Solved Please help me remove KMS-R@1n

Hello,

My computer have KMS-R@1n and KMS-R@1nhook, can someone please help me remove it

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by MasterOliveira (administrator) on OLIVEIRA (26-06-2017 22:38:57)
Running from C:\Users\Master\Downloads
Loaded Profiles: MasterOliveira (Available Profiles: defaultuser0 & MasterOliveira)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\KMS-R@1n.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Conexant Systems, Inc.) C:\Program Files\Sennheiser\SA3\Sennheiser\CxUtilSvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUMPSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() D:\Program Files\FACEIT AC\faceitclient.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Conexant Systems, Inc.) C:\Program Files\Sennheiser\SA3\Sennheiser\SmartAudio3.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(GIGABYTE Technology Co.,Ltd.) D:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\AORUS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-19] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-10-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SmartAudio] => C:\Program Files\Sennheiser\SA3\Sennheiser\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\Run: [Fatal1tyMousePort] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-06-26]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)
Startup: C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-06-25]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> D:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()
Startup: C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GRAPHICS ENGINE.lnk [2017-06-26]
ShortcutTarget: GRAPHICS ENGINE.lnk -> D:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()
Startup: C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-06-24]
ShortcutTarget: Logitech . Product Registration.lnk -> D:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0c33e53f-b4e5-489d-b735-949c15ce2c00}: [DhcpNameServer] 172.18.13.1
Tcpip\..\Interfaces\{53effa1f-9887-4154-bcb2-43f2ceec0a70}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7f3c310d-c77f-406d-84f9-16a57e254d0c}: [DhcpNameServer] 192.168.9.1
Tcpip\..\Interfaces\{8d443145-c4c2-4ae4-bfa8-001c44d98aac}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8d443145-c4c2-4ae4-bfa8-001c44d98aac}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dc440122-88b5-4272-b969-f8949cf60664}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f238aaef-d2a1-435e-bf3b-dfc847e64dc8}: [DhcpNameServer] 192.168.9.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\bin\ssv.dll [2017-06-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\bin\jp2ssv.dll [2017-06-23] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> D:\Program Files (x86)\Java\bin\dtplugin\npDeployJava1.dll [2017-06-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> D:\Program Files (x86)\Java\bin\plugin2\npjp2.dll [2017-06-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-26] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
CHR Extension: (Google Trang trình bày) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-26]
CHR Extension: (Google Tài liệu) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-26]
CHR Extension: (Google Drive) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-26]
CHR Extension: (YouTube) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-26]
CHR Extension: (Google Bảng tính) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-26]
CHR Extension: (Google Tài liệu ngoại tuyến) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-26]
CHR Extension: (Thanh toán trên cửa hàng Chrome trực tuyến) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-26]
CHR Extension: (Gmail) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-26]
CHR Extension: (Chrome Media Router) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-03-30] ()
R2 CxUtilSvc; C:\Program Files\Sennheiser\SA3\Sennheiser\CxUtilSvc.exe [109184 2017-06-26] (Conexant Systems, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2193088 2017-06-09] (Rivet Networks)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-02-21] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-08] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-08] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-08] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
R2 UIUMPService; C:\WINDOWS\SysWOW64\UIUMPSrv.exe [104960 2017-06-26] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-06-23] (ASRock Incorporation)
R3 AsrHidFilter; C:\WINDOWS\system32\DRIVERS\AsrHidFilter.sys [20712 2016-12-14] (ASRock Inc.)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164560 2017-05-17] (Qualcomm Atheros, Inc.)
R1 ESEADriver2; C:\Users\Master\AppData\Local\Temp\ESEADriver2.sys [340096 2017-06-23] () <==== ATTENTION
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [7976416 2017-06-22] ()
S3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164560 2017-05-17] (Qualcomm Atheros, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-08] (NVIDIA Corporation)
S3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-22] (Roland Corporation)
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [125136 2017-06-09] (Rivet Networks, LLC.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-19] ()
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-06-13] (The OpenVPN Project)
R3 usbaud; C:\WINDOWS\system32\DRIVERS\usbaud64.sys [1911288 2017-06-26] (Conexant Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 22:38 - 2017-06-26 22:39 - 00015377 _____ C:\Users\Master\Downloads\FRST.txt
2017-06-26 22:38 - 2017-06-26 22:38 - 00000000 ____D C:\FRST
2017-06-26 22:36 - 2017-06-26 22:36 - 02441216 _____ (Farbar) C:\Users\Master\Downloads\FRST64.exe
2017-06-26 22:27 - 2017-06-26 22:27 - 00000601 _____ C:\Users\Master\Downloads\fixlist.txt
2017-06-26 22:23 - 2017-06-26 22:23 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-26 22:23 - 2017-06-26 22:23 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-26 22:22 - 2017-06-26 22:30 - 00000000 ____D C:\Users\Master\AppData\Local\Google
2017-06-26 22:22 - 2017-06-26 22:22 - 01130328 _____ (Google Inc.) C:\Users\Master\Downloads\ChromeSetup.exe
2017-06-26 22:22 - 2017-06-26 22:22 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-26 22:22 - 2017-06-26 22:22 - 00003380 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-26 22:22 - 2017-06-26 22:22 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-26 22:21 - 2017-06-26 22:21 - 00707620 _____ C:\WINDOWS\Minidump\062617-6453-01.dmp
2017-06-26 22:11 - 2017-06-26 22:12 - 00000000 ____D C:\Users\Master\AppData\Local\UIUTask
2017-06-26 22:11 - 2017-06-26 22:11 - 00104960 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\UIUMPSrv.exe
2017-06-26 22:11 - 2017-06-26 22:11 - 00000000 ____D C:\WINDOWS\UIUTask
2017-06-26 22:11 - 2017-06-26 22:11 - 00000000 ____D C:\WINDOWS\UCI
2017-06-26 22:11 - 2017-06-26 22:11 - 00000000 ____D C:\Users\Master\AppData\Local\Sennheiser
2017-06-26 22:11 - 2017-06-26 22:11 - 00000000 ____D C:\Program Files\Sennheiser
2017-06-26 22:10 - 2017-06-26 22:11 - 00000000 ____D C:\WINDOWS\Cnxt
2017-06-26 22:10 - 2017-06-26 22:10 - 04800344 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64S128.dll
2017-06-26 22:10 - 2017-06-26 22:10 - 01911288 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\usbaud64.sys
2017-06-26 22:10 - 2017-06-26 22:10 - 00000000 ____D C:\ProgramData\UIU
2017-06-26 22:09 - 2017-06-26 22:10 - 39743693 _____ C:\Users\Master\Downloads\Surround_Dongle_Driver_V1_15.zip
2017-06-26 21:46 - 2017-06-26 21:46 - 00000000 _____ C:\WINDOWS\cd_127
2017-06-26 16:11 - 2017-06-26 16:20 - 359137989 _____ C:\Users\Master\Downloads\Godzilla - Groups Stems.zip
2017-06-26 16:10 - 2017-06-26 16:21 - 623773223 _____ C:\Users\Master\Downloads\Cheat Codes -No Promises- Stems 113BPM.zip
2017-06-26 01:49 - 2017-06-26 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VietPN
2017-06-26 01:04 - 2017-02-06 02:40 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2017-06-26 01:02 - 2017-06-26 01:03 - 13991160 _____ (VietPN ) C:\Users\Master\Downloads\VietPN_Setup_1.2.9_build_10c.exe
2017-06-26 00:56 - 2017-06-26 00:56 - 00146900 _____ C:\Users\Master\Downloads\GlobalPingChecker.zip
2017-06-26 00:17 - 2017-06-26 00:17 - 00002328 _____ C:\Users\Public\Desktop\Killer Control Center.lnk
2017-06-26 00:17 - 2017-06-26 00:17 - 00000000 ____D C:\ProgramData\RivetNetworks
2017-06-26 00:17 - 2017-06-26 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2017-06-26 00:17 - 2017-06-26 00:17 - 00000000 ____D C:\Program Files\Killer Networking
2017-06-26 00:12 - 2017-06-26 00:13 - 98246952 _____ (Rivet Networks) C:\Users\Master\Downloads\KillerPerformanceSuite_1.3.1320_Win7_Win81_Win10_x64.exe
2017-06-25 21:58 - 2017-06-25 21:58 - 00000000 ____D C:\Users\Master\AppData\Roaming\Macromedia
2017-06-25 15:52 - 2017-06-26 21:46 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-06-25 15:52 - 2017-06-26 03:42 - 00003490 _____ C:\WINDOWS\System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2017-06-25 15:52 - 2017-06-25 15:52 - 00000967 _____ C:\Users\Public\Desktop\GRAPHICS ENGINE.lnk
