.055 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2017-11-27 14:28:46.055 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2017-11-27 14:28:46.055 Checking for updates...
    2017-11-27 14:28:46.065 Update progress: proxy server not available
    2017-11-27 14:28:54.326 Downloading updates...
    2017-11-27 14:28:54.327 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 14:28:54.327 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
    2017-11-27 14:28:54.327 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
    2017-11-27 14:28:54.327 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 14:28:57.361 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
    2017-11-27 14:28:58.123 Update progress: [I19463] Syncing product IDE545 LATEST path=
    2017-11-27 14:28:59.161 Update progress: [I19463] Syncing product IDE546 LATEST path=
    2017-11-27 14:28:59.392 Option all = no
    2017-11-27 14:28:59.392 Option recurse = yes
    2017-11-27 14:28:59.392 Option archive = no
    2017-11-27 14:28:59.392 Option service = yes
    2017-11-27 14:28:59.392 Option confirm = yes
    2017-11-27 14:28:59.392 Option sxl = yes
    2017-11-27 14:28:59.393 Option max-data-age = 35
    2017-11-27 14:28:59.393 Option vdl-logging = yes
    2017-11-27 14:28:59.404 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 14:28:59.404 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 14:28:59.446 Component SVRTcli.exe version 2.6.1
    2017-11-27 14:28:59.446 Component control.dll version 2.6.1
    2017-11-27 14:28:59.446 Component SVRTservice.exe version 2.6.1
    2017-11-27 14:28:59.446 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 14:28:59.446 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 14:28:59.446 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 14:28:59.483 Component rkdisk.dll version 1.5.31.1
    2017-11-27 14:28:59.483 Version info: Product version 2.6.1
    2017-11-27 14:28:59.483 Version info: Detection engine 3.68.6
    2017-11-27 14:28:59.483 Version info: Detection data 5.44
    2017-11-27 14:28:59.483 Version info: Build date 19/09/2017
    2017-11-27 14:28:59.483 Version info: Data files added 463
    2017-11-27 14:28:59.484 Version info: Last successful update 27/11/2017 08:12:09
    2017-11-27 14:28:59.893 Update progress: [I19463] Syncing product IDE547 LATEST path=
    2017-11-27 14:28:59.893 Update progress: [I19463] Product download size 28832 bytes
    2017-11-27 14:28:59.928 Update progress: [I19463] Syncing product IDE548 LATEST path=
    2017-11-27 14:28:59.992 Installing updates...
    2017-11-27 14:29:00.796 Error level 1
    2017-11-27 14:29:01.228 Update successful
    2017-11-27 14:29:10.779 Option all = no
    2017-11-27 14:29:10.779 Option recurse = yes
    2017-11-27 14:29:10.780 Option archive = no
    2017-11-27 14:29:10.780 Option service = yes
    2017-11-27 14:29:10.780 Option confirm = yes
    2017-11-27 14:29:10.780 Option sxl = yes
    2017-11-27 14:29:10.781 Option max-data-age = 35
    2017-11-27 14:29:10.781 Option vdl-logging = yes
    2017-11-27 14:29:10.792 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 14:29:10.792 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 14:29:10.792 Component SVRTcli.exe version 2.6.1
    2017-11-27 14:29:10.792 Component control.dll version 2.6.1
    2017-11-27 14:29:10.792 Component SVRTservice.exe version 2.6.1
    2017-11-27 14:29:10.793 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 14:29:10.793 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 14:29:10.793 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 14:29:10.793 Component rkdisk.dll version 1.5.31.1
    2017-11-27 14:29:10.793 Version info: Product version 2.6.1
    2017-11-27 14:29:10.794 Version info: Detection engine 3.68.6
    2017-11-27 14:29:10.794 Version info: Detection data 5.44
    2017-11-27 14:29:10.794 Version info: Build date 19/09/2017
    2017-11-27 14:29:10.794 Version info: Data files added 464
    2017-11-27 14:29:10.794 Version info: Last successful update 27/11/2017 14:29:01

    2017-11-27 16:04:39.704 Sophos Virus Removal Tool version 2.6.1
    2017-11-27 16:04:39.704 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

