Jump to content

RiskWare.ExtensionMismatch and bad YouTube error message


Recommended Posts

Hi Malwarebytes,

Sadly i am back again. after downloading and running "Display Driver Uninstaller" i started getting a lot of BSOD error messages like:

Video_Dxgkrnl_fatal_error, Driver_power_state_failure, Video_TDR_failure, and kmode_exception_not_handled.

So far i have been told that all of these are hardware related or related to updating drivers, so i am not worried. But what I am worried about is the following:

I tried to sign in to YouTube last night and received the following error message:

"We are sorry, but you do not have access to this service. Please contact your domain administrator for access"

I had never got this message before so I quickly changed my gmail password, and attempted to sign in again, and it worked...so i believe that someone else had access to this account. So I am currently in the process of changing all my passwords that are stored in KeyPass (a password safe and password generator).

Aside from this, I want to see if I have fully resolved the problem by running a full system scan in safe mode which detected:

 RiskWare.ExtensionMismatch, C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-1154547124-2327209256-1540992038-1002\ReadOnly\LockScreen_A\LockScreen___1280_0720.jpg, Quarantined, [8053694aa3f60a2c31f73d2bdf228878], 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by test (administrator) on DANIEL (28-04-2016 12:47:15)
Running from C:\Users\test\Downloads
Loaded Profiles: test (Available Profiles: Daniel & test & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\ContactSupport_cw5n1h2txyewy\ContactSupport.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1603.12020.0_x64__8wekyb3d8bbwe\Time.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347688 2015-08-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-12-07] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-03-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-31] (cyberlink)
HKLM-x32\...\Run: [VGAOCAP] => C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe [89088 2012-06-06] ()
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376 2011-12-19] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Corsair Duke] => C:\Program Files (x86)\Corsair\M95 Mouse\M95Hid.exe [1771520 2013-08-15] (Corsair Components  Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-10-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-10-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 66.90.139.210 66.90.130.10
Tcpip\..\Interfaces\{0b39125a-fef7-4126-a3b9-04cb8ceadb2c}: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
Tcpip\..\Interfaces\{fb0926c0-af00-47b2-819f-764df132f7d4}: [DhcpNameServer] 66.90.139.210 66.90.130.10