2017-06-25 15:52 - 2017-06-25 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2017-06-25 15:50 - 2017-06-25 15:50 - 11374032 _____ (GIGABYTE Technology Co.,Inc. ) C:\Users\Master\Downloads\vga_utility_aorus_engine_setup_v1.09.exe
2017-06-25 13:17 - 2017-06-25 13:17 - 00000000 ____D C:\ProgramData\Ableton
2017-06-25 13:05 - 2017-06-25 13:06 - 00000000 ____D C:\Users\Master\Documents\Ableton
2017-06-25 13:05 - 2017-06-25 13:06 - 00000000 ____D C:\Users\Master\AppData\Roaming\Ableton
2017-06-25 13:05 - 2017-06-25 13:05 - 00000398 __RSH C:\ProgramData\ntuser.pol
2017-06-25 13:04 - 2017-06-25 13:04 - 00000681 _____ C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2017-06-25 12:56 - 2017-06-26 00:17 - 00000000 ____D C:\Users\Master\Downloads\Ableton live Suite v9.5 WiN x86 x64-d33p57a7u5
2017-06-25 12:39 - 2017-06-25 12:40 - 00000000 ____D C:\Users\Master\Documents\Studio One
2017-06-25 12:37 - 2017-06-25 12:39 - 00000000 ____D C:\ProgramData\PreSonus
2017-06-25 12:37 - 2017-06-25 12:37 - 00000000 ____D C:\Users\Master\AppData\Roaming\PreSonus
2017-06-25 12:35 - 2017-06-25 13:05 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2017-06-25 12:28 - 2017-06-25 12:28 - 02406080 _____ (BitTorrent Inc.) C:\Users\Master\Downloads\uTorrent.exe
2017-06-25 12:26 - 2017-06-25 12:28 - 00000000 ____D C:\Users\Master\AppData\Roaming\Synthesia
2017-06-25 12:26 - 2017-06-25 12:26 - 03945754 _____ C:\Users\Master\Downloads\Synthesia-10.3.zip
2017-06-25 02:11 - 2017-06-25 02:17 - 00000000 ____D C:\Users\Master\AppData\Local\NVIDIA Corporation
2017-06-25 02:11 - 2017-06-25 02:11 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-25 02:11 - 2017-06-25 02:11 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-25 02:11 - 2017-06-25 02:11 - 00000000 ____D C:\Users\Master\AppData\Local\NVIDIA
2017-06-25 02:11 - 2017-06-25 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-25 02:11 - 2017-06-08 08:45 - 01893312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 01477056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-25 02:10 - 2017-06-25 02:10 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-25 02:10 - 2017-06-08 08:45 - 00512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-25 02:10 - 2017-06-08 08:45 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-06-25 02:10 - 2017-06-08 08:45 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-25 02:10 - 2017-06-08 06:55 - 06467008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-25 02:10 - 2017-06-08 06:55 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-25 02:10 - 2017-06-08 06:38 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-25 02:10 - 2017-06-07 19:42 - 08075477 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-25 02:10 - 2017-03-11 04:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-06-25 02:10 - 2017-03-11 04:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-06-25 02:10 - 2017-03-11 04:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-06-25 02:10 - 2017-03-11 04:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-25 02:09 - 2017-06-08 08:45 - 40201664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 35390584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 35281344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 28624320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 10551256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 04115112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 03796928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 03625992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438253.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01606776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438253.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 01056888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00994240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00993360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00964216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00688784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-06-25 02:09 - 2017-06-08 08:45 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-06-25 02:09 - 2017-06-08 08:45 - 00045163 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-25 02:09 - 2017-06-08 08:45 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-06-25 02:09 - 2017-06-08 08:45 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-06-25 02:07 - 2017-06-25 02:14 - 00000000 ____D C:\Users\Master\Desktop\HDDScan-3.3
2017-06-25 02:06 - 2017-06-25 02:06 - 03822364 _____ C:\Users\Master\Downloads\HDDScan-3.3.zip
2017-06-24 22:10 - 2017-06-24 22:10 - 00790252 _____ C:\WINDOWS\Minidump\062417-6390-01.dmp
2017-06-24 21:22 - 2017-06-24 22:55 - 00000000 ____D C:\Users\Master\Documents\The Witcher 3
2017-06-24 21:22 - 2016-08-10 18:45 - 00138208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcomp110.dll
2017-06-24 01:54 - 2017-06-24 01:55 - 07012007 _____ C:\Users\Master\Downloads\memtest86-usb.zip
2017-06-24 01:31 - 2017-06-24 01:31 - 00000000 ___HD C:\$SysReset
2017-06-24 01:30 - 2017-06-25 02:04 - 00000951 _____ C:\Users\Master\Desktop\BlueScreenView.cfg
2017-06-24 01:25 - 2017-06-24 01:25 - 00000000 ____D C:\Users\Master\AppData\Local\DBG
2017-06-24 01:22 - 2017-06-24 01:22 - 00085380 _____ C:\Users\Master\Downloads\bluescreenview-x64.zip
2017-06-24 01:22 - 2015-01-29 10:11 - 00146528 _____ (NirSoft) C:\Users\Master\Desktop\BlueScreenView.exe
2017-06-24 00:33 - 2017-06-24 00:33 - 00000000 ____D C:\Users\Master\Documents\FeedbackHub
2017-06-24 00:33 - 2017-06-24 00:33 - 00000000 ____D C:\Users\Master\AppData\Local\ElevatedDiagnostics
2017-06-23 23:43 - 2017-06-23 23:43 - 00782980 _____ C:\WINDOWS\Minidump\062317-6218-01.dmp
2017-06-23 22:55 - 2017-06-23 22:55 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-06-23 22:55 - 2017-06-23 22:55 - 00000000 ____D C:\Users\Master\AppData\Roaming\Sun
2017-06-23 22:55 - 2017-06-23 22:55 - 00000000 ____D C:\Users\Master\AppData\LocalLow\Sun
2017-06-23 22:55 - 2017-06-23 22:55 - 00000000 ____D C:\ProgramData\Oracle
2017-06-23 22:55 - 2017-06-23 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-23 22:55 - 2017-06-23 22:49 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-23 22:54 - 2017-06-23 22:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-23 22:54 - 2017-06-23 22:54 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-23 22:53 - 2017-06-23 22:53 - 00738368 _____ (Oracle Corporation) C:\Users\Master\Downloads\JavaSetup8u131.exe
2017-06-23 22:52 - 2017-06-23 22:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-23 22:52 - 2017-06-23 22:52 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-06-23 22:52 - 2017-06-23 22:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-06-23 22:43 - 2017-06-23 22:43 - 00908220 _____ C:\WINDOWS\Minidump\062317-6390-01.dmp
2017-06-23 22:05 - 2017-06-23 22:05 - 02008289 _____ C:\Users\Master\Downloads\MousePort(v3.0.11).zip
2017-06-23 22:05 - 2017-06-23 22:05 - 01178697 _____ C:\Users\Master\Downloads\3TBUnlocker(v1.1.1).zip
2017-06-23 22:05 - 2017-06-23 22:05 - 01170809 _____ C:\Users\Master\Downloads\RestartToUEFI(v1.0.5).zip
2017-06-23 22:05 - 2017-06-23 22:05 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
2017-06-23 22:05 - 2017-06-23 22:05 - 00001039 _____ C:\Users\Public\Desktop\Mouse Port.lnk
2017-06-23 22:05 - 2017-06-23 22:05 - 00001029 _____ C:\Users\Public\Desktop\ASRock Restart to UEFI.lnk
2017-06-23 22:05 - 2017-06-23 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fatal1ty Utility
2017-06-23 22:05 - 2016-12-14 20:13 - 00020712 _____ (ASRock Inc.) C:\WINDOWS\system32\Drivers\AsrHidFilter.sys
2017-06-23 18:49 - 2017-06-23 18:49 - 00000505 _____ C:\Users\Master\Downloads\Disable-Cortana.zip
2017-06-23 16:47 - 2017-06-23 16:47 - 00000855 _____ C:\Users\Master\Desktop\ESEA Client.lnk
2017-06-23 16:47 - 2017-06-23 16:47 - 00000000 ____D C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
2017-06-23 16:46 - 2017-06-23 16:46 - 26379960 _____ C:\Users\Master\Downloads\ESEAClientInstall.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-23 16:31 - 2017-06-23 16:31 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-23 16:31 - 2017-06-23 16:31 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-23 16:31 - 2017-06-23 16:31 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-23 16:31 - 2017-06-23 16:31 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-23 16:31 - 2017-06-23 16:31 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-23 16:31 - 2017-06-23 16:31 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-23 16:31 - 2017-06-23 16:31 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-23 16:31 - 2017-06-23 16:31 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-23 16:31 - 2017-06-23 16:31 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-23 16:31 - 2017-06-23 16:31 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-23 16:31 - 2017-06-23 16:31 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-23 16:31 - 2017-06-23 16:31 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-23 16:29 - 2017-06-23 16:29 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-23 16:29 - 2017-06-23 16:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-23 16:29 - 2017-06-23 16:29 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-23 16:29 - 2017-06-23 16:29 - 00000000 ____D C:\Program Files\MSBuild