    2017-11-27 16:04:39.705 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2017-11-27 16:04:39.705 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2017-11-27 16:04:39.705 Checking for updates...
    2017-11-27 16:04:39.718 Update progress: proxy server not available
    2017-11-27 16:04:46.270 Downloading updates...
    2017-11-27 16:04:46.272 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
    2017-11-27 16:04:46.272 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 16:04:46.272 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 16:04:46.272 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
    2017-11-27 16:04:46.272 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
    2017-11-27 16:04:46.272 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
    2017-11-27 16:04:46.272 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
    2017-11-27 16:04:46.272 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
    2017-11-27 16:04:46.272 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
    2017-11-27 16:04:46.273 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
    2017-11-27 16:04:46.273 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
    2017-11-27 16:04:46.273 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
    2017-11-27 16:04:46.273 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-27 16:04:49.998 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
    2017-11-27 16:04:50.877 Update progress: [I19463] Syncing product IDE545 LATEST path=
    2017-11-27 16:04:52.471 Update progress: [I19463] Syncing product IDE546 LATEST path=
    2017-11-27 16:04:53.267 Update progress: [I19463] Syncing product IDE547 LATEST path=
    2017-11-27 16:04:53.269 Update progress: [I19463] Syncing product IDE548 LATEST path=
    2017-11-27 16:04:53.328 Installing updates...
    2017-11-27 16:04:57.314 Option all = no
    2017-11-27 16:04:58.116 Option recurse = yes
    2017-11-27 16:04:58.116 Option archive = no
    2017-11-27 16:04:58.116 Option service = yes
    2017-11-27 16:04:58.116 Option confirm = yes
    2017-11-27 16:04:58.116 Option sxl = yes
    2017-11-27 16:04:58.116 Option max-data-age = 35
    2017-11-27 16:04:58.116 Option vdl-logging = yes
    2017-11-27 16:04:58.116 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 16:04:58.116 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 16:04:58.116 Component SVRTcli.exe version 2.6.1
    2017-11-27 16:04:58.116 Component control.dll version 2.6.1
    2017-11-27 16:04:58.117 Component SVRTservice.exe version 2.6.1
    2017-11-27 16:04:58.117 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 16:04:58.117 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 16:04:58.117 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 16:04:58.117 Component rkdisk.dll version 1.5.31.1
    2017-11-27 16:04:58.117 Version info: Product version 2.6.1
    2017-11-27 16:04:58.117 Version info: Detection engine 3.68.6
    2017-11-27 16:04:58.117 Version info: Detection data 5.44
    2017-11-27 16:04:58.117 Version info: Build date 19/09/2017
    2017-11-27 16:04:58.117 Version info: Data files added 464
    2017-11-27 16:04:58.117 Version info: Last successful update 27/11/2017 14:29:01
    2017-11-27 16:04:58.117 Error level 1
    2017-11-27 16:04:58.540 Update successful
    2017-11-27 16:05:08.309 Option all = no
    2017-11-27 16:05:08.309 Option recurse = yes
    2017-11-27 16:05:08.309 Option archive = no
    2017-11-27 16:05:08.309 Option service = yes
    2017-11-27 16:05:08.309 Option confirm = yes
    2017-11-27 16:05:08.309 Option sxl = yes
    2017-11-27 16:05:08.310 Option max-data-age = 35
    2017-11-27 16:05:08.310 Option vdl-logging = yes
    2017-11-27 16:05:08.321 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-27 16:05:08.321 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-27 16:05:08.321 Component SVRTcli.exe version 2.6.1
    2017-11-27 16:05:08.321 Component control.dll version 2.6.1
    2017-11-27 16:05:08.321 Component SVRTservice.exe version 2.6.1
    2017-11-27 16:05:08.321 Component engine\osdp.dll version 1.44.1.2286
    2017-11-27 16:05:08.322 Component engine\veex.dll version 3.68.6.2286
    2017-11-27 16:05:08.322 Component engine\savi.dll version 9.0.7.2286
    2017-11-27 16:05:08.322 Component rkdisk.dll version 1.5.31.1
    2017-11-27 16:05:08.322 Version info: Product version 2.6.1
    2017-11-27 16:05:08.323 Version info: Detection engine 3.68.6
    2017-11-27 16:05:08.323 Version info: Detection data 5.44
    2017-11-27 16:05:08.323 Version info: Build date 19/09/2017
    2017-11-27 16:05:08.323 Version info: Data files added 464
    2017-11-27 16:05:08.323 Version info: Last successful update 27/11/2017 16:04:58