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-27] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-20] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5292844\npmathplugin.dll [2015-03-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-26]
CHR Extension: (Google Docs) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-26]
CHR Extension: (Google Drive) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-26]
CHR Extension: (YouTube) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-26]
CHR Extension: (Adblock Plus) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-28]
CHR Extension: (Google Sheets) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-26]
CHR Extension: (Google Docs Offline) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-26]
CHR Extension: (Gmail) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-26]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-08-07] (ELAN Microelectronics Corp.)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-03-13] (NVIDIA Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-22] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
S4 LMIRescue_fd582bb4-caa2-44a4-9743-b0f4e87a94fd; C:\Users\Daniel\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe [3306336 2016-04-20] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [File not signed]
S4 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-03-13] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-03-13] (NVIDIA Corporation)
S4 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-09-25] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2012-09-25] (Qualcomm Atheros, Inc.)
R3 DUKEMS; C:\Windows\system32\drivers\DUKEMS.sys [25600 2012-08-16] ( )
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.)
S3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [164720 2012-09-25] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [170128 2016-02-05] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
U5 SynTP; C:\Windows\System32\Drivers\SynTP.sys [448312 2012-12-07] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 12:47 - 2016-04-28 12:47 - 00017735 _____ C:\Users\test\Downloads\FRST.txt
2016-04-28 12:46 - 2016-04-28 12:47 - 00000000 ____D C:\FRST
2016-04-28 12:46 - 2016-04-28 12:46 - 02376704 _____ (Farbar) C:\Users\test\Downloads\FRST64.exe
2016-04-28 12:29 - 2016-04-28 12:29 - 00158399 _____ C:\Users\test\Desktop\DANIEL.txt
2016-04-28 12:12 - 2016-04-28 12:12 - 00001252 _____ C:\Users\test\Desktop\extensionMismatch lob.txt
2016-04-28 12:12 - 2016-04-28 12:12 - 00001051 _____ C:\Users\test\Desktop\current scan.txt
2016-04-28 12:01 - 2016-04-28 12:01 - 00228634 _____ C:\Users\test\Downloads\properties of fourier trans.pdf
2016-04-28 02:17 - 2016-04-28 02:17 - 03297476 _____ C:\Users\test\Downloads\Proof of Convolution Theorem.pdf
2016-04-28 00:29 - 2016-04-28 00:29 - 00279337 _____ C:\Users\test\Downloads\ElectricityMagnetismAppendixB - fourier transforms.pdf
2016-04-27 23:30 - 2016-04-27 23:30 - 02016031 _____ C:\Users\test\Downloads\stanford - n dim fourier transforms.pdf
2016-04-27 16:39 - 2016-04-27 16:40 - 00855884 _____ C:\WINDOWS\Minidump\042716-24718-01.dmp
2016-04-27 16:37 - 2016-04-27 16:37 - 00157019 _____ C:\Users\test\Desktop\speccy report.txt
2016-04-27 16:18 - 2016-04-27 16:18 - 00000000 ____D C:\Users\test\AppData\Local\ElevatedDiagnostics
2016-04-27 16:09 - 2016-04-27 16:15 - 340696488 _____ (NVIDIA Corporation) C:\Users\test\Downloads\364.51-notebook-win10-64bit-international-whql.exe
2016-04-27 15:53 - 2016-04-27 15:55 - 363140224 _____ (NVIDIA Corporation) C:\Users\test\Downloads\364.72-notebook-win10-64bit-international-whql (1).exe
2016-04-27 15:48 - 2016-04-27 15:48 - 00000000 ____D C:\Users\test\AppData\Roaming\Oracle
2016-04-27 15:46 - 2016-04-27 15:46 - 00000000 ____D C:\Users\test\AppData\Roaming\Sun
2016-04-27 15:46 - 2016-04-27 15:46 - 00000000 ____D C:\Users\test\AppData\LocalLow\Sun
2016-04-27 15:45 - 2016-04-27 15:45 - 00000000 ____D C:\Users\test\AppData\LocalLow\Oracle
2016-04-27 15:00 - 2016-04-27 15:01 - 00364860 _____ C:\WINDOWS\Minidump\042716-27593-01.dmp
2016-04-27 14:44 - 2016-04-27 14:45 - 00681292 _____ C:\WINDOWS\Minidump\042716-29296-01.dmp
2016-04-27 13:34 - 2016-04-27 13:34 - 00327756 _____ C:\WINDOWS\Minidump\042716-29640-01.dmp
2016-04-27 11:49 - 2016-04-27 11:49 - 00000000 __SHD C:\Users\test\IntelGraphicsProfiles
2016-04-27 00:29 - 2016-04-27 00:29 - 00000000 ____D C:\Users\test\AppData\LocalLow\Temp
2016-04-26 23:38 - 2016-04-26 23:38 - 00000000 ____D C:\Users\test\AppData\Local\NetworkTiles
2016-04-26 23:28 - 2016-04-26 23:28 - 00000000 ____D C:\Users\test\AppData\Roaming\KeePass
2016-04-26 23:18 - 2016-04-26 23:19 - 00000000 ____D C:\Users\test\AppData\Roaming\vlc
2016-04-26 23:16 - 2016-04-28 11:41 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86A087F8-F8E9-4AB6-ABF2-70FB67551FF2}
2016-04-26 23:15 - 2016-04-26 23:15 - 00000000 ____D C:\Users\test\AppData\Local\CEF
2016-04-26 23:14 - 2016-04-26 23:15 - 00000000 ____D C:\Users\test\AppData\Local\Adobe
2016-04-26 23:14 - 2016-04-26 23:14 - 00000000 ____D C:\Users\test\AppData\LocalLow\Adobe
2016-04-26 21:58 - 2016-04-28 01:08 - 00027964 _____ C:\Users\test\Desktop\Database.v2.4.18.2016.kdb
2016-04-26 21:58 - 2016-04-26 21:58 - 00000000 ____D C:\Users\test\Desktop\minidump
2016-04-26 21:57 - 2016-04-26 21:57 - 00000000 ____D C:\Users\test\Desktop\Games
2016-04-26 21:26 - 2016-04-26 21:57 - 00000000 ____D C:\Users\test\Desktop\Everything
2016-04-26 20:55 - 2016-04-26 20:55 - 00000000 ____D C:\Users\test\AppData\Local\MicrosoftEdge
2016-04-26 20:53 - 2016-04-27 23:00 - 00000000 ___RD C:\Users\test\OneDrive
2016-04-26 20:53 - 2016-04-26 20:53 - 00002374 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-26 20:52 - 2016-04-26 20:52 - 00000000 ____D C:\Users\test\AppData\Local\Comms
2016-04-26 20:50 - 2016-04-26 20:50 - 00000000 ____D C:\Users\test\AppData\Local\ActiveSync
2016-04-26 20:49 - 2016-04-26 20:49 - 00000000 ____D C:\Users\test\AppData\Local\Publishers
2016-04-26 20:48 - 2016-04-27 22:57 - 00000000 ____D C:\Users\test
2016-04-26 20:48 - 2016-04-27 10:52 - 00000000 ____D C:\Users\test\AppData\Local\Google
2016-04-26 20:48 - 2016-04-26 23:26 - 00002346 _____ C:\Users\test\Desktop\Google Chrome.lnk
2016-04-26 20:48 - 2016-04-26 23:16 - 00000000 ____D C:\Users\test\AppData\Local\Packages
2016-04-26 20:48 - 2016-04-26 23:14 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe
2016-04-26 20:48 - 2016-04-26 20:48 - 00000020 ___SH C:\Users\test\ntuser.ini
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 _SHDL C:\Users\test\My Documents
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 _SHDL C:\Users\test\Documents\My Videos
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 _SHDL C:\Users\test\Documents\My Pictures
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 _SHDL C:\Users\test\Documents\My Music
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 ____D C:\Users\test\AppData\Local\VirtualStore
2016-04-26 20:48 - 2016-04-26 20:48 - 00000000 ____D C:\Users\test\AppData\Local\TileDataLayer
2016-04-26 20:46 - 2016-04-26 20:46 - 00002397 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-26 20:46 - 2016-04-26 20:46 - 00000000 ___RD C:\Users\Administrator\OneDrive
2016-04-26 20:43 - 2016-04-26 20:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync
2016-04-26 20:42 - 2016-04-26 20:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2016-04-26 20:41 - 2016-04-26 20:41 - 00002342 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2016-04-26 20:41 - 2016-04-26 20:41 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2016-04-26 20:41 - 2016-04-26 20:41 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2016-04-26 19:23 - 2016-04-27 13:06 - 00000000 ___HD C:\OneDriveTemp
2016-04-26 18:23 - 2016-04-27 17:00 - 01252910 _____ C:\WINDOWS\ntbtlog.txt
2016-04-26 18:20 - 2016-04-26 18:21 - 00591396 _____ C:\WINDOWS\Minidump\042616-28562-01.dmp
2016-04-26 17:55 - 2016-04-26 17:56 - 00506292 _____ C:\WINDOWS\Minidump\042616-31875-01.dmp
2016-04-24 15:07 - 2016-04-24 15:07 - 00044806 _____ C:\Users\Daniel\Desktop\HW14-problems.pdf
2016-04-22 00:44 - 2016-04-22 00:44 - 00416269 _____ C:\Users\test\Downloads\quantum-mech.-and-Hermite-polynomials-Arfken-Weber-6e-Chap13.pdf
2016-04-20 18:25 - 2016-04-20 18:25 - 00002307 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2016-04-20 18:25 - 2016-04-20 18:25 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - fd582bb4-caa2-44a4-9743-b0f4e87a94fd
2016-04-20 17:59 - 2016-04-20 17:59 - 00000279 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2016-04-20 04:47 - 2016-04-20 04:48 - 00671404 _____ C:\WINDOWS\Minidump\042016-36734-01.dmp
2016-04-20 04:22 - 2016-04-20 04:22 - 00347816 _____ (Microsoft Corporation) C:\Users\test\Downloads\MicrosoftFixit.Devices.Run.exe
2016-04-20 04:04 - 2016-04-20 04:05 - 44977016 _____ (NVIDIA Corporation) C:\Users\test\Downloads\GeForce_Experience_v2.11.2.66.exe
2016-04-18 16:10 - 2016-04-20 18:12 - 00027228 _____ C:\Users\Daniel\Desktop\Database.v2.4.18.2016.kdb
2016-04-17 20:13 - 2016-04-17 20:13 - 06062023 _____ C:\Users\test\Downloads\Morin_David_There_once_was_a_Classical_Theory.pdf