2017-06-23 16:29 - 2017-06-23 16:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-23 16:29 - 2017-06-23 01:36 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-23 16:29 - 2017-06-23 01:34 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-23 16:29 - 2017-02-11 02:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-23 16:29 - 2017-02-11 02:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-23 16:29 - 2017-02-11 02:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-23 16:29 - 2017-02-11 02:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-23 16:29 - 2017-02-11 02:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-23 16:29 - 2017-02-11 02:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-23 16:27 - 2017-06-23 16:27 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-06-23 15:01 - 2017-06-26 22:21 - 846680860 _____ C:\WINDOWS\MEMORY.DMP
2017-06-23 15:01 - 2017-06-26 22:21 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-23 15:01 - 2017-06-23 15:02 - 00748196 _____ C:\WINDOWS\Minidump\062317-6578-01.dmp
2017-06-23 02:14 - 2017-06-23 02:14 - 00000000 ____D C:\Users\Master\AppData\Local\GIGABYTE
2017-06-23 01:43 - 2017-06-26 22:28 - 01303716 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-23 01:42 - 2017-06-23 01:42 - 00000000 ____D C:\ProgramData\USOShared
2017-06-23 01:42 - 2017-06-23 01:42 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-23 01:40 - 2017-06-23 01:40 - 00000020 ___SH C:\Users\Master\ntuser.ini
2017-06-23 01:39 - 2017-06-23 01:39 - 00000000 _SHDL C:\Users\Default\My Documents
2017-06-23 01:38 - 2017-06-26 22:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-23 01:38 - 2017-06-23 01:42 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-23 01:38 - 2017-06-23 01:38 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-23 01:38 - 2017-06-23 01:38 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-06-23 01:38 - 2017-06-23 01:38 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-06-23 01:38 - 2017-06-23 01:38 - 00002428 _____ C:\WINDOWS\System32\Tasks\FACEIT AC
2017-06-23 01:38 - 2017-06-23 01:38 - 00001922 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-06-23 01:38 - 2017-06-23 01:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
2017-06-23 01:38 - 2017-06-23 01:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-06-23 01:36 - 2017-06-23 01:36 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-23 01:36 - 2017-03-19 03:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-23 01:35 - 2017-06-26 22:21 - 00000000 ____D C:\Users\Master
2017-06-23 01:35 - 2017-06-23 01:37 - 00000000 ____D C:\Users\defaultuser0
2017-06-23 01:35 - 2017-06-23 01:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\Master\My Documents
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\Master\Documents\My Videos
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\Master\Documents\My Pictures
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\Master\Documents\My Music
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Videos
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Pictures
2017-06-23 01:35 - 2017-06-23 01:35 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Music
2017-06-23 01:34 - 2017-06-26 22:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-23 01:34 - 2017-06-26 19:54 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-23 01:34 - 2017-06-25 02:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-23 01:34 - 2017-06-25 02:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-23 01:34 - 2017-06-25 02:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-23 01:34 - 2017-06-23 23:43 - 00391568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-23 01:34 - 2017-06-23 01:35 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-06-23 01:34 - 2017-06-23 01:34 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-23 01:34 - 2017-06-23 01:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-23 01:34 - 2017-06-23 01:34 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-06-23 01:34 - 2017-06-23 01:34 - 00000000 ____D C:\Program Files\Realtek
2017-06-23 00:37 - 2017-06-23 00:37 - 00000000 ____D C:\Users\Master\AppData\Local\UnrealEngine
2017-06-23 00:37 - 2017-06-23 00:37 - 00000000 ____D C:\Users\Master\AppData\Local\TslGame
2017-06-23 00:26 - 2017-06-23 01:40 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-23 00:25 - 2017-06-23 00:26 - 00000036 _____ C:\WINDOWS\progress.ini
2017-06-23 00:02 - 2017-06-23 00:02 - 06394488 _____ (Microsoft Corporation) C:\Users\Master\Downloads\Windows10Upgrade24074.exe
2017-06-22 23:59 - 2017-06-23 01:41 - 00000000 ____D C:\Windows10Upgrade
2017-06-22 23:59 - 2017-06-23 01:40 - 00000000 ___HD C:\$GetCurrent
2017-06-22 23:59 - 2017-06-22 23:59 - 06394488 _____ (Microsoft Corporation) C:\Users\Master\Downloads\Windows10Upgrade9252.exe
2017-06-22 23:59 - 2017-06-22 23:59 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2017-06-22 23:59 - 2017-06-22 23:59 - 00000719 _____ C:\Users\Master\Desktop\Windows 10 Upgrade Assistant.lnk
2017-06-22 22:53 - 2017-06-22 22:53 - 00000222 _____ C:\Users\Master\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-06-22 22:40 - 2017-06-23 01:36 - 00000000 ____D C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-22 22:40 - 2017-06-22 22:40 - 00000219 _____ C:\Users\Master\Desktop\Dota 2.url
2017-06-22 16:41 - 2017-06-22 16:41 - 00000000 ____D C:\Users\Master\Documents\temp
2017-06-22 16:39 - 2017-06-22 16:40 - 14952928 _____ (GIGABYTE Technology Co.,Inc. ) C:\Users\Master\Downloads\vga_xtreme_engine_setup_1.25.exe
2017-06-22 14:57 - 2017-06-26 03:34 - 00000000 ____D C:\Users\Master\AppData\Roaming\TS3Client
2017-06-22 14:57 - 2017-06-22 14:57 - 00000874 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-06-22 14:57 - 2017-06-22 14:57 - 00000824 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-22 14:57 - 2017-06-22 14:57 - 00000000 ____D C:\Users\Master\.TeamSpeak 3
2017-06-22 14:57 - 2017-06-22 14:57 - 00000000 ____D C:\Users\Master\.QtWebEngineProcess
2017-06-22 14:56 - 2017-06-22 14:57 - 77604984 _____ (TeamSpeak Systems GmbH) C:\Users\Master\Downloads\TeamSpeak3-Client-win64-3.1.4.exe
2017-06-22 12:17 - 2017-06-22 12:17 - 00229394 _____ C:\Users\Master\Downloads\unikey42RC4-140823-win64.zip
2017-06-22 12:17 - 2017-06-22 12:17 - 00000675 _____ C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnikeyNT.lnk
2017-06-22 12:17 - 2014-08-23 16:24 - 00521216 _____ C:\Users\Master\Desktop\UniKeyNT.exe
2017-06-22 12:09 - 2017-06-22 12:09 - 00000000 ____D C:\WINDOWS\pss
2017-06-22 12:03 - 2017-06-22 12:03 - 00000000 ____D C:\Users\Master\AppData\Local\Logitech® Webcam Software
2017-06-22 11:59 - 2017-06-22 11:59 - 00000000 ____D C:\ProgramData\LogiShrd
2017-06-22 11:58 - 2017-06-23 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-06-22 11:58 - 2017-06-22 11:58 - 00001713 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2017-06-22 11:58 - 2017-06-22 11:58 - 00000000 ____D C:\Users\Master\AppData\Roaming\Leadertech
2017-06-22 11:42 - 2017-06-26 15:42 - 00000000 ____D C:\Users\Master\AppData\Roaming\obs-studio
2017-06-22 11:42 - 2017-06-23 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-22 11:42 - 2017-06-22 11:42 - 00000956 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-06-22 11:40 - 2017-06-22 14:38 - 00000000 ____D C:\Users\Master\AppData\Roaming\NVIDIA
2017-06-22 11:40 - 2017-06-22 11:40 - 07976416 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2017-06-22 11:40 - 2017-06-22 11:40 - 00000758 _____ C:\Users\Public\Desktop\FACEIT AC.lnk
2017-06-22 11:40 - 2017-06-22 11:40 - 00000758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2017-06-22 11:40 - 2017-06-22 11:40 - 00000000 ____D C:\Users\Master\AppData\Roaming\FACEIT
2017-06-22 11:40 - 2017-06-22 11:40 - 00000000 ____D C:\Users\Master\AppData\Local\FACEIT
2017-06-22 11:30 - 2017-06-23 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland
2017-06-22 11:30 - 2017-06-23 01:35 - 00000000 ____D C:\Program Files\Roland
2017-06-22 11:21 - 2017-06-22 11:21 - 00000000 ____D C:\Users\Master\AppData\Roaming\Easeware
2017-06-22 11:16 - 2017-06-22 15:41 - 00000000 ____D C:\Users\Master\AppData\Roaming\TunnelBear
2017-06-22 11:16 - 2017-06-22 11:16 - 00000000 ____D C:\Users\Master\AppData\Local\IsolatedStorage
2017-06-22 10:59 - 2017-04-18 16:10 - 00001807 _____ C:\Users\Master\Desktop\hiperz_test_SEA.bat
2017-06-22 10:55 - 2017-06-26 01:02 - 00007304 _____ C:\Users\Master\Desktop\hiperz_test.txt
2017-06-22 02:57 - 2017-06-23 01:35 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-06-21 02:27 - 2017-06-21 02:27 - 00000000 ____D C:\Users\Master\ansel
2017-06-21 02:23 - 2017-06-21 02:23 - 00000000 ____D C:\ProgramData\Dishonored 2
