Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

http://ɴ.net/proxy.pac appearing in Windows 10 Proxy settings


  • Please log in to reply
5 replies to this topic

#1 kingmustard

kingmustard

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:02:39 AM

Posted 08 May 2016 - 03:58 PM

Attached File  eb_win10proxy-1.png   37.74KB   0 downloads

 

Malwarebytes Anti-Malware Home (Premium) didn't find anything.

 

Any ideas?

 

EDIT: Emsisoft Emergency Kit seemed to have found something very relevant. I deleted the file and restarted but it keeps appearing in 'Automatic proxy setup' :/

 

Attached File  eb_win10proxy-2.png   17.41KB   0 downloads


Edited by kingmustard, 08 May 2016 - 04:10 PM.


BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 AM

Posted 08 May 2016 - 06:16 PM

Hello kingmustard and Welcome to the BleepingComputer. :welcome:
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
  
Do you use any VPN software?=

============================

Please do the following:

 

İnternet explorer:

Internet Explorer 9, 10 and 11 (Win) - Clearing Cache and Cookies
https://kb.wisc.edu/page.php?id=15141
Next >>
How to reset Internet Explorer settings
https://support.microsoft.com/en-us/kb/923737

 

================================================================

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure the following option is checked: addition.png
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Sincerely  . :hello:

 

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 kingmustard

kingmustard
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:02:39 AM

Posted 09 May 2016 - 11:03 AM

Hi olgun52,

 

I do not use any VPN software.

 