2016-04-17 15:51 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-17 15:51 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-17 15:51 - 2016-03-29 03:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-17 15:51 - 2016-03-29 03:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-17 15:51 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-17 15:51 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-17 15:51 - 2016-03-29 02:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-17 15:51 - 2016-03-29 02:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-17 15:51 - 2016-03-29 02:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-17 15:51 - 2016-03-29 02:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-17 15:51 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-17 15:51 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-17 15:51 - 2016-03-29 02:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-17 15:51 - 2016-03-29 01:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-17 15:51 - 2016-03-29 01:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-17 15:51 - 2016-03-29 01:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-17 15:51 - 2016-03-29 01:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-17 15:51 - 2016-03-29 01:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-17 15:51 - 2016-03-29 00:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-17 15:51 - 2016-03-29 00:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-17 15:51 - 2016-03-29 00:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-17 15:50 - 2016-04-01 22:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-17 15:50 - 2016-03-29 05:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-17 15:50 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-17 15:50 - 2016-03-29 03:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-17 15:50 - 2016-03-29 03:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-17 15:50 - 2016-03-29 02:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-17 15:50 - 2016-03-29 02:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-17 15:50 - 2016-03-29 02:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-17 15:50 - 2016-03-29 02:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-17 15:50 - 2016-03-29 02:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-17 15:50 - 2016-03-29 01:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-17 15:50 - 2016-03-29 01:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-17 15:50 - 2016-03-29 01:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-17 15:50 - 2016-03-29 01:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-17 15:50 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-17 15:50 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-17 15:50 - 2016-03-29 01:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-17 15:50 - 2016-03-29 01:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-17 15:50 - 2016-03-29 01:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-17 15:50 - 2016-03-29 00:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-17 15:50 - 2016-03-29 00:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-17 15:50 - 2016-03-29 00:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-17 15:50 - 2016-03-29 00:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-17 15:50 - 2016-03-29 00:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-17 15:50 - 2016-03-29 00:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-17 15:50 - 2016-03-29 00:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-17 15:50 - 2016-03-29 00:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-17 15:50 - 2016-03-29 00:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-17 15:49 - 2016-04-01 23:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-17 15:49 - 2016-04-01 23:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-17 15:49 - 2016-04-01 22:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-17 15:49 - 2016-04-01 22:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-17 15:49 - 2016-04-01 22:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-17 15:49 - 2016-04-01 22:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-17 15:49 - 2016-04-01 22:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-17 15:49 - 2016-04-01 22:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-17 15:49 - 2016-04-01 22:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-17 15:49 - 2016-04-01 22:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-17 15:49 - 2016-04-01 22:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-17 15:49 - 2016-04-01 22:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-17 15:49 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-17 15:49 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-17 15:49 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-17 15:49 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-17 15:49 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-17 15:49 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-17 15:49 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-17 15:49 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-17 15:49 - 2016-03-29 04:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-17 15:49 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-17 15:49 - 2016-03-29 04:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-17 15:49 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-17 15:49 - 2016-03-29 04:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-17 15:49 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-17 15:49 - 2016-03-29 04:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-17 15:49 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-17 15:49 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-17 15:49 - 2016-03-29 03:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-17 15:49 - 2016-03-29 03:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-17 15:49 - 2016-03-29 03:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-17 15:49 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-17 15:49 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-17 15:49 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-17 15:49 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-17 15:49 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-17 15:49 - 2016-03-29 02:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-17 15:49 - 2016-03-29 02:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-17 15:49 - 2016-03-29 02:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-17 15:49 - 2016-03-29 02:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-17 15:49 - 2016-03-29 02:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-17 15:49 - 2016-03-29 02:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-17 15:49 - 2016-03-29 02:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-17 15:49 - 2016-03-29 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-17 15:49 - 2016-03-29 02:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-17 15:49 - 2016-03-29 02:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-17 15:49 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-17 15:49 - 2016-03-29 02:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-17 15:49 - 2016-03-29 02:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-17 15:49 - 2016-03-29 02:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-17 15:49 - 2016-03-29 02:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-17 15:49 - 2016-03-29 02:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-17 15:49 - 2016-03-29 02:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-17 15:49 - 2016-03-29 02:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-17 15:49 - 2016-03-29 02:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-17 15:49 - 2016-03-29 02:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-17 15:49 - 2016-03-29 02:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-17 15:49 - 2016-03-29 02:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-17 15:49 - 2016-03-29 02:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-17 15:49 - 2016-03-29 02:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-17 15:49 - 2016-03-29 02:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-17 15:49 - 2016-03-29 02:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-17 15:49 - 2016-03-29 02:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-17 15:49 - 2016-03-29 02:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-17 15:49 - 2016-03-29 02:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-17 15:49 - 2016-03-29 02:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-17 15:49 - 2016-03-29 02:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-17 15:49 - 2016-03-29 02:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-17 15:49 - 2016-03-29 02:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-17 15:49 - 2016-03-29 02:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-17 15:49 - 2016-03-29 02:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-17 15:49 - 2016-03-29 02:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-17 15:49 - 2016-03-29 02:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-17 15:49 - 2016-03-29 02:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-17 15:49 - 2016-03-29 02:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-17 15:49 - 2016-03-29 02:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-17 15:49 - 2016-03-29 01:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-17 15:49 - 2016-03-29 01:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-17 15:49 - 2016-03-29 01:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-17 15:49 - 2016-03-29 01:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-17 15:49 - 2016-03-29 01:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-17 15:49 - 2016-03-29 01:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-17 15:49 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-17 15:49 - 2016-03-29 01:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-17 15:49 - 2016-03-29 01:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-17 15:49 - 2016-03-29 01:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-17 15:49 - 2016-03-29 01:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-17 15:49 - 2016-03-29 01:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-17 15:49 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-17 15:49 - 2016-03-29 01:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-17 15:49 - 2016-03-29 01:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-17 15:49 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-17 15:49 - 2016-03-29 01:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-17 15:49 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-17 15:49 - 2016-03-29 01:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-17 15:49 - 2016-03-29 01:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-17 15:49 - 2016-03-29 01:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-17 15:49 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-17 15:49 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-17 15:49 - 2016-03-29 01:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-17 15:49 - 2016-03-29 01:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-17 15:49 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-17 15:49 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-17 15:49 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-17 15:49 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-17 15:49 - 2016-03-29 01:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-17 15:49 - 2016-03-29 01:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-17 15:49 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-17 15:49 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-17 15:49 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-17 15:49 - 2016-03-29 01:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-17 15:49 - 2016-03-29 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-17 15:49 - 2016-03-29 01:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-17 15:49 - 2016-03-29 01:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-17 15:49 - 2016-03-29 00:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-17 15:49 - 2016-03-29 00:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-17 15:49 - 2016-03-29 00:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-17 15:49 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-17 15:49 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-17 15:49 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-17 15:49 - 2016-03-29 00:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-17 15:49 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-17 15:48 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-17 15:48 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-17 15:48 - 2016-04-01 22:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-17 15:48 - 2016-04-01 22:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-17 15:48 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-17 15:48 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-17 15:48 - 2016-04-01 22:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-17 15:48 - 2016-04-01 22:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-17 15:48 - 2016-04-01 22:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-17 15:48 - 2016-04-01 22:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-17 15:48 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-17 15:48 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-17 15:48 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-17 15:48 - 2016-03-29 04:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-17 15:48 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-17 15:48 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-17 15:48 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-17 15:48 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-17 15:48 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-17 15:48 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-17 15:48 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-17 15:48 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-17 15:48 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-17 15:48 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-17 15:48 - 2016-03-29 03:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-17 15:48 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-17 15:48 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-17 15:48 - 2016-03-29 03:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-17 15:48 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-17 15:48 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-17 15:48 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-17 15:48 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-17 15:48 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-17 15:48 - 2016-03-29 03:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-17 15:48 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-17 15:48 - 2016-03-29 02:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-17 15:48 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-17 15:48 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-17 15:48 - 2016-03-29 02:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-17 15:48 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-17 15:48 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-17 15:48 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-17 15:48 - 2016-03-29 02:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-17 15:48 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-17 15:48 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-17 15:48 - 2016-03-29 02:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-17 15:48 - 2016-03-29 02:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-17 15:48 - 2016-03-29 02:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-17 15:48 - 2016-03-29 02:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-17 15:48 - 2016-03-29 02:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-17 15:48 - 2016-03-29 02:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-17 15:48 - 2016-03-29 02:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-17 15:48 - 2016-03-29 02:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-17 15:48 - 2016-03-29 02:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-17 15:48 - 2016-03-29 02:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-17 15:48 - 2016-03-29 02:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-17 15:48 - 2016-03-29 02:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-17 15:48 - 2016-03-29 02:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-17 15:48 - 2016-03-29 02:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-17 15:48 - 2016-03-29 02:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-17 15:48 - 2016-03-29 02:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-17 15:48 - 2016-03-29 02:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-17 15:48 - 2016-03-29 02:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-17 15:48 - 2016-03-29 02:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-17 15:48 - 2016-03-29 02:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-17 15:48 - 2016-03-29 02:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-17 15:48 - 2016-03-29 02:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-17 15:48 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-17 15:48 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-17 15:48 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-17 15:48 - 2016-03-29 02:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-17 15:48 - 2016-03-29 02:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-17 15:48 - 2016-03-29 02:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-17 15:48 - 2016-03-29 02:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-17 15:48 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-17 15:48 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-17 15:48 - 2016-03-29 02:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-17 15:48 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-17 15:48 - 2016-03-29 02:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-17 15:48 - 2016-03-29 02:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-17 15:48 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-17 15:48 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-17 15:48 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-17 15:48 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-17 15:48 - 2016-03-29 02:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-17 15:48 - 2016-03-29 02:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-17 15:48 - 2016-03-29 02:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-17 15:48 - 2016-03-29 01:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-17 15:48 - 2016-03-29 01:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-17 15:48 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-17 15:48 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-17 15:48 - 2016-03-29 01:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-17 15:48 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-17 15:48 - 2016-03-29 01:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-17 15:48 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-17 15:48 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-17 15:48 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-17 15:48 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-17 15:48 - 2016-03-29 01:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-17 15:48 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-17 15:48 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-17 15:48 - 2016-03-29 01:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-17 15:48 - 2016-03-29 01:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-17 15:48 - 2016-03-29 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-17 15:48 - 2016-03-29 01:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-17 15:48 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-17 15:48 - 2016-03-29 01:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-17 15:48 - 2016-03-29 01:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-17 15:48 - 2016-03-29 01:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-17 15:48 - 2016-03-29 01:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-17 15:48 - 2016-03-29 01:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-17 15:48 - 2016-03-29 00:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-17 15:48 - 2016-03-29 00:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-17 15:48 - 2016-03-29 00:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-17 15:48 - 2016-03-29 00:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-17 15:48 - 2016-03-29 00:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-17 15:48 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-17 15:48 - 2016-03-29 00:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-17 15:20 - 2016-04-17 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-17 15:20 - 2016-04-17 15:20 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-16 23:53 - 2016-04-17 16:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2016-04-16 23:52 - 2016-04-16 23:52 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-16 22:45 - 2016-04-17 00:23 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-14 22:12 - 2016-04-17 17:02 - 00000000 ____D C:\Users\Daniel\Desktop\minidump
2016-04-14 18:04 - 2016-04-14 18:04 - 00003078 _____ C:\Users\test\Downloads\Load Order Help.txt
2016-04-12 13:58 - 2016-04-12 13:58 - 00000000 ____D C:\Users\test\Documents\Diablo II
2016-04-05 18:29 - 2016-04-05 18:31 - 120421344 _____ (Oracle Corporation) C:\Users\test\Downloads\VirtualBox-5.0.16-105871-Win.exe
2016-04-05 13:30 - 2016-04-05 13:30 - 00000000 ____D C:\Users\test\Documents\Dolphin Emulator