2017-06-21 01:15 - 2017-06-26 15:41 - 00000000 ____D C:\Users\Master\AppData\Local\CrashDumps
2017-06-21 01:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-06-21 01:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-06-21 01:05 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-06-21 01:05 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-06-21 01:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-06-21 01:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-06-21 01:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-06-21 01:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-06-21 01:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-06-21 01:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-06-21 01:05 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-06-21 01:05 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-06-21 01:05 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-06-21 01:05 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-06-21 01:05 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-06-21 01:05 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-06-21 01:05 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-06-21 01:05 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-06-21 01:05 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-06-21 01:05 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-06-21 01:05 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-06-21 01:05 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-06-21 01:05 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-06-21 01:05 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-21 01:05 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-06-21 01:05 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-21 01:05 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-06-21 01:05 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-21 01:05 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-06-21 01:05 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-06-21 01:05 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-06-21 01:05 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-06-21 01:05 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-06-21 01:05 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-06-21 01:05 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-06-21 01:05 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-06-21 01:05 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-06-21 01:05 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-06-21 01:05 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-06-21 01:05 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-06-21 01:05 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-06-21 01:05 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-06-21 01:05 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-06-21 01:05 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-06-21 01:05 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-06-21 01:05 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-06-21 01:05 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-06-21 01:05 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-06-21 01:05 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-06-21 01:05 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-06-21 01:05 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-06-21 01:05 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-06-21 01:05 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-06-21 01:05 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-06-21 01:05 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-06-21 01:05 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-06-21 01:05 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-06-21 01:05 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-06-21 01:05 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-06-21 01:05 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-06-21 01:05 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-06-21 01:05 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-06-21 01:05 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-06-21 01:05 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-06-21 01:05 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-06-21 01:05 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-06-21 01:05 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-06-21 01:05 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-06-21 01:05 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-06-21 01:05 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-06-21 01:05 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-06-21 01:05 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-06-21 01:05 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-06-21 01:05 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-06-21 01:05 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-06-21 01:05 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-06-21 01:05 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-06-21 01:05 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-06-21 01:05 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-06-21 01:05 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-06-21 01:05 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-06-21 01:05 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-06-21 01:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-06-21 01:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-06-21 01:05 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-06-21 01:05 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-06-21 01:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-06-21 01:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-06-21 01:05 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-06-21 01:05 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-06-21 01:05 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-06-21 01:05 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-06-21 01:05 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-06-21 01:05 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-06-21 01:05 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-06-21 01:05 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-06-21 01:05 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-06-21 01:05 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-06-21 01:05 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-06-21 01:05 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-06-21 01:05 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-06-21 01:05 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-06-21 01:05 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-06-21 01:05 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-06-21 01:05 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-06-21 01:05 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-06-21 01:05 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-06-21 01:05 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-06-21 01:05 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-06-21 01:05 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-06-21 01:05 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-06-21 01:05 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-06-21 01:05 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-06-21 01:05 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-06-21 01:05 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-06-21 01:05 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-06-21 01:05 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-06-21 01:05 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-06-21 00:47 - 2017-06-21 00:47 - 00000000 ____D C:\Users\Master\AppData\Local\Steam
2017-06-21 00:45 - 2017-06-26 22:22 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-21 00:45 - 2017-06-23 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-21 00:45 - 2017-06-21 00:45 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk
2017-06-21 00:28 - 2017-06-23 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-06-21 00:28 - 2017-06-21 00:28 - 00000875 _____ C:\Users\Public\Desktop\CPUID HWMonitorPro.lnk
2017-06-21 00:28 - 2017-06-21 00:28 - 00000800 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-06-21 00:06 - 2017-06-23 22:56 - 00000000 ____D C:\ProgramData\Apple
2017-06-21 00:06 - 2017-06-21 00:09 - 00000000 ____D C:\Users\Master\AppData\Roaming\Apple Computer
2017-06-21 00:06 - 2017-06-21 00:06 - 00000000 ____D C:\Users\Master\AppData\Local\Apple Computer
2017-06-21 00:06 - 2017-06-21 00:06 - 00000000 ____D C:\Users\Master\AppData\Local\Apple
2017-06-21 00:06 - 2017-06-21 00:06 - 00000000 ____D C:\ProgramData\Apple Computer
2017-06-21 00:04 - 2017-06-21 00:04 - 00000000 ___RD C:\Users\Master\3D Objects
2017-06-21 00:04 - 2017-06-21 00:04 - 00000000 ____D C:\Users\Master\AppData\LocalLow\Temp