    2017-11-27 19:26:39.976 Could not open C:\hiberfil.sys
    2017-11-27 19:27:15.271 Could not open C:\pagefile.sys
    2017-11-27 19:33:17.771 Could not open C:\swapfile.sys
    2017-11-27 19:33:36.224 Could not open C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Current Session
    2017-11-27 19:33:36.225 Could not open C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
    2017-11-27 19:41:00.881 Could not open C:\Windows\System32\config\BBI
    2017-11-27 19:41:00.918 Could not open C:\Windows\System32\config\RegBack\DEFAULT
    2017-11-27 19:41:00.920 Could not open C:\Windows\System32\config\RegBack\SAM
    2017-11-27 19:41:00.921 Could not open C:\Windows\System32\config\RegBack\SECURITY
    2017-11-27 19:41:00.923 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
    2017-11-27 19:41:00.924 Could not open C:\Windows\System32\config\RegBack\SYSTEM
    2017-11-27 22:04:05.101 >>> Virus 'Troj/Agent-XCR' found in file H:\250 gb HD\Mr DJ\Grand Theft Auto IV\1911.dll
    2017-11-27 22:04:15.399 >>> Virus 'Troj/Sirefef-T' found in file H:\250 gb HD\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe
    2017-11-27 22:09:31.986 >>> Virus 'Mal/VMProtBad-A' found in file H:\250 gb HD\Rome Total War\Total War. Rome II - Emperor Edition\steam_api.dll
    2017-11-27 22:10:18.231 >>> Virus 'Mal/Scribble-D' found in file H:\Crysis 3\Bin32\Crysis3.exe
    2017-11-27 22:10:18.232 Disinfection not offered
    2017-11-27 22:10:22.480 >>> Virus 'Troj/Agent-AJTU' found in file H:\Crysis 3\Bin32\rld.dll
    2017-11-27 22:21:44.346 >>> Virus 'Mal/Generic-S' found in file H:\Tom Clancy's Ghost Recon Wildlands\dbdata.dll
    2017-11-27 22:22:48.660 The following items will be cleaned up:
    2017-11-27 22:22:48.660 Troj/Agent-XCR
    2017-11-27 22:22:48.660 Troj/Sirefef-T
    2017-11-27 22:22:48.660 Mal/VMProtBad-A
    2017-11-27 22:22:48.660 Troj/Agent-AJTU
    2017-11-27 22:22:48.660 Mal/Generic-S
    2017-11-27 22:22:48.660 Mal/Scribble-D
    2017-11-27 22:24:02.717 Threat 'Troj/Agent-XCR' has been cleaned up.
    2017-11-27 22:24:02.717 File "H:\250 gb HD\Mr DJ\Grand Theft Auto IV\1911.dll" belongs to 'Troj/Agent-XCR'.
    2017-11-27 22:24:02.717 File "H:\250 gb HD\Mr DJ\Grand Theft Auto IV\1911.dll" has been cleaned up.
    2017-11-27 22:24:02.717 Removal successful
    2017-11-27 22:24:06.410 Threat 'Troj/Sirefef-T' has been cleaned up.
    2017-11-27 22:24:06.410 File "H:\250 gb HD\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe" belongs to 'Troj/Sirefef-T'.
    2017-11-27 22:24:06.410 File "H:\250 gb HD\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe" has been cleaned up.
    2017-11-27 22:24:06.410 Removal successful
    2017-11-27 22:24:12.920 Threat 'Mal/VMProtBad-A' has been cleaned up.
    2017-11-27 22:24:12.920 File "H:\250 gb HD\Rome Total War\Total War. Rome II - Emperor Edition\steam_api.dll" belongs to malware 'Mal/VMProtBad-A'.
    2017-11-27 22:24:12.920 File "H:\250 gb HD\Rome Total War\Total War. Rome II - Emperor Edition\steam_api.dll" has been cleaned up.
    2017-11-27 22:24:12.920 Removal successful
    2017-11-27 22:24:16.423 Threat 'Troj/Agent-AJTU' has been cleaned up.
    2017-11-27 22:24:16.423 File "H:\Crysis 3\Bin32\rld.dll" belongs to 'Troj/Agent-AJTU'.
    2017-11-27 22:24:16.423 File "H:\Crysis 3\Bin32\rld.dll" has been cleaned up.
    2017-11-27 22:24:16.423 Removal successful
    2017-11-27 22:24:20.058 Threat 'Mal/Generic-S' has been cleaned up.
    2017-11-27 22:24:20.058 File "H:\Tom Clancy's Ghost Recon Wildlands\dbdata.dll" belongs to malware 'Mal/Generic-S'.
    2017-11-27 22:24:20.058 File "H:\Tom Clancy's Ghost Recon Wildlands\dbdata.dll" has been cleaned up.
    2017-11-27 22:24:20.058 Removal successful
    2017-11-27 22:24:26.887 >>> Virus 'Mal/Scribble-D' found in file H:\Crysis 3\Bin32\Crysis3.exe
    2017-11-27 22:24:26.887 Disinfection not offered
    2017-11-27 22:24:26.887 Disinfection failed [0xa0040208]
    2017-11-27 22:24:26.888 Error: cleanup failed.
    2017-11-27 22:24:27.629 Error level 0