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 12:13 - 2015-04-29 00:36 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 11:28 - 2015-05-12 21:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-27 23:13 - 2015-04-29 00:36 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-27 23:05 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-27 22:57 - 2015-12-01 17:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-27 22:57 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-04-27 22:57 - 2015-10-30 01:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-04-27 22:55 - 2015-12-01 17:37 - 00000000 ____D C:\Users\Administrator
2016-04-27 16:42 - 2015-10-31 17:21 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-27 16:39 - 2015-12-27 13:41 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-27 16:39 - 2015-04-20 00:41 - 852341661 _____ C:\WINDOWS\MEMORY.DMP
2016-04-27 16:17 - 2015-12-01 17:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-27 15:47 - 2015-06-24 18:46 - 00000000 ____D C:\ProgramData\Oracle
2016-04-27 15:47 - 2015-06-24 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-27 15:47 - 2015-06-24 18:46 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-27 15:46 - 2015-09-05 21:48 - 00000000 ____D C:\Users\test\.oracle_jre_usage
2016-04-27 15:46 - 2015-06-24 18:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-27 14:08 - 2015-08-20 18:39 - 00000000 ____D C:\Program Files (x86)\Diablo II
2016-04-27 13:58 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-27 13:58 - 2015-08-06 14:54 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 13:35 - 2015-06-02 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Local\LogMeIn Rescue Applet
2016-04-27 13:06 - 2015-06-05 05:31 - 00000000 __RDO C:\Users\Daniel\OneDrive
2016-04-27 11:00 - 2015-10-22 18:53 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0FCEC00C-4559-4719-B6C4-0430AFB02495}
2016-04-27 00:28 - 2015-07-13 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2016-04-26 23:16 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-26 22:36 - 2015-12-01 17:37 - 00000000 ____D C:\Users\Daniel
2016-04-26 21:13 - 2015-09-15 20:57 - 00000000 ____D C:\Users\test\3D Objects
2016-04-26 21:08 - 2012-11-22 02:05 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-04-26 20:48 - 2013-04-23 07:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-26 19:27 - 2015-08-30 22:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\LogMeIn Hamachi
2016-04-26 12:47 - 2015-04-20 01:02 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2016-04-24 14:28 - 2015-08-12 21:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mumble
2016-04-23 20:14 - 2015-04-21 02:26 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-22 22:33 - 2015-08-06 15:04 - 00002380 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-22 02:57 - 2015-04-29 00:23 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 23:29 - 2015-12-16 14:33 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2016-04-21 23:29 - 2015-08-20 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Battle.net
2016-04-21 23:28 - 2015-08-20 19:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-04-20 21:14 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-20 19:09 - 2015-08-06 15:07 - 00000000 ____D C:\Users\Daniel\AppData\Local\MicrosoftEdge
2016-04-20 17:57 - 2015-12-29 15:44 - 00000000 ____D C:\Users\Daniel\Desktop\Everything
2016-04-20 17:33 - 2014-08-05 14:54 - 00000000 ____D C:\Users\Daniel\Desktop\Games
2016-04-20 15:42 - 2014-06-15 01:40 - 00000000 __SHD C:\Users\Daniel\IntelGraphicsProfiles
2016-04-20 04:02 - 2016-03-04 11:55 - 00000000 ___RD C:\Users\test\Documents\Scanned Documents
2016-04-20 03:49 - 2015-04-20 07:05 - 00007891 _____ C:\WINDOWS\BRRBCOM.INI
2016-04-19 02:20 - 2015-08-20 18:51 - 00019910 _____ C:\WINDOWS\DIIUnin.dat
2016-04-18 20:30 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-18 20:29 - 2015-04-20 03:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-18 16:59 - 2015-12-01 17:28 - 04897376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 16:55 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 16:55 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-18 16:55 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-18 16:55 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-17 21:13 - 2015-04-29 00:37 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-17 18:29 - 2016-02-24 12:17 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-04-17 18:03 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-04-17 18:03 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-17 18:03 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-17 18:02 - 2015-12-01 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-04-17 18:02 - 2015-12-01 17:34 - 00000000 ____D C:\WINDOWS\system32\NV
2016-04-17 18:02 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-04-17 18:02 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-04-17 18:02 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\System
2016-04-17 18:02 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-17 18:02 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Globalization
2016-04-17 18:02 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-17 18:02 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\servicing
2016-04-17 18:02 - 2015-04-20 04:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2016-04-17 18:01 - 2015-10-31 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-17 18:01 - 2015-08-20 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Battle.net
2016-04-17 18:01 - 2015-04-20 03:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\KeePass
2016-04-17 18:01 - 2015-04-20 01:05 - 00000000 ____D C:\Users\Daniel\AppData\Local\Micro-Star_International_
2016-04-17 18:01 - 2012-12-07 08:55 - 00000000 ___HD C:\SuperChargerProfile
2016-04-17 17:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration
2016-04-17 17:46 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\SystemResources
2016-04-17 17:41 - 2015-12-01 17:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-17 17:41 - 2015-08-20 19:07 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-04-17 17:40 - 2015-12-01 17:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-17 17:40 - 2015-05-04 19:05 - 00000000 __RHD C:\MSOCache
2016-04-17 16:41 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-17 16:39 - 2015-04-22 23:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-17 16:34 - 2015-04-22 23:10 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-17 15:21 - 2015-10-31 17:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA
2016-04-17 00:14 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-17 00:07 - 2015-04-20 01:59 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics
2016-04-16 23:22 - 2015-04-20 04:01 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2016-04-12 13:53 - 2014-04-21 19:26 - 00000000 ____D C:\Users\test\.VirtualBox
2016-04-09 22:28 - 2014-04-21 21:27 - 00000000 ____D C:\Users\test\VirtualBox VMs
2016-04-09 12:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-06 13:32 - 2015-10-30 02:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 13:32 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 18:59 - 2015-08-20 19:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Blizzard Entertainment
2016-03-31 19:34 - 2015-05-12 21:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