2017-06-20 23:55 - 2017-06-20 23:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-06-20 14:44 - 2017-06-20 14:44 - 00000000 ____D C:\Users\Master\AppData\Local\CEF
2017-06-20 14:44 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-06-20 14:44 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-06-20 14:44 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-06-20 14:44 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-06-20 14:44 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-06-20 14:44 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-06-20 14:42 - 2017-06-20 14:42 - 00000000 ____D C:\NVIDIA
2017-06-20 14:42 - 2017-06-08 08:45 - 00175552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-20 14:42 - 2017-06-08 08:45 - 00143296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-20 14:42 - 2017-06-08 08:45 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-20 14:42 - 2017-06-08 08:45 - 00048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-06-20 14:41 - 2017-06-24 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2017-06-20 14:41 - 2017-06-20 14:41 - 00000000 ____D C:\Program Files\ASRock Utility
2017-06-20 14:41 - 2017-06-20 14:41 - 00000000 ____D C:\Intel
2017-06-20 14:41 - 2011-11-07 10:13 - 00017192 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\AsrAppCharger.sys
2017-06-20 14:39 - 2017-06-20 14:39 - 00000000 ____D C:\ProgramData\Downloaded Installations
2017-06-20 14:38 - 2017-06-26 22:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-20 14:38 - 2017-06-20 14:41 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-20 14:38 - 2017-06-20 14:38 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-20 14:38 - 2017-06-20 14:38 - 00000000 _____ C:\Users\Master\AppData\Local\Driver_LOM_8171Present.flag
2017-06-20 14:38 - 2015-10-30 09:16 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-06-20 14:38 - 2015-10-30 09:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-06-20 14:38 - 2015-10-30 09:16 - 04644096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-06-20 14:38 - 2015-10-30 09:16 - 04143788 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-06-20 14:38 - 2015-10-30 09:16 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 03153686 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2017-06-20 14:38 - 2015-10-30 09:16 - 02965120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-06-20 14:38 - 2015-10-30 09:16 - 02610208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 02028152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01928624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01351992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01286152 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 01008352 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00933632 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00888472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00596120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00589072 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2017-06-20 14:38 - 2015-10-30 09:16 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00448584 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00224256 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00195184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00172584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-06-20 14:38 - 2015-10-30 09:16 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 09997848 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 05774632 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 05289944 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 03278408 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 02437136 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01395760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01211832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01186160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00340648 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-06-20 14:38 - 2015-10-30 09:15 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-06-20 14:38 - 2015-10-13 14:14 - 02826832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2017-06-20 14:37 - 2017-06-23 01:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-20 14:37 - 2017-06-20 14:37 - 00971430 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-20 14:37 - 2017-06-20 14:37 - 00000000 ____D C:\Users\Master\AppData\Roaming\Intel Corporation
2017-06-20 14:36 - 2017-06-25 13:05 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-20 14:36 - 2017-06-23 01:35 - 00000000 ____D C:\Program Files\Intel
2017-06-20 14:36 - 2017-06-20 14:36 - 00000000 ____D C:\Users\Master\Intel
2017-06-20 14:36 - 2017-06-20 14:36 - 00000000 ____D C:\ProgramData\Intel
2017-06-20 14:36 - 2017-06-20 14:36 - 00000000 ____D C:\Program Files (x86)\Intel
2017-06-13 17:55 - 2017-06-13 17:55 - 00038656 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap-tb-0901.sys
2017-06-09 14:17 - 2017-06-09 14:17 - 00125136 _____ (Rivet Networks, LLC.) C:\WINDOWS\system32\Drivers\RfeCo10X64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 22:26 - 2017-02-21 19:24 - 00000000 ____D C:\Users\Master\AppData\Local\CocCoc
2017-06-26 22:11 - 2017-03-19 04:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-26 21:46 - 2017-02-22 10:29 - 00000000 ___RD C:\Users\Master\OneDrive
2017-06-26 19:54 - 2017-03-18 18:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-26 15:17 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-26 11:12 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-25 13:05 - 2016-07-16 18:47 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-25 02:50 - 2016-07-16 18:42 - 00006656 _____ C:\WINDOWS\system32\lpcio.dll
2017-06-25 02:10 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-24 01:34 - 2017-03-19 04:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-24 01:34 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-24 01:34 - 2017-02-22 10:25 - 00000000 ____D C:\Users\Master\AppData\Local\Packages
2017-06-23 23:04 - 2016-07-16 18:47 - 00000167 _____ C:\WINDOWS\win.ini
2017-06-23 22:54 - 2017-03-19 03:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-23 22:53 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-23 16:33 - 2017-03-19 04:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-23 16:32 - 2017-03-19 04:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-23 16:32 - 2017-03-19 04:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-23 16:32 - 2017-03-18 18:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-23 13:50 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-23 01:42 - 2017-03-19 04:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-23 01:42 - 2017-02-22 10:29 - 00002366 _____ C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-23 01:42 - 2017-02-22 10:25 - 00000000 ____D C:\Users\Master\AppData\Local\ConnectedDevicesPlatform
2017-06-23 01:41 - 2017-03-19 04:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-23 01:41 - 2017-02-22 10:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-23 01:40 - 2017-03-19 04:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 01:39 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-23 01:39 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-23 01:38 - 2017-03-19 09:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-23 01:38 - 2017-03-19 04:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-23 01:38 - 2017-03-18 18:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-23 01:38 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-23 01:36 - 2017-02-21 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-06-23 01:36 - 2017-02-21 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-06-23 01:36 - 2017-02-21 19:33 - 00000000 ____D C:\WINDOWS\SHELLNEW
2017-06-23 01:36 - 2017-02-21 19:24 - 00000000 ____D C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-23 01:36 - 2017-02-21 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-23 01:35 - 2017-03-19 04:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-23 01:35 - 2017-02-22 10:24 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-06-23 01:34 - 2017-03-18 18:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-23 00:34 - 2017-02-22 10:12 - 00008192 __RSH C:\BOOTSECT.BAK
2017-06-03 13:32 - 2017-03-19 04:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 13:32 - 2017-03-19 04:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-06-20 14:38 - 2017-06-20 14:38 - 0000000 _____ () C:\Users\Master\AppData\Local\Driver_LOM_8171Present.flag
2017-06-23 01:34 - 2017-06-23 01:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-06-25 13:16 - 2015-10-24 02:04 - 3687368 _____ () C:\Users\Master\AppData\Local\Temp\Ableton Swapper.exe
2017-06-20 15:38 - 2017-06-08 06:38 - 0869016 _____ (NVIDIA Corporation) C:\Users\Master\AppData\Local\Temp\nvSCPAPI64.dll
2017-06-25 02:02 - 2017-06-08 06:38 - 0367552 _____ (NVIDIA Corporation) C:\Users\Master\AppData\Local\Temp\nvStInst.exe
2017-01-09 22:36 - 2017-01-09 22:36 - 14990824 _____ (Microsoft Corporation) C:\Users\Master\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-23 01:34