Farbar Recovery Scan Tool log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-05-2016
Ran by Elliot (administrator) on ELLIOT-PC (09-05-2016 16:59:16)
Running from E:\Desktop
Loaded Profiles: Elliot (Available Profiles: Elliot)
Platform: Windows 10 Pro Insider Preview Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> Memory Compression
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Vorlan Group, Inc.) C:\Muzecast\Vorlan.HomeDJ.WinSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Vorlan Group, Inc.) C:\Muzecast\Vorlan.HomeDJ.Server.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE16\CSISYNCCLIENT.EXE
() C:\Muzecast\MusicMagicServer.exe
(Google, Inc) C:\Users\Elliot\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
() C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\DFX\DFX.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
() C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
() C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
() C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
(Vorlan Group, Inc.) C:\Muzecast\Vorlan.HomeDJ.SysTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(TuneIn) E:\WindowsApps\TuneIn.TuneInRadio_3.0.1716.0_x64__6bhtb546zcxnj\TuneIn.exe
(Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.428.23090.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-03-16] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1328632 2015-12-04] ()
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6536008 2016-04-22] (Plex, Inc.)
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [2926800 2015-01-27] ()
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [52142720 2016-04-29] (Skype Technologies S.A.)
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Run: [Google Update] => C:\Users\Elliot\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-04-30] (Google Inc.)
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Run: [Google Photos Backup] => C:\Users\Elliot\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
Startup: C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Messenger.lnk [2016-04-30]
ShortcutTarget: Messenger.lnk -> C:\Program Files (x86)\Messenger for Desktop\Messenger.exe ()
Startup: C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Muzecast Tray.lnk [2016-05-03]
ShortcutTarget: Muzecast Tray.lnk -> C:\Muzecast\Vorlan.HomeDJ.SysTray.exe (Vorlan Group, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM-x32] => hxxp://xn--koa.net/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{db1e56a0-b76b-47b0-b2e6-e2aae1821546}: [DhcpNameServer] 192.168.1.254
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\S-1-5-21-797883273-1019165388-3601654479-1001 -> {1FEA31A0-2E7E-42E3-B73A-FD6B5AC7C177} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-797883273-1019165388-3601654479-1001 -> hxxp://www.google.com/
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-797883273-1019165388-3601654479-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Elliot\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-797883273-1019165388-3601654479-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Elliot\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-30] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (Home Button At Top Right) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfejcgpdahgpmgadhgdadfiekmhgnifm [2016-04-29]
CHR Extension: (YouTube) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (ImprovedTube - YouTube Extension) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2016-04-29]
CHR Extension: (Content menu 'Open link in IE tab') - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cepflbjhkkhegamaeacdddihaphhgmci [2016-04-30]
CHR Extension: (uBlock Origin) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-02]
CHR Extension: (Quidco Cashback Reminder) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\elfdpdgmnodokhbiabbcjabmhpdajcog [2016-04-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Gmail) - C:\Users\Elliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 FrameServer; C:\Windows\system32\FrameServer.dll [318464 2016-03-19] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [59392 2016-03-19] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1794000 2016-03-17] (Micro-Star INT'L CO., LTD.)
R2 Muzecast Service; C:\Muzecast\Vorlan.HomeDJ.WinSrv.exe [864240 2016-04-12] (Vorlan Group, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-05-07] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-05-07] ()
S3 Sense; C:\Program Files\Windows Advanced Threat Protection\MsSense.exe [4437184 2016-03-19] (Microsoft Corporation)
R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7031056 2016-05-02] (TeamViewer GmbH)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [341504 2016-03-19] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [341504 2016-03-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [329032 2016-03-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [12992 2016-03-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [352256 2016-03-19] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 clreg; C:\Windows\System32\drivers\registry.sys [69120 2016-03-19] (Microsoft Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [541672 2015-11-24] (Intel Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [67400 2016-03-19] (Microsoft Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [83768 2016-01-23] (Windows (R) Win 7 DDK provider)
R3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [281400 2016-01-23] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [26624 2016-03-19] (Microsoft Corporation)
R0 lxss; C:\Windows\System32\drivers\lxss.sys [11080 2016-03-19] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204032 2016-01-19] (Intel Corporation)
S3 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [151880 2016-03-19] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [81920 2016-03-19] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [71496 2016-03-19] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [96256 2016-03-19] (Microsoft Corporation)