==================== Files in the root of some directories =======

2005-03-21 14:41 - 2005-03-21 14:41 - 0012793 _____ () C:\Program Files\How To Install.html
2005-02-25 15:37 - 2005-02-25 15:37 - 0157035 _____ () C:\Program Files\LegalNotices.pdf
2005-02-22 14:31 - 2005-02-22 14:31 - 0142049 _____ () C:\Program Files\Photoshop At A Glance.pdf
2005-02-22 14:32 - 2005-02-22 14:32 - 2723276 _____ () C:\Program Files\Photoshop New Features.pdf
2005-02-23 12:24 - 2005-02-23 12:24 - 0002773 _____ () C:\Program Files\Read Me First.html

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Daniel\AppData\Local\Temp\Nexus Mod Manager-0.61.5.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\btmhsf.sys

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-19 18:02

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by test (2016-04-28 12:48:00)
Running from C:\Users\test\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-01 23:06:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1154547124-2327209256-1540992038-500 - Administrator - Enabled) => C:\Users\Administrator
Daniel (S-1-5-21-1154547124-2327209256-1540992038-1002 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-1154547124-2327209256-1540992038-503 - Limited - Disabled)
Guest (S-1-5-21-1154547124-2327209256-1540992038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1154547124-2327209256-1540992038-1009 - Limited - Enabled)
test (S-1-5-21-1154547124-2327209256-1540992038-1011 - Administrator - Enabled) => C:\Users\test