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by MasterOliveira (26-06-2017 22:39:42)
Running from C:\Users\Master\Downloads
Windows 10 Pro Version 1703 (X64) (2017-06-22 18:40:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3746342138-3061863375-479099754-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3746342138-3061863375-479099754-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3746342138-3061863375-479099754-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3746342138-3061863375-479099754-501 - Limited - Disabled)
MasterOliveira (S-1-5-21-3746342138-3061863375-479099754-1001 - Administrator - Enabled) => C:\Users\Master

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Ansel (Version: 382.53 - NVIDIA Corporation) Hidden
AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.0.9 - GIGABYTE Technology Co.,Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor Pro 1.28 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - )
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESEA Client (HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Fatal1ty Mouse Port v3.0.11 (HKLM-x32\...\Fatal1ty Mouse Port_is1) (Version: 3.0.11 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Killer Performance Suite (HKLM\...\{48F2D8C5-A08C-454C-B10E-0432255A99DE}) (Version: 1.3.1320 - Rivet Networks)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version: - Roland Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7647 - Realtek Semiconductor Corp.)
Sennheiser Audio (HKLM-x32\...\{1CAB4BF9-BDFF-4FDA-9633-F22EEB518488}) (Version: 1.0.15.0 - Sennheiser)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
VietPN 1.2.9 (HKLM-x32\...\VietPN_is1) (Version: VietPN - VietPN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {37C7888E-A289-4C55-AD3D-9875C5259383} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => D:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\AORUS.exe [2017-06-08] (GIGABYTE Technology Co.,Ltd.)
Task: {59D9A636-72B0-45BD-BC51-C9AE62B22C27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-26] (Google Inc.)
Task: {5AD17E39-6EB5-4595-876D-A5BB7ADAF4AC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {67CC92E3-35E1-4EA9-8433-3DFF92BAF03A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2017-02-21] ()
Task: {7B8FE978-A1E0-4C42-AEBE-D14C642B7EF8} - System32\Tasks\FACEIT AC => D:\Program Files\FACEIT AC\faceitclient.exe [2017-06-23] ()
Task: {85C1F262-C0A3-4690-96FE-DC93AE5E0382} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-26] (Google Inc.)
Task: {952167E0-577A-4073-AF47-EBCB2572CB66} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-08] (NVIDIA Corporation)
Task: {A680943C-89B3-485F-8462-C4016A5A726E} - System32\Tasks\Microsoft\Windows\UIU\UIUTask => C:\Windows\UIUTask\UIUTask.exe [2017-06-26] (Conexant Systems, Inc.)
Task: {A756B3FE-23B1-46F7-8F81-F7C8D67C49E5} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {AEFAFE14-772D-453F-84F3-FA478385501D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-08] (NVIDIA Corporation)
Task: {B39F8B02-F86B-4170-B6EB-5F29AE97523A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {C5D359B9-AB9B-4D3E-AC0C-0C5A2DD09635} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {CD80DC3A-D8E8-4338-A517-B1256D4BFB8F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {EBCDAB52-5339-44C4-86DD-A563A005E298} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-08] (NVIDIA Corporation)
Task: {F964B6F0-6418-49D2-9554-0D480E1B18D7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-08] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-06-25 02:11 - 2017-06-08 08:45 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-21 19:36 - 2017-02-21 19:36 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2017-03-19 03:58 - 2017-03-19 03:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-03-19 03:59 - 2017-03-19 09:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-23 23:05 - 2017-06-23 23:05 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-23 23:05 - 2017-06-23 23:05 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-23 23:05 - 2017-06-23 23:06 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-23 23:05 - 2017-06-23 23:05 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-02-21 19:36 - 2017-02-21 19:36 - 00004608 _____ () C:\WINDOWS\KMS-R@1nhook.exe
2017-02-21 19:36 - 2017-02-21 19:36 - 00003584 _____ () C:\WINDOWS\KMS-QADhook.dll
2017-06-26 22:23 - 2017-06-20 13:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.109\libglesv2.dll
2017-06-26 22:23 - 2017-06-20 13:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.109\libegl.dll
2017-06-25 02:11 - 2017-06-08 08:45 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-21 00:46 - 2017-05-17 08:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-06-21 00:46 - 2016-09-01 08:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-06-21 00:46 - 2017-06-08 12:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2017-06-21 00:46 - 2016-09-01 08:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-06-21 00:46 - 2016-09-01 08:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-06-21 00:46 - 2016-01-27 14:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-06-21 00:46 - 2016-01-27 14:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-06-21 00:46 - 2016-01-27 14:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-06-21 00:46 - 2016-01-27 14:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-06-21 00:46 - 2016-01-27 14:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-06-21 00:46 - 2017-06-08 12:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-06-21 00:46 - 2017-05-17 08:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-21 00:46 - 2017-05-09 02:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-21 00:46 - 2017-06-08 12:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 18:47 - 2016-07-16 18:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3746342138-3061863375-479099754-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\StartupApproved\Run: => "CocCoc Update"
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1792780E-E521-4928-83F0-C5E666C511D2}] => (Allow) G:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{82145196-8EE2-4081-918A-DF67D610EA59}] => (Allow) G:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DCBB3EC9-4BCF-4B48-96D9-C060FE1FAD78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D6FED992-4C32-4B0F-A388-E00E2AC39DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CED06859-6739-4DBD-9D98-8BDD697D93CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{86E4530A-7F47-4943-8A9F-DD39CEA4FE9A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BE12F81C-E401-4002-977D-1ED905901A6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D05F760F-E44B-459E-940D-E8DA5BF2AA25}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C1C93E1C-A4FA-49EE-A351-A10058BF6BBB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28217055-F2C8-4122-99A3-AA3989CC8A7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DBC6AF8-9E1D-4382-A439-FAC636B0131B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{44C65D37-515A-4512-8661-367FA9109DA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{53248AE3-5BA9-4E25-95EA-A5D3B3C30646}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{D848A167-283C-458D-B04C-3603C94E6C4B}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{F6EF967B-ED29-43BE-BBCD-0A6FFF9BD2D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C0827DD5-ADD9-4A64-8CF7-3FFEE3F740B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FE06F1CB-0327-4C87-9452-6E27FC16EBB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A109122B-A89E-430A-B60B-EE5F4398E8C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A2D7053-300B-4EFB-900D-EF4C47FCF189}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E3672436-68A8-4ADB-B156-A5E60A1945FA}] => (Allow) D:\Program Files\PreSonus\Studio One 3\Studio One.exe
FirewallRules: [{8D0EFD31-8A8B-431B-9658-ADF8A9AA5EBE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2017 03:41:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cef-bootstrap.exe, version: 0.0.0.0, time stamp: 0x591ca392
Faulting module name: libcef.dll, version: 3.2987.1581.0, time stamp: 0x58b1e66e
Exception code: 0xc0000005
Fault offset: 0x00000000003e5f1f
Faulting process id: 0x1d28
Faulting application start time: 0x01d2ee5808c43971
Faulting application path: D:\Program Files (x86)\obs-studio\obs-plugins\64bit\cef-bootstrap.exe
Faulting module path: D:\Program Files (x86)\obs-studio\obs-plugins\64bit\libcef.dll
Report Id: a4ca145d-8a7c-4ac0-91bc-cf2e87e6c038
Faulting package full name:
Faulting package-relative application ID:

Error: (06/26/2017 01:30:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLIVEIRA)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/26/2017 01:30:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLIVEIRA)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/26/2017 01:30:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLIVEIRA)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/26/2017 12:14:20 AM) (Source: MsiInstaller) (EventID: 10005) (User: OLIVEIRA)
Description: Product: Killer Network Manager -- Error 2762. Cannot write script record. Transaction not started.

Error: (06/24/2017 01:25:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.332, time stamp: 0x591fd994
Faulting module name: chakra.dll, version: 11.0.15063.413, time stamp: 0x0acd84b6
Exception code: 0xc0000005
Fault offset: 0x000000000021a66e
Faulting process id: 0x17e4
Faulting application start time: 0x01d2ec4dcf2bb41d
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\chakra.dll
Report Id: c3d7b085-8ae1-460e-b265-ee3a99db5650
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess

Error: (06/23/2017 11:11:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLIVEIRA)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/23/2017 10:56:33 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: OLIVEIRA)
Description: Application or service 'Apple Mobile Device Service' could not be restarted.

Error: (06/23/2017 10:55:24 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Disabled performance counter data collection from the "Outlook" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.

Error: (06/23/2017 10:55:24 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Windows cannot open the 32-bit extensible counter DLL Outlook in a 64-bit environment. Contact the file vendor to obtain a 64-bit version. Alternatively, you can open the 32-bit extensible counter DLL by using the 32-bit version of Performance Monitor. To use this tool, open the Windows folder, open the Syswow64 folder, and then start Perfmon.exe.


System errors:
=============
Error: (06/26/2017 10:21:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/26/2017 10:21:40 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000154 (0xffff9985f1154000, 0xffffce809d8286c0, 0x0000000000000001, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 83b0bfa0-964c-4c04-a0c3-95bfd33d9d30.

Error: (06/26/2017 10:21:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:46:20 PM on ‎6/‎26/‎2017 was unexpected.

Error: (06/26/2017 09:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/26/2017 02:53:38 PM) (Source: DCOM) (EventID: 10016) (User: OLIVEIRA)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user OLIVEIRA\MasterOliveira SID (S-1-5-21-3746342138-3061863375-479099754-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2017 02:53:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/26/2017 01:30:25 PM) (Source: DCOM) (EventID: 10010) (User: OLIVEIRA)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (06/26/2017 01:30:25 PM) (Source: DCOM) (EventID: 10010) (User: OLIVEIRA)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (06/26/2017 01:30:25 PM) (Source: DCOM) (EventID: 10010) (User: OLIVEIRA)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.

Error: (06/26/2017 11:06:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.


CodeIntegrity:
===================================
Date: 2017-06-26 22:26:24.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-26 15:16:29.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-26 01:49:28.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-26 01:49:24.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-25 21:57:49.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-25 21:56:56.722
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-25 20:50:32.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-25 17:06:04.691
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-06-25 14:20:20.200
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-25 12:49:18.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8125.46 MB
Available physical RAM: 5207.64 MB
Total Virtual: 10173.46 MB
Available Virtual: 7104.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:75.05 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:331.51 GB) (Free:297.98 GB) NTFS
Drive f: (Sample) (Fixed) (Total:300 GB) (Free:299.87 GB) NTFS
Drive g: (Biblotheque) (Fixed) (Total:300 GB) (Free:93.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 392CB217)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7E0BF4F5)
Partition 1: (Not Active) - (Size=331.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=300 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Malnutrition said:

FRST Fix.

Click Here To Download Fixlist.


Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


File Search.

Get the Everything Search Engine
Install Program, Right Click Run As Admin. Type R@1n into to search window.
Then Click Edit.
Select all.
Right Click highlighted items>>>>>>>> Copy full name to clipboard. >>>>> Paste content of clipboard, here in your next reply.

Click to expand...