    2017-11-27 22:25:39.109

    ------------------------------------------------------------

    2017-11-28 08:33:46.755 Sophos Virus Removal Tool version 2.6.1
    2017-11-28 08:33:46.755 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

    2017-11-28 08:33:46.755 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

    2017-11-28 08:33:46.755 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64
    2017-11-28 08:33:46.755 Checking for updates...
    2017-11-28 08:33:46.770 Update progress: proxy server not available
    2017-11-28 08:33:49.746 Downloading updates...
    2017-11-28 08:33:49.762 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-28 08:33:49.762 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I49502] sdds.data0910.xml: found supplement IDE545 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE545 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE545 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I49502] sdds.data0910.xml: found supplement IDE546 LATEST path= baseVersion= [included from product IDE545 LATEST path=]
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE546 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE546 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product IDE546 LATEST path=]
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
    2017-11-28 08:33:49.762 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
    2017-11-28 08:33:49.762 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
    2017-11-28 08:33:53.042 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
    2017-11-28 08:33:53.845 Update progress: [I19463] Syncing product IDE545 LATEST path=
    2017-11-28 08:33:54.916 Update progress: [I19463] Syncing product IDE546 LATEST path=
    2017-11-28 08:33:55.718 Update progress: [I19463] Syncing product IDE547 LATEST path=
    2017-11-28 08:33:55.718 Update progress: [I19463] Product download size 61390 bytes
    2017-11-28 08:33:55.797 Update progress: [I19463] Syncing product IDE548 LATEST path=
    2017-11-28 08:33:55.843 Installing updates...
    2017-11-28 08:34:01.262 Option all = no
    2017-11-28 08:34:02.064 Option recurse = yes
    2017-11-28 08:34:02.064 Option archive = no
    2017-11-28 08:34:02.064 Option service = yes
    2017-11-28 08:34:02.064 Option confirm = yes
    2017-11-28 08:34:02.064 Option sxl = yes
    2017-11-28 08:34:02.064 Option max-data-age = 35
    2017-11-28 08:34:02.064 Option vdl-logging = yes
    2017-11-28 08:34:02.064 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-28 08:34:02.064 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-28 08:34:02.064 Component SVRTcli.exe version 2.6.1
    2017-11-28 08:34:02.064 Component control.dll version 2.6.1
    2017-11-28 08:34:02.064 Component SVRTservice.exe version 2.6.1
    2017-11-28 08:34:02.064 Component engine\osdp.dll version 1.44.1.2286
    2017-11-28 08:34:02.064 Component engine\veex.dll version 3.68.6.2286
    2017-11-28 08:34:02.064 Component engine\savi.dll version 9.0.7.2286
    2017-11-28 08:34:02.064 Component rkdisk.dll version 1.5.31.1
    2017-11-28 08:34:02.064 Version info: Product version 2.6.1
    2017-11-28 08:34:02.064 Version info: Detection engine 3.68.6
    2017-11-28 08:34:02.064 Version info: Detection data 5.44
    2017-11-28 08:34:02.064 Version info: Build date 19/09/2017
    2017-11-28 08:34:02.064 Version info: Data files added 464
    2017-11-28 08:34:02.064 Version info: Last successful update 27/11/2017 16:04:58
    2017-11-28 08:34:02.064 Error level 1
    2017-11-28 08:34:02.497 Update successful
    2017-11-28 08:34:12.698 Option all = no
    2017-11-28 08:34:12.698 Option recurse = yes
    2017-11-28 08:34:12.698 Option archive = no
    2017-11-28 08:34:12.698 Option service = yes
    2017-11-28 08:34:12.698 Option confirm = yes
    2017-11-28 08:34:12.698 Option sxl = yes
    2017-11-28 08:34:12.699 Option max-data-age = 35
    2017-11-28 08:34:12.699 Option vdl-logging = yes
    2017-11-28 08:34:12.710 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
    2017-11-28 08:34:12.710 Machine ID: 7a205026fb844a36b80814dc6aa943e9
    2017-11-28 08:34:12.711 Component SVRTcli.exe version 2.6.1
    2017-11-28 08:34:12.711 Component control.dll version 2.6.1
    2017-11-28 08:34:12.711 Component SVRTservice.exe version 2.6.1
    2017-11-28 08:34:12.711 Component engine\osdp.dll version 1.44.1.2286
    2017-11-28 08:34:12.711 Component engine\veex.dll version 3.68.6.2286
    2017-11-28 08:34:12.711 Component engine\savi.dll version 9.0.7.2286
    2017-11-28 08:34:12.711 Component rkdisk.dll version 1.5.31.1
    2017-11-28 08:34:12.711 Version info: Product version 2.6.1
    2017-11-28 08:34:12.712 Version info: Detection engine 3.68.6
    2017-11-28 08:34:12.712 Version info: Detection data 5.44
    2017-11-28 08:34:12.712 Version info: Build date 19/09/2017
    2017-11-28 08:34:12.712 Version info: Data files added 466
    2017-11-28 08:34:12.712 Version info: Last successful update 28/11/2017 08:34:02