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1211.2901 - Micro-Star International Co., Ltd.)
Corsair M95 Firmware Update Application (HKLM-x32\...\{4E44154D-0699-4D6C-996F-66D47B9A40D2}_is1) (Version:  - )
Corsair M95 Gaming Mouse Driver V1.0 (HKLM-x32\...\{9C9EA6B0-2138-4111-BF26-9D0D40D12C0F}_is1) (Version: 1.00.00.14 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D4: Dark Dreams Don't Die (HKLM-x32\...\Steam App 358090) (Version:  - Access Games)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
ELAN Touchpad 15.13.1.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.1.1 - ELAN Microelectronic Corp.)
FOMM 0.14.11.12 (HKLM-x32\...\{072C2AEF-16B2-46B7-BA7F-D0CAA7B4F89F}_is1) (Version:  - Prideslayer)
Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251) (Version: 1.0.7112.20593 - ENE TECHNOLOGY INC.)
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
KLM (HKLM-x32\...\InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}) (Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.)
KLM (x32 Version: 1.0.1112.1901 - Micro-Star International Co., Ltd.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
MSI VGA Overclock Tool (HKLM-x32\...\{26C18D1A-CA42-4682-8CBA-98929848278A}) (Version: 12.06.0601 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.5 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.1 - Notepad++ Team)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.437 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.437 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 -  )
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.02 - Creative Technology Limited)
Tomb Raider I (HKLM-x32\...\Steam App 224960) (Version:  - Core Design)
USB GamePad (HKLM-x32\...\{B8CDAD75-96FB-48A5-A2AE-6515DDEB7BFA}) (Version: 3.85 - My Company Name)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Windows Driver Package - Intel (NETwNe64) net  (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wolfram Extras 10.1 (5292844) (HKLM\...\A-WIN-Extras 10.1.0 5292844_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.1 (M-WIN-L 10.1.0 5292918) (HKLM\...\M-WIN-L 10.1.0 5292918_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
フォト ギャラリー (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1154547124-2327209256-1540992038-1011_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\test\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {28004699-7A08-408C-A640-DD9AA796C826} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {31700F4E-90BE-4F40-A816-D59F49804FF4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3626EF2E-E8B1-47F8-AAAF-5BB10003F6D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {44D7ACB1-DDF1-45AE-BB43-86CE8FC74B6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A29F4A8-8282-4002-AEB7-F28D3168FE00} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {704FD003-4791-4D1F-8AF2-1D77D3AD340C} - System32\Tasks\{470C1EDF-11A6-421F-9681-E6DEBAB0ED98} => pcalua.exe -a "D:\Warcraft III\Frozen Throne.exe" -d "D:\Warcraft III"
Task: {7472CF23-05E6-4DC6-854B-929156282E34} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {95EB8A2E-44E0-4484-8501-407E877D74D5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AC2606B5-5B7D-4F39-B879-B8D80E06E871} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {ACEF0DD9-5C82-4EFF-8E9A-288A676F7B92} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B7D68DF5-551D-4A1C-A0E4-9871264F6434} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C4DB10D2-8782-4068-AD13-40FA7F25E9F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C8F99298-F44E-4688-9F07-03BAE63B25C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC2ADB12-4905-446F-BE6D-5DDBC5EF5CEB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {EC69054D-BFF3-41A6-8FEC-9E51698E9AF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)
Task: {ECBB511E-57AB-49E4-8E34-AF46876B3A7A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EEC1B478-E503-4E80-BBE2-C3230853F6D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EEDEE7C5-06D1-4B91-95A4-FF8470F162C1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F34074F6-EF17-44F9-80F2-41F793EE4E36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:17 - 2015-10-30 02:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-31 18:58 - 2015-10-31 18:58 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-20 03:36 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-04-17 15:50 - 2016-03-29 05:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-17 15:50 - 2016-03-29 05:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-26 20:53 - 2016-04-26 20:53 - 00959176 _____ () C:\Users\test\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2015-10-30 11:26 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-12-20 01:45 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-17 15:48 - 2016-04-01 22:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-18 16:03 - 2016-04-18 16:03 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-29 13:43 - 2016-03-29 13:44 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 13:43 - 2016-03-29 13:44 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 10:00 - 2016-03-04 10:00 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-01 21:50 - 2016-02-23 02:32 - 03516416 _____ () C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlUI.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 06068224 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\a3963b34f3c2705c9a4ec3c65693f26d\Windows.UI.Xaml.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 04276736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\d2b7c683dc1e85d376103d969fcf24f2\Windows.ApplicationModel.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 00497664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\a55d1aa8413de7ec76aab7958a344629\Windows.Foundation.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 01188864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\495026780e3eeff85a4e2a24198284dc\Windows.Storage.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 01984000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\564d874ace25597626a9aecb0da44971\Windows.UI.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 00302080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\0f0001e0746c2a7fef9c62151dadc1a7\Windows.Globalization.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 00475136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\c06b0147cf63754b64415c76f8813bda\Windows.Data.ni.dll
2016-04-18 21:49 - 2016-04-18 21:49 - 01244672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Web\fe12241f6ccb1bd96516a0a8160693c1\Windows.Web.ni.dll
2016-03-04 10:00 - 2016-03-04 10:00 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1603.12020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-09 17:28 - 2016-03-09 17:28 - 10244608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-04-17 15:49 - 2016-04-01 22:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-17 15:49 - 2016-04-01 21:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-17 15:49 - 2016-04-01 21:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-17 15:50 - 2016-04-01 22:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-26 20:53 - 2016-04-26 20:53 - 00679624 _____ () C:\Users\test\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-02-23 15:16 - 2016-02-23 15:16 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-02-26 15:43 - 2016-02-26 15:43 - 21848248 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-12-18 10:42 - 2015-12-18 10:42 - 50708664 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2016-04-17 21:13 - 2016-04-06 05:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-17 21:13 - 2016-04-06 05:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-10-31 18:58 - 2015-10-31 18:58 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-04-18 16:03 - 2016-04-18 16:03 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 16:03 - 2016-04-18 16:04 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
AlternateDataStreams: C:\Users\test\Downloads\download.htm:$CmdZnID [26]
AlternateDataStreams: C:\Users\test\Downloads\flux-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\test\Downloads\flux-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\test\Downloads\gettin+turnt.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\test\Downloads\Souryuu.Asuka.Langley.full.1345484.jpg:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_fd582bb4-caa2-44a4-9743-b0f4e87a94fd => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1154547124-2327209256-1540992038-1011\Control Panel\Desktop\\Wallpaper -> C:\Users\test\Pictures\backgrounds 2\yolo.png
DNS Servers: 66.90.139.210 - 66.90.130.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: CLKMSVC10_38F51D56 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMIRescue_fd582bb4-caa2-44a4-9743-b0f4e87a94fd => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Micro Star SCM => 2
MSCONFIG\Services: MSI_SuperCharger => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: Qualcomm Atheros Killer Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Corsair Duke"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B3ED3741-AB02-4D5E-BB04-6161C326812C}] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{1F79558A-297D-4D88-9CC2-0E6839F45567}] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [UDP Query User{66F758FE-9A63-4225-8BE2-5663BFDD5E41}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [TCP Query User{42D60396-36AC-4763-8D50-573CD5A4B313}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{98F96AF1-C2F4-4C06-9574-3B397C4D440F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BBD77970-42A5-40D5-B4E4-426A2809B588}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F70C4AF5-FE6E-451A-8B86-6B261A95D004}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{91106829-69AB-4783-A280-5B1CBB78CFA3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{CF0EEBB4-F20D-4E4A-88C5-56DCCB141BD1}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A91C6B28-0F9C-42AC-8BF7-0DBAC3091079}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{45157957-BDAA-45A2-A57B-6B427FD27E2F}] => (Block) C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F12416D9-67AA-4A6D-B40C-F764AA1FC11D}] => (Block) C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{394FF65E-7206-4DF4-AB49-F8D74AD61DD7}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{A8D36390-0392-457F-8608-EDADBDFCA3F9}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [{2DDA23A7-C72C-410D-ABB5-45DA08049633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BBBBEA81-05EE-4B12-AA04-1CF290043B03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{9E96A0AD-9F50-4760-BF37-D62B1D53D21A}C:\users\daniel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{168ACE6E-E6E1-4E44-BA72-51C5EE9D8656}C:\users\daniel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F21AD35A-7251-43AF-8663-365AB0C529D5}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{E0167023-0A9E-47CF-8CE2-8E015EFB04F3}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{56D45A07-31AE-4F26-9D0A-96E9B35D9B24}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{EF272A7F-69E9-4FF2-8797-058D9E2E345D}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{7C6477DE-A6BC-4BF3-9A45-7D52BB3618D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CB6C58C8-4D86-4891-9BBD-1419762F6896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{DF4ECA05-4AA2-4061-A5DC-AD6974E3FD80}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{7FB6FCB8-4015-42BC-95AF-BB6D7669D0A3}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{6E1F33D1-C18A-495B-9BF6-B30D567E7AA9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{06C14525-B281-4A94-B948-4B3BDDAED9D9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{0242F370-1309-45A4-9F63-9D479E717928}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{5913F5E1-5BCA-4C69-8194-C2DA5E5C1BC4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{3086FA70-2D3D-48CF-987F-9109244FB550}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{D5F47950-7DE9-45C6-B847-1D21AFF5283F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{4706504C-7F41-4D3E-898B-14B5B06B7D4C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{5F7F689D-16A9-4E4A-BFAB-FAD7895A64D1}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{2CC922B2-D6D1-4BFB-95D0-7E7D4F0EB5F0}C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{EF8B1405-6616-40E5-BC99-60F45387ED70}C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe
FirewallRules: [{D1A58F79-06B0-4496-8E4E-8A70AC8D9132}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{43641F06-7152-4608-AC77-3653B7E91976}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{B82F64E6-0C20-451C-8A60-8C9FACE5B124}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{56A625AE-89B9-4D24-8495-6D79FDBD20FE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{C6D5CB13-66A5-4484-9936-23F3302FD20E}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{CE19EBD6-4C20-498C-BAB2-E9D8D3C2F978}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{0752C1BD-C2A2-4586-84D4-6860DE4C0FE0}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{D675960A-A299-42B9-B475-C31D50B46BBF}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{BD6B1239-07DE-4F2D-AC91-5BDDFD47280C}] => (Allow) C:\Program Files (x86)\Mumble\mumble.exe
FirewallRules: [{306156BF-C856-43A4-A88A-A34FD9CC45FF}] => (Allow) C:\Program Files (x86)\Mumble\mumble.exe
FirewallRules: [{5104163D-A35B-4C40-98E2-54DF3290D5F0}] => (Allow) C:\Program Files (x86)\Mumble\mumble.exe
FirewallRules: [{D3347CF6-35EC-4E56-876D-8BB3CD7C9AAD}] => (Allow) C:\Program Files (x86)\Mumble\mumble.exe
FirewallRules: [TCP Query User{EB2746F5-8FDC-4CC8-9E90-556C420A4C60}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [UDP Query User{E6DCA928-BA27-4F55-A08D-55ED2136DD0E}C:\program files (x86)\diablo ii\game.exe] => (Allow) C:\program files (x86)\diablo ii\game.exe
FirewallRules: [{7FF3B549-3BCF-4A34-96D1-82EE6B9E4BC8}] => (Allow) C:\Program Files (x86)\Diablo II\Diablo II.exe
FirewallRules: [{746635A2-D716-4C51-A7DC-DAA42A56A1C0}] => (Allow) C:\Program Files (x86)\Diablo II\Diablo II.exe
FirewallRules: [{5A58A1F1-85AE-4683-9748-93E37A55F2F2}] => (Allow) C:\Program Files (x86)\Diablo II\Diablo II.exe
FirewallRules: [{AA44DA63-BB24-4511-BBD0-DAC0C5191CDA}] => (Allow) C:\Program Files (x86)\Diablo II\Diablo II.exe
FirewallRules: [TCP Query User{56DCD428-A5BE-4B78-BCF8-7D39C0FF6CA6}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{B6592081-2080-4A0E-962C-FEE8C68AFC5D}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{D9CEAD75-6B6E-4D68-9A56-9D50F315FF12}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{87B47559-2678-4D47-87AC-4FF233CE5F7B}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [{1D692EF3-41CC-4956-BB46-539185D53E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\D4 Dark Dreams Don't Die\D4.exe
FirewallRules: [{537C49DE-47A4-4919-9737-AF190B4DB402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\D4 Dark Dreams Don't Die\D4.exe
FirewallRules: [{EAE991AB-CA6E-415A-A2E2-2D3FF0A6D09A}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{724E6E62-2E9E-4277-9715-8F5167C7110C}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E13777A-15EA-4123-AC5F-DAAA0E456616}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6CE439A3-93C0-4E9D-8BE5-176FA8F7C697}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E74D34A-6AD1-4A27-9500-1677DD9727B8}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2DACD018-137E-4296-912D-4A1729222F35}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{0C2E795E-8F1D-44C9-ADFF-4B4D84D97941}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [UDP Query User{98AC7884-CFB4-415C-8386-B00E36DFD7F9}C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{4F539D89-B3B6-4170-A8A7-E1F2238AE062}] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{2B96F171-FD87-4CAE-9BA7-54ECFF1D03A7}] => (Block) C:\users\daniel\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{EBCC3EAF-A851-44ED-8323-9387C2BFE343}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{0007FCFA-1F71-4778-88D6-36AC851FBFED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{C31650FC-6257-4B91-B30C-97016303715D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-04-2016 18:36:27 Windows Update
16-04-2016 22:46:09 Removed NVIDIA PhysX
17-04-2016 00:18:04 Restore Operation
17-04-2016 15:53:14 Post- system restore. computer stable 4/17/2016
18-04-2016 16:40:58 Stable point - before windows updates / nvidia updates.
20-04-2016 04:10:12 Pre-Attempt #2 to update nVidia
23-04-2016 20:22:24 post-fan cleaning
23-04-2016 20:35:18 post fan clean
26-04-2016 13:59:05 pre-attempt #2 to install nvidia drivers/geforce stuff
27-04-2016 12:20:21 post moving over to other user profile - test - pre delete dani