S3 smrtflt; C:\Windows\System32\drivers\smrtflt.sys [9216 2016-03-19] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [49152 2016-03-19] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [11592 2016-03-19] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [107848 2016-03-19] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [49152 2016-03-19] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [40320 2016-03-19] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [283976 2016-03-19] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117064 2016-03-19] (Microsoft Corporation)
R1 WofCld; C:\Windows\System32\Drivers\WofCld.sys [107848 2016-03-19] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-09 07:41 - 2016-05-09 07:41 - 00000000 ___HD C:\OneDriveTemp
2016-05-08 22:04 - 2016-05-08 22:08 - 00000000 ____D C:\EEK
2016-05-08 21:50 - 2016-05-09 16:59 - 00000000 ____D C:\FRST
2016-05-07 15:23 - 2016-05-07 15:23 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-07 15:23 - 2016-05-07 15:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-07 15:23 - 2016-05-07 15:23 - 00000000 ____D C:\Users\Elliot\AppData\LocalLow\Adobe
2016-05-07 12:40 - 2016-05-07 12:41 - 00000000 ____D C:\AdwCleaner
2016-05-07 12:33 - 2016-05-09 16:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-07 12:33 - 2016-05-07 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-07 12:33 - 2016-05-07 12:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-07 12:33 - 2016-05-07 12:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-07 12:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-07 12:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-07 12:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-07 11:52 - 2016-05-07 11:52 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\QuickScan
2016-05-07 11:02 - 2016-05-07 11:02 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-05-07 11:02 - 2016-05-07 11:02 - 00000000 ____D C:\Users\Elliot\Documents\samsung
2016-05-07 11:02 - 2016-05-07 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-05-07 11:01 - 2016-05-07 11:02 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Samsung
2016-05-07 11:01 - 2016-05-07 11:01 - 40605640 _____ (Samsung Electronics Co., Ltd.) C:\Users\Elliot\Downloads\Kies3Setup.exe
2016-05-07 11:01 - 2016-05-07 11:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-05-07 11:01 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-05-07 09:50 - 2016-05-07 09:50 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2016-05-07 09:46 - 2016-05-07 09:50 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-05-07 09:46 - 2016-05-07 09:46 - 00281872 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-05-07 09:46 - 2016-05-07 09:46 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-05-07 09:46 - 2013-11-15 15:17 - 03894632 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2016-05-07 09:38 - 2016-05-07 09:38 - 00000000 ____D C:\Users\Elliot\AppData\Local\PunkBuster
2016-05-07 09:36 - 2016-05-07 09:37 - 00000000 ____D C:\Users\Elliot\Documents\Battlefield 4
2016-05-06 19:16 - 2016-05-06 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-05-06 19:16 - 2016-05-06 19:16 - 00000000 ____D C:\Program Files\7-Zip
2016-05-06 19:15 - 2016-05-06 19:15 - 00000000 ____D C:\Users\Elliot\Downloads\Stardock
2016-05-06 14:51 - 2016-05-06 14:51 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 4
2016-05-06 14:51 - 2016-05-06 14:51 - 00000000 ____D C:\Users\Elliot\AppData\Local\Electronic_Arts_Inc
2016-05-06 13:49 - 2016-05-06 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 4 Tiberian Twilight
2016-05-04 23:13 - 2016-05-04 23:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-04 23:13 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-05-04 23:13 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-04 08:17 - 2016-05-04 08:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-03 21:54 - 2016-05-03 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-05-03 21:54 - 2016-05-03 21:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-05-03 10:11 - 2016-05-08 18:44 - 00000000 ____D C:\Muzecast
2016-05-03 10:11 - 2016-05-03 10:11 - 00000139 _____ C:\muzecastinstall.txt
2016-05-03 10:11 - 2016-05-03 10:11 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Muzecast
2016-05-03 07:23 - 2016-05-02 22:29 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-03 07:22 - 2016-05-03 07:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-03 07:22 - 2016-05-03 07:22 - 00000000 ____D C:\Windows.old
2016-05-03 07:21 - 2016-05-03 07:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-03 07:21 - 2016-05-03 07:21 - 00000000 ____D C:\Program Files\MSBuild
2016-05-03 07:21 - 2016-05-03 07:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-03 07:21 - 2016-05-03 07:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-03 07:21 - 2016-03-19 02:13 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-05-03 07:21 - 2016-03-19 02:13 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-03 07:21 - 2016-03-19 02:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-05-03 07:21 - 2016-03-19 02:12 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-03 07:21 - 2016-03-19 02:11 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-03 07:21 - 2016-03-19 02:11 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-02 22:42 - 2016-04-14 06:13 - 00157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-05-02 22:42 - 2016-04-14 06:12 - 00598216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-02 22:42 - 2016-04-14 06:09 - 00617232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-02 22:42 - 2016-04-14 06:09 - 00112160 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-05-02 22:42 - 2016-04-14 05:51 - 21944832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-02 22:42 - 2016-04-14 05:47 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-05-02 22:42 - 2016-04-14 05:46 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-05-02 22:42 - 2016-04-14 05:45 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-05-02 22:42 - 2016-04-14 05:45 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-05-02 22:42 - 2016-04-14 05:44 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-02 22:42 - 2016-04-14 05:44 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-05-02 22:42 - 2016-04-14 05:44 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2016-05-02 22:42 - 2016-04-14 05:43 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-02 