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by MasterOliveira (27-06-2017 15:24:41) Run:1
Running from C:\Users\Master\Downloads
Loaded Profiles: MasterOliveira (Available Profiles: defaultuser0 & MasterOliveira)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
RemoveProxy:
C:\Windows\KMS-R@1n.exe
C:\Windows\KMS-R@1nhook.exe
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-02-21] () [File not signed]
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\R@1n-KMS
Task: {A756B3FE-23B1-46F7-8F81-F7C8D67C49E5} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
FirewallRules: [{53248AE3-5BA9-4E25-95EA-A5D3B3C30646}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{D848A167-283C-458D-B04C-3603C94E6C4B}] => (Allow) C:\Windows\KMS-R@1n.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\Run: [ASRockRuefi] => [X]
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\Run: [Fatal1tyMousePort] => [X]
Startup: C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-06-24]
ShortcutTarget: Logitech . Product Registration.lnk -> D:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
GroupPolicy: Restriction <==== ATTENTION
CHR Extension: (Google Bảng tính) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-26]
CHR Extension: (Google Tài liệu ngoại tuyến) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-26]
CHR Extension: (Thanh toán trên cửa hàng Chrome trực tuyến) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-26]
CHR Extension: (Google Trang trình bày) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-26]
CHR Extension: (Google Tài liệu) - C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-26]
R1 ESEADriver2; C:\Users\Master\AppData\Local\Temp\ESEADriver2.sys [340096 2017-06-23] () <==== ATTENTION
C:\Users\Master\AppData\Local\Temp\ESEADriver2.sys
Folder: C:\WINDOWS\cd_127
C:\Users\Master\Downloads\uTorrent.exe
Folder: C:\WINDOWS\SHELLNEW
C:\Windows\AutoKMS.exe
Task: {5AD17E39-6EB5-4595-876D-A5BB7ADAF4AC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {67CC92E3-35E1-4EA9-8433-3DFF92BAF03A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2017-02-21] ()
Task: {7B8FE978-A1E0-4C42-AEBE-D14C642B7EF8} - System32\Tasks\FACEIT AC => D:\Program Files\FACEIT AC\faceitclient.exe [2017-06-23] ()
Task: {37C7888E-A289-4C55-AD3D-9875C5259383} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => D:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\AORUS.exe [2017-06-08] (GIGABYTE Technology Co.,Ltd.)
Task: {952167E0-577A-4073-AF47-EBCB2572CB66} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-08] (NVIDIA Corporation)
Task: {A680943C-89B3-485F-8462-C4016A5A726E} - System32\Tasks\Microsoft\Windows\UIU\UIUTask => C:\Windows\UIUTask\UIUTask.exe [2017-06-26] (Conexant Systems, Inc.)
Task: {AEFAFE14-772D-453F-84F3-FA478385501D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-08] (NVIDIA Corporation)
Task: {B39F8B02-F86B-4170-B6EB-5F29AE97523A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {C5D359B9-AB9B-4D3E-AC0C-0C5A2DD09635} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-08] (NVIDIA Corporation)
Task: {CD80DC3A-D8E8-4338-A517-B1256D4BFB8F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-08] (NVIDIA Corporation)
Task: {EBCDAB52-5339-44C4-86DD-A563A005E298} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-08] (NVIDIA Corporation)
Task: {F964B6F0-6418-49D2-9554-0D480E1B18D7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-08] (NVIDIA Corporation)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
C:\WINDOWS\KMS-QADhook.dll
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\StartupApproved\Run: => "CocCoc Update"
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\...\StartupApproved\Run: => "OneDrive"
Zip: C:\WINDOWS\Minidump
CMD: ipconfig /flushdns
reboot:
end

*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\KMS-R@1n.exe => moved successfully
C:\Windows\KMS-R@1nhook.exe => moved successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => key removed successfully
HKLM\System\CurrentControlSet\Services\KMS-R@1n => key removed successfully
KMS-R@1n => service removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\System32\Tasks\R@1n-KMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A756B3FE-23B1-46F7-8F81-F7C8D67C49E5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A756B3FE-23B1-46F7-8F81-F7C8D67C49E5} => key removed successfully
C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53248AE3-5BA9-4E25-95EA-A5D3B3C30646} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D848A167-283C-458D-B04C-3603C94E6C4B} => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockRuefi => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Fatal1tyMousePort => value removed successfully
C:\Users\Master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk => moved successfully
D:\Program Files (x86)\Logitech\Ereg\eReg.exe => moved successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap => moved successfully
C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi => moved successfully
C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek => moved successfully
C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake => moved successfully
ESEADriver2 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ESEADriver2 => key removed successfully
ESEADriver2 => service removed successfully
C:\Users\Master\AppData\Local\Temp\ESEADriver2.sys => moved successfully

========================= Folder: C:\WINDOWS\cd_127 ========================

C:\WINDOWS\cd_127 => File

====== End of Folder: ======

C:\Users\Master\Downloads\uTorrent.exe => moved successfully

========================= Folder: C:\WINDOWS\SHELLNEW ========================

2009-07-30 07:42 - 2009-07-30 07:42 - 0008746 _____ () C:\WINDOWS\SHELLNEW\EXCEL12.XLSX
2005-12-14 10:15 - 2005-12-14 10:15 - 0059904 _____ () C:\WINDOWS\SHELLNEW\MSPUB.PUB
2007-08-22 05:56 - 2007-08-22 05:56 - 0027140 _____ () C:\WINDOWS\SHELLNEW\PWRPNT12.PPTX

====== End of Folder: ======

C:\Windows\AutoKMS.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5AD17E39-6EB5-4595-876D-A5BB7ADAF4AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD17E39-6EB5-4595-876D-A5BB7ADAF4AC} => key removed successfully
C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{67CC92E3-35E1-4EA9-8433-3DFF92BAF03A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67CC92E3-35E1-4EA9-8433-3DFF92BAF03A} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B8FE978-A1E0-4C42-AEBE-D14C642B7EF8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B8FE978-A1E0-4C42-AEBE-D14C642B7EF8} => key removed successfully
C:\WINDOWS\System32\Tasks\FACEIT AC => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FACEIT AC => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{37C7888E-A289-4C55-AD3D-9875C5259383} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37C7888E-A289-4C55-AD3D-9875C5259383} => key removed successfully
C:\WINDOWS\System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Launcher GIGABYTE AORUS GRAPHICS ENGINE => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{952167E0-577A-4073-AF47-EBCB2572CB66} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{952167E0-577A-4073-AF47-EBCB2572CB66} => key removed successfully
C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A680943C-89B3-485F-8462-C4016A5A726E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A680943C-89B3-485F-8462-C4016A5A726E} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UIU\UIUTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UIU\UIUTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEFAFE14-772D-453F-84F3-FA478385501D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEFAFE14-772D-453F-84F3-FA478385501D} => key removed successfully
C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B39F8B02-F86B-4170-B6EB-5F29AE97523A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B39F8B02-F86B-4170-B6EB-5F29AE97523A} => key removed successfully
C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5D359B9-AB9B-4D3E-AC0C-0C5A2DD09635} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5D359B9-AB9B-4D3E-AC0C-0C5A2DD09635} => key removed successfully
C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD80DC3A-D8E8-4338-A517-B1256D4BFB8F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD80DC3A-D8E8-4338-A517-B1256D4BFB8F} => key removed successfully
C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBCDAB52-5339-44C4-86DD-A563A005E298} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBCDAB52-5339-44C4-86DD-A563A005E298} => key removed successfully
C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F964B6F0-6418-49D2-9554-0D480E1B18D7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F964B6F0-6418-49D2-9554-0D480E1B18D7} => key removed successfully
C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
C:\WINDOWS\Tasks\AutoKMS.job => moved successfully
C:\WINDOWS\KMS-QADhook.dll => moved successfully
C:\WINDOWS\system32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\BCSSync => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\LWS => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LWS => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CocCoc Update => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CocCoc Update => value not found.
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive => value removed successfully
HKU\S-1-5-21-3746342138-3061863375-479099754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive => value removed successfully
================== Zip: ===================
C:\WINDOWS\Minidump -> copied successfully to C:\Users\Master\Desktop\27.06.2017_15.24.49.zip
=========== Zip: End ===========

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17072747 B
Java, Flash, Steam htmlcache => 81686010 B
Windows/system/drivers => 3608448 B
Edge => 53014417 B
Chrome => 607824090 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 128902 B
defaultuser0 => 0 B
Master => 169104880 B

RecycleBin => 0 B
EmptyTemp: => 896.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:24:57 ====

Malnutrition said:

@hoagvn How about an update please.

Click to expand...

Sorry I have been busy for awhile.

Thank you everything seem to working fine, I don't see any KMS files anymore. I also bought a new RAM to place with the faulty one so there's no more bluescreen.