==================== Faulty Device Manager Devices =============

Name: Microsoft Basic Display Adapter
Description: Microsoft Basic Display Adapter
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2016 08:41:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume OS_Install (C:) was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (04/27/2016 09:59:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel)
Description: Activation of app Microsoft.WindowsAlarms_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/27/2016 04:43:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel)
Description: Activation of app Microsoft.Getstarted_3.5.11.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/27/2016 04:43:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel)
Description: Activation of app windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy:microsoft.windows.immersivecontrolpanel failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/27/2016 04:35:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/27/2016 01:05:34 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program pcsx2-r5875.exe because of this error.

Program: pcsx2-r5875.exe
File: 

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (04/27/2016 01:05:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcsx2-r5875.exe, version: 0.0.0.0, time stamp: 0x52ef990f
Faulting module name: gsdx32-avx2-r5875.dll, version: 1.0.1.9, time stamp: 0x53a1e601
Exception code: 0xc000001d
Fault offset: 0x000010c9
Faulting process id: 0x17d0
Faulting application start time: 0xpcsx2-r5875.exe0
Faulting application path: pcsx2-r5875.exe1
Faulting module path: pcsx2-r5875.exe2
Report Id: pcsx2-r5875.exe3
Faulting package full name: pcsx2-r5875.exe4
Faulting package-relative application ID: pcsx2-r5875.exe5

Error: (04/27/2016 12:59:49 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program pcsx2-r5875.exe because of this error.

Program: pcsx2-r5875.exe
File: 

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (04/27/2016 12:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcsx2-r5875.exe, version: 0.0.0.0, time stamp: 0x52ef990f
Faulting module name: gsdx32-avx2-r5875.dll, version: 1.0.1.9, time stamp: 0x53a1e601
Exception code: 0xc000001d
Fault offset: 0x000010c9
Faulting process id: 0xd2c
Faulting application start time: 0xpcsx2-r5875.exe0
Faulting application path: pcsx2-r5875.exe1
Faulting module path: pcsx2-r5875.exe2
Report Id: pcsx2-r5875.exe3
Faulting package full name: pcsx2-r5875.exe4
Faulting package-relative application ID: pcsx2-r5875.exe5

Error: (04/27/2016 12:53:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (04/28/2016 12:57:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/27/2016 10:57:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (04/27/2016 10:57:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsUnavailable{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (04/27/2016 10:57:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/27/2016 10:56:59 PM) (Source: DCOM) (EventID: 10005) (User: Daniel)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/27/2016 10:56:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (04/27/2016 10:56:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (04/27/2016 10:56:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068

Error: (04/27/2016 10:56:53 PM) (Source: DCOM) (EventID: 10005) (User: Daniel)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (04/27/2016 10:56:53 PM) (Source: DCOM) (EventID: 10005) (User: Daniel)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


CodeIntegrity:
===================================
  Date: 2016-04-23 23:32:18.284
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-23 20:18:15.810
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-21 22:40:03.861
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 16:33:39.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 04:42:59.719
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 04:11:55.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-18 17:00:28.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-18 16:02:09.333
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-17 11:30:27.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-16 23:57:01.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 16275.58 MB
Available physical RAM: 10947.79 MB
Total Virtual: 18707.58 MB
Available Virtual: 12251.15 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:676.09 GB) (Free:169.44 GB) NTFS
Drive d: (The Big ) (Fixed) (Total:698.51 GB) (Free:678.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8A440388)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • 1 month later...

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.
Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.