22:42 - 2016-04-14 05:42 - 00536128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-05-02 22:42 - 2016-04-14 05:42 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-02 22:42 - 2016-04-14 05:41 - 00364032 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-02 22:42 - 2016-04-14 05:41 - 00076448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-05-02 22:42 - 2016-04-14 05:39 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-05-02 22:42 - 2016-04-14 05:39 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-05-02 22:42 - 2016-04-14 05:37 - 23763968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-02 22:42 - 2016-04-14 05:35 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-02 22:42 - 2016-04-14 05:34 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-05-02 22:42 - 2016-04-14 05:33 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-05-02 22:42 - 2016-04-14 05:33 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-05-02 22:42 - 2016-04-14 05:32 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-05-02 22:42 - 2016-04-14 05:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-05-02 22:42 - 2016-04-14 05:31 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2016-05-02 22:42 - 2016-04-14 05:30 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-05-02 22:42 - 2016-04-14 05:29 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-05-02 22:42 - 2016-04-14 05:28 - 07825920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-02 22:42 - 2016-04-14 05:27 - 01416192 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-02 22:42 - 2016-04-14 05:27 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-02 22:42 - 2016-04-14 05:27 - 00302592 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-05-02 22:42 - 2016-04-14 05:26 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-02 22:42 - 2016-04-14 05:25 - 03533312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-02 22:42 - 2016-04-14 05:25 - 01806848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-02 22:42 - 2016-04-14 05:24 - 18653184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-02 22:42 - 2016-04-14 05:22 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-05-02 22:42 - 2016-04-14 05:22 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-02 22:42 - 2016-04-14 05:21 - 19424256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-02 22:42 - 2016-04-14 05:12 - 05805568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-02 22:42 - 2016-04-14 05:11 - 02926592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-05-02 22:42 - 2016-04-14 05:10 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-02 22:42 - 2016-04-05 23:42 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2016-05-02 22:42 - 2016-04-05 23:37 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2016-05-02 22:42 - 2016-04-05 23:34 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-05-02 22:42 - 2016-04-05 23:29 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-05-02 22:42 - 2016-04-05 23:26 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-05-02 22:42 - 2016-04-05 23:23 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-02 22:31 - 2016-05-02 22:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-05-02 22:30 - 2016-05-02 22:30 - 00000000 ____D C:\ProgramData\USOShared
2016-05-02 22:29 - 2016-05-02 22:29 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-05-02 22:29 - 2016-05-02 22:29 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-05-02 22:29 - 2016-05-02 22:29 - 00000020 ___SH C:\Users\Elliot\ntuser.ini
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default\My Documents
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-05-02 22:29 - 2016-05-02 22:29 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-05-02 22:28 - 2016-05-08 22:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-02 22:28 - 2016-05-02 22:28 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-02 22:26 - 2016-05-02 22:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-05-02 22:26 - 2016-03-19 14:55 - 02712064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-02 22:25 - 2016-05-07 12:38 - 00000000 ____D C:\Users\Elliot
2016-05-02 22:25 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 22:25 - 2016-05-02 22:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-02 22:25 - 2016-05-02 22:25 - 00000000 _SHDL C:\Users\Elliot\My Documents
2016-05-02 22:25 - 2016-05-02 22:25 - 00000000 _SHDL C:\Users\Elliot\Documents\My Videos
2016-05-02 22:25 - 2016-05-02 22:25 - 00000000 _SHDL C:\Users\Elliot\Documents\My Pictures
2016-05-02 22:25 - 2016-05-02 22:25 - 00000000 _SHDL C:\Users\Elliot\Documents\My Music
2016-05-02 22:25 - 2016-03-22 03:37 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-02 22:25 - 2016-03-22 03:37 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-02 22:25 - 2016-03-18 12:44 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-02 22:24 - 2016-05-03 10:14 - 00271776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-02 22:24 - 2016-05-02 22:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-02 22:24 - 2016-05-02 22:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-05-02 22:24 - 2016-05-02 22:24 - 00000000 ____D C:\Program Files\Realtek
2016-05-02 20:57 - 2016-05-02 20:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-05-02 20:56 - 2016-05-02 20:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-30 15:33 - 2016-05-02 22:28 - 00003606 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001UA
2016-04-30 15:33 - 2016-05-02 22:28 - 00003338 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001Core
2016-04-30 15:33 - 2016-05-02 22:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2016-04-30 15:33 - 2016-05-02 21:43 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001UA.job
2016-04-30 15:33 - 2016-05-02 15:43 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001Core.job