    2017-11-28 11:30:53.805 Could not open C:\hiberfil.sys
    2017-11-28 11:31:24.490 Could not open C:\pagefile.sys
    2017-11-28 11:36:31.723 Could not open C:\swapfile.sys
    2017-11-28 11:36:47.440 Could not open C:\Users\paulf\AppData\Local\Google\Chrome\User Data\Default\Current Session
    2017-11-28 11:43:09.063 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
    2017-11-28 11:43:09.063 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
    2017-11-28 11:43:11.589 Could not open C:\Windows\System32\config\BBI
    2017-11-28 11:43:11.621 Could not open C:\Windows\System32\config\RegBack\DEFAULT
    2017-11-28 11:43:11.621 Could not open C:\Windows\System32\config\RegBack\SAM
    2017-11-28 11:43:11.621 Could not open C:\Windows\System32\config\RegBack\SECURITY
    2017-11-28 11:43:11.621 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
    2017-11-28 11:43:11.621 Could not open C:\Windows\System32\config\RegBack\SYSTEM
    2017-11-28 14:06:47.539 >>> Virus 'Mal/Scribble-D' found in file H:\Crysis 3\Bin32\Crysis3.exe
    2017-11-28 14:06:47.539 Disinfection not offered
    2017-11-28 14:15:44.787 The following items will be cleaned up:
    2017-11-28 14:15:44.787 Mal/Scribble-D
     
  14. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Your computer is clean [​IMG]

    1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
    This is a very crucial step so make sure you don't skip it.
    Download [​IMG]DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

    Double-click Delfix.exe to start the tool.
    Make sure the following items are checked:
    • Activate UAC (optional; some users prefer to keep it off)
    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    • Reset system settings
    Now click "Run" and wait patiently.
    Once finished a logfile will be created. You don't have to attach it to your next reply.

    2. Make sure Windows Updates are current.

    3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    4. Check if your browser plugins are up to date.
    Firefox - https://www.mozilla.org/en-US/plugincheck/
    other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

    5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

    7. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    10. Read:
    How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
    Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
    About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

    11. Please, let me know, how your computer is doing.