2016-04-30 15:32 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-04-30 14:09 - 2016-04-30 14:09 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2016-04-30 14:09 - 2016-04-30 14:09 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2016-04-30 14:08 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2016-04-30 14:08 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-04-30 14:08 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2016-04-30 14:08 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2016-04-30 14:08 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-04-30 14:08 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2016-04-30 14:08 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2016-04-30 14:08 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2016-04-30 14:08 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2016-04-30 14:08 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2016-04-30 14:08 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2016-04-30 14:08 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2016-04-30 14:08 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-04-30 14:08 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2016-04-30 14:08 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2016-04-30 14:08 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-04-30 14:08 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-04-30 14:08 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-04-30 14:08 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-04-30 14:08 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-04-30 14:08 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-04-30 14:08 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-04-30 14:08 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-04-30 14:08 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-04-30 14:08 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-04-30 14:08 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-04-30 14:08 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-04-30 14:08 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2016-04-30 14:08 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2016-04-30 14:08 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2016-04-30 14:08 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2016-04-30 14:08 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2016-04-30 14:08 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2016-04-30 14:08 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2016-04-30 14:08 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2016-04-30 14:08 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2016-04-30 14:08 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2016-04-30 14:08 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2016-04-30 14:08 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2016-04-30 14:08 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2016-04-30 14:08 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2016-04-30 14:08 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2016-04-30 14:08 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2016-04-30 14:08 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-04-30 14:08 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2016-04-30 14:08 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2016-04-30 14:08 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2016-04-30 14:08 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2016-04-30 14:08 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-04-30 14:08 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-04-30 14:08 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-04-30 14:08 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-04-30 14:08 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-04-30 14:08 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-04-30 14:08 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-04-30 14:08 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-04-30 14:08 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-04-30 14:08 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-04-30 14:08 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-04-30 14:08 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-04-30 14:08 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-04-30 14:08 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-04-30 14:08 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-04-30 14:08 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-04-30 14:08 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-04-30 14:08 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-04-30 14:08 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-04-30 14:08 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-04-30 14:08 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-04-30 14:08 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-04-30 14:08 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-04-30 14:08 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-04-30 14:08 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-04-30 14:08 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-04-30 14:08 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-04-30 14:08 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-04-30 14:08 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-04-30 14:08 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-04-30 14:08 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-04-30 14:08 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-04-30 14:08 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-04-30 14:08 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-04-30 14:08 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-04-30 14:08 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-04-30 14:08 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-04-30 14:08 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-04-30 14:08 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-04-30 14:08 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-04-30 14:08 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-04-30 14:08 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-04-30 14:08 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-04-30 14:08 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-04-30 14:08 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-04-30 14:08 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-04-30 14:08 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-04-30 14:08 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-04-30 14:08 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-04-30 14:08 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-04-30 14:08 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-04-30 14:08 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-04-30 14:08 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-04-30 14:08 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-04-30 14:08 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-04-30 14:08 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-04-30 14:08 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-04-30 14:08 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-04-30 14:08 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-04-30 14:08 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-04-30 14:08 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-04-30 14:08 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-04-30 14:08 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-04-30 14:08 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-04-30 14:08 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-04-30 14:04 - 2016-04-30 14:04 - 00000000 ____D C:\Users\Elliot\AppData\Local\Apps\2.0
2016-04-30 13:55 - 2016-05-02 22:28 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-30 13:55 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-30 13:55 - 2016-04-30 13:55 - 00000000 ____D C:\Program Files\CCleaner
2016-04-30 13:29 - 2016-04-30 13:29 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-04-30 13:21 - 2016-05-07 18:11 - 00000000 ____D C:\ProgramData\Origin
2016-04-30 13:21 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-04-30 13:21 - 2016-04-30 14:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-04-30 13:21 - 2016-04-30 14:08 - 00000000 ____D C:\Users\Elliot\AppData\Local\Origin
2016-04-30 13:21 - 2016-04-30 14:05 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Origin
2016-04-30 13:12 - 2016-04-30 13:12 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\PotPlayerMini64
2016-04-30 11:28 - 2016-04-30 11:28 - 00000000 ____D C:\Users\Elliot\Documents\Shadow Warrior
2016-04-30 11:28 - 2016-04-30 11:28 - 00000000 ____D C:\Users\Elliot\Documents\4A Games
2016-04-30 11:28 - 2016-04-30 11:28 - 00000000 ____D C:\Users\Elliot\AppData\Local\GrowHome
2016-04-30 11:27 - 2016-04-30 11:28 - 00000000 ____D C:\Users\Elliot\Documents\my games
2016-04-30 11:27 - 2016-04-30 11:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\sega
2016-04-30 11:27 - 2016-04-30 11:27 - 00000000 ____D C:\Users\Elliot\AppData\LocalLow\CampoSanto
2016-04-30 11:27 - 2016-04-30 11:27 - 00000000 ____D C:\Users\Elliot\AppData\LocalLow\Bloober Team
2016-04-30 11:26 - 2016-04-30 11:26 - 00000000 ____D C:\Users\Elliot\AppData\Local\Steam
2016-04-30 11:26 - 2016-04-30 11:26 - 00000000 ____D C:\Users\Elliot\AppData\Local\CEF
2016-04-30 11:23 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-30 11:23 - 2016-04-30 11:23 - 00000000 ____D C:\Gaming
2016-04-30 11:20 - 2016-04-30 11:20 - 00000000 ____D C:\Users\Elliot\AppData\Local\DFX
2016-04-30 11:19 - 2016-05-02 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Winamp
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Guest\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Guest
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\Winamp
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\DefaultAccount
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Winamp
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Administrator
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Program Files (x86)\DFX
2016-04-30 11:16 - 2016-05-09 07:41 - 00001314 _____ C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2016-04-30 11:16 - 2016-05-09 07:41 - 00000000 ____D C:\Users\Elliot\AppData\Local\Messenger
2016-04-30 11:16 - 2016-04-30 11:16 - 00001315 _____ C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Messenger for Desktop.lnk
2016-04-30 11:16 - 2016-04-30 11:16 - 00000000 ____D C:\Program Files (x86)\Messenger for Desktop
2016-04-30 10:49 - 2016-04-30 10:49 - 00000000 ____D C:\ProgramData\Last.fm
2016-04-30 10:48 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2016-04-30 10:48 - 2016-04-30 18:34 - 00000000 ____D C:\Users\Elliot\AppData\Local\Last.fm
2016-04-30 10:48 - 2016-04-30 10:48 - 00000000 ____D C:\Program Files (x86)\Last.fm
2016-04-30 10:46 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-04-30 10:46 - 2016-04-30 11:19 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-04-30 10:46 - 2016-04-30 10:47 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Winamp
2016-04-30 10:46 - 2016-04-30 10:46 - 00000000 ____D C:\Users\Elliot\AppData\Local\PeerDistRepub
2016-04-30 10:46 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2016-04-30 10:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-04-30 10:43 - 2016-05-07 11:36 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\TeamViewer
2016-04-30 10:43 - 2016-05-05 17:36 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-04-30 10:43 - 2016-04-30 10:43 - 00000000 ____D C:\Users\Elliot\AppData\Local\TeamViewer
2016-04-30 10:42 - 2016-05-07 09:20 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-04-30 10:40 - 2016-04-30 10:40 - 00000000 ____D C:\Users\Elliot\AppData\Local\Logitech® Webcam Software
2016-04-30 10:39 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-04-30 10:39 - 2016-05-02 22:27 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-04-30 10:39 - 2016-04-30 10:39 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Leadertech
2016-04-30 10:39 - 2016-04-30 10:39 - 00000000 ____D C:\ProgramData\LogiShrd
2016-04-30 10:39 - 2016-04-30 10:39 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-04-30 10:38 - 2016-04-30 10:38 - 00000000 ____D C:\Users\Elliot\Tracing
2016-04-30 10:37 - 2016-05-09 16:41 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Skype
2016-04-30 10:37 - 2016-05-02 22:38 - 00000000 ____D C:\ProgramData\Skype
2016-04-30 10:37 - 2016-05-02 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-30 10:37 - 2016-04-30 14:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-30 10:35 - 2016-05-02 22:27 - 00000000 ____D C:\WINDOWS\en
2016-04-30 10:35 - 2016-04-30 10:35 - 00001450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-04-30 10:35 - 2016-04-30 10:35 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-04-30 10:35 - 2016-04-30 10:35 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-04-30 10:35 - 2016-04-30 10:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-04-30 10:35 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-04-30 10:35 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-04-30 10:35 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-04-30 10:35 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-04-30 10:35 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-04-30 10:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-04-30 10:34 - 2016-04-30 10:34 - 00000000 ____D C:\Users\Elliot\AppData\Local\Windows Live
2016-04-30 10:34 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2016-04-30 10:34 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2016-04-30 10:34 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-04-30 10:34 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-04-30 10:33 - 2016-05-04 23:02 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\MiniLyrics
2016-04-30 10:33 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics
2016-04-30 10:33 - 2016-04-30 10:33 - 00000000 ____D C:\Program Files (x86)\MiniLyrics
2016-04-30 10:28 - 2016-04-30 10:28 - 00002120 _____ C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2016-04-30 10:27 - 2016-05-02 22:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-04-30 10:27 - 2016-04-30 10:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\IrfanView
2016-04-30 10:27 - 2016-04-30 10:27 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-04-30 10:26 - 2016-05-08 16:35 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F76A8576-D0FF-4B4F-A983-790875609BAC}
2016-04-30 10:22 - 2016-05-07 15:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-30 10:22 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-30 10:22 - 2016-04-30 10:22 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-04-30 10:22 - 2016-04-30 10:22 - 00000000 ____D C:\Users\Elliot\Documents\Adobe
2016-04-30 10:21 - 2016-05-08 21:44 - 00000000 ____D C:\ProgramData\Adobe
2016-04-30 10:21 - 2016-04-30 10:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-30 10:21 - 2016-04-30 10:22 - 00000000 ____D C:\Program Files\Adobe
2016-04-30 10:21 - 2016-04-30 10:21 - 00001618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-04-30 10:20 - 2016-05-07 15:23 - 00000000 ____D C:\Users\Elliot\AppData\Local\Adobe
2016-04-30 10:20 - 2016-05-02 22:28 - 00002894 _____ C:\WINDOWS\System32\Tasks\InstallShield® Update Service Scheduler
2016-04-30 10:17 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-30 10:17 - 2016-04-30 10:17 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-30 10:17 - 2016-03-16 22:30 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-04-30 10:17 - 2016-03-16 22:29 - 00127768 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-04-30 10:17 - 2016-03-16 22:29 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-04-30 10:17 - 2016-03-16 22:28 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-04-30 10:15 - 2016-05-08 22:07 - 00000000 ____D C:\Users\Elliot\AppData\Local\CrashDumps
2016-04-30 10:14 - 2016-03-25 02:23 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-04-30 10:14 - 2016-03-24 12:52 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-04-30 10:14 - 2016-03-24 12:52 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-04-30 10:14 - 2016-03-24 12:52 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00784824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00630776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00601936 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00546328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00129208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-04-30 10:14 - 2016-03-22 05:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-04-30 10:14 - 2016-03-22 05:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-04-30 10:14 - 2016-03-22 05:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-30 10:09 - 2016-05-02 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2016-04-30 10:09 - 2016-04-30 13:31 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\NVIDIA
2016-04-30 10:09 - 2016-04-30 10:09 - 00000000 ____D C:\Program Files\DAUM
2016-04-30 10:07 - 2016-05-02 06:39 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-04-30 10:07 - 2016-05-02 06:39 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-04-30 10:07 - 2016-05-02 06:38 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-04-30 10:07 - 2016-05-02 06:38 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-04-30 10:07 - 2016-05-02 06:38 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-30 10:07 - 2016-04-30 10:07 - 00000000 ____D C:\Users\Elliot\AppData\Local\NVIDIA Corporation
2016-04-30 10:07 - 2016-04-14 06:38 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-04-30 10:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2016-04-30 10:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-04-30 10:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2016-04-30 10:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-04-30 10:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-04-30 10:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-04-30 10:04 - 2016-04-30 10:05 - 00000000 ____D C:\Users\Elliot\AppData\Local\Adobe Tool
2016-04-30 09:57 - 2016-05-02 22:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-04-30 09:57 - 2016-04-30 09:57 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-04-30 09:57 - 2016-04-30 09:57 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-04-30 09:57 - 2016-04-30 09:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 __RHD C:\MSOCache
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 ____D C:\Users\Elliot\AppData\Local\Microsoft Help
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-30 09:56 - 2016-04-30 09:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-04-29 20:15 - 2016-05-08 21:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\qBittorrent
2016-04-29 20:15 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-04-29 20:15 - 2016-04-29 20:15 - 00000000 ____D C:\Users\Elliot\AppData\Local\qBittorrent
2016-04-29 20:15 - 2016-04-29 20:15 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2016-04-29 18:59 - 2016-04-29 19:00 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Stardock
2016-04-29 18:59 - 2016-04-29 19:00 - 00000000 ____D C:\ProgramData\Stardock
2016-04-29 18:59 - 2016-04-29 18:59 - 00000000 ____D C:\Users\Elliot\AppData\Local\Stardock
2016-04-29 18:58 - 2016-05-06 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2016-04-29 18:58 - 2016-04-29 18:58 - 00004973 _____ C:\WINDOWS\SysWOW64\Saved_Config.txt
2016-04-29 18:58 - 2016-04-29 18:58 - 00001050 _____ C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-04-29 18:58 - 2016-04-29 18:58 - 00000326 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2016-04-29 18:58 - 2016-04-29 18:58 - 00000000 ____D C:\Users\Public\Documents\Stardock
2016-04-29 18:58 - 2016-04-29 18:58 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Macromedia
2016-04-29 18:58 - 2016-04-29 18:58 - 00000000 ____D C:\Program Files (x86)\Stardock
2016-04-29 18:58 - 2015-11-24 11:23 - 00003130 _____ C:\WINDOWS\system32\e1d65x64.din
2016-04-29 18:58 - 2015-11-24 11:17 - 00541672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1d65x64.sys
2016-04-29 18:58 - 2015-06-17 00:28 - 00090608 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2016-04-29 18:58 - 2015-04-02 03:46 - 00075288 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2016-04-29 18:58 - 2014-04-18 12:17 - 00125728 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo4.dll
2016-04-29 18:57 - 2016-05-07 11:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-29 18:57 - 2016-04-29 18:57 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-04-29 18:57 - 2016-04-29 18:57 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-29 18:57 - 2016-01-29 10:12 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-04-29 18:57 - 2016-01-29 10:12 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 13120752 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 06289568 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2016-04-29 18:57 - 2016-01-29 10:12 - 05782904 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 05289952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 04989482 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-04-29 18:57 - 2016-01-29 10:12 - 04781824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-04-29 18:57 - 2016-01-29 10:12 - 03299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 03152591 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-04-29 18:57 - 2016-01-29 10:12 - 03081296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02894976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-04-29 18:57 - 2016-01-29 10:12 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02714568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 02036992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01943624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01421096 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01330072 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01211840 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01186168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01022872 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00933640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00716112 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00596120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-04-29 18:57 - 2016-01-29 10:12 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00471336 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00448592 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00224256 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00190944 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00190432 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00179608 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00172584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00065792 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2016-04-29 18:57 - 2016-01-29 10:12 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-04-29 18:57 - 2016-01-06 16:23 - 02826832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-04-29 18:56 - 2016-04-29 18:56 - 00000000 ____D C:\ProgramData\Intel
2016-04-29 18:53 - 2016-05-02 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-04-29 18:53 - 2016-04-29 18:53 - 00000000 ____D C:\Program Files (x86)\MSI
2016-04-29 18:53 - 2016-04-29 18:53 - 00000000 ____D C:\MSI
2016-04-29 18:53 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2016-04-29 18:46 - 2016-04-29 18:47 - 00000000 ____D C:\Users\Elliot\AppData\Local\Plex Media Server
2016-04-29 18:45 - 2016-05-03 21:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-29 18:45 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2016-04-29 18:45 - 2016-04-29 18:45 - 00000000 ____D C:\Program Files (x86)\Plex
2016-04-29 18:43 - 2016-04-30 15:33 - 00000000 ____D C:\Users\Elliot\AppData\Local\Google
2016-04-29 18:43 - 2016-04-30 15:32 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-29 18:43 - 2016-04-29 18:43 - 00002347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-29 18:14 - 2016-04-22 08:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-29 18:12 - 2016-05-04 23:13 - 00000000 ____D C:\Users\Elliot\AppData\Local\NVIDIA
2016-04-29 18:12 - 2016-05-02 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-29 18:12 - 2016-04-29 18:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-29 18:12 - 2016-04-29 18:12 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-29 18:08 - 2016-04-29 18:09 - 00000000 ____D C:\Users\Elliot\AppData\Local\MicrosoftEdge
2016-04-29 17:58 - 2016-04-29 18:59 - 00000000 ____D C:\Program Files\Intel
2016-04-29 17:58 - 2016-02-08 22:48 - 00403576 _____ (Intel Corporation) C:\WINDOWS\system32\PROUnstl.exe
2016-04-29 17:58 - 2016-01-15 18:34 - 00001904 _____ C:\WINDOWS\system32\SetupBD.din
2016-04-29 17:56 - 2016-04-30 13:11 - 00000000 ____D C:\Users\Elliot\AppData\Local\Comms
2016-04-29 17:53 - 2016-05-09 07:45 - 00955110 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-29 17:51 - 2016-05-09 07:41 - 00000000 ___RD C:\Users\Elliot\OneDrive
2016-04-29 17:51 - 2016-05-02 22:31 - 00002369 _____ C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-29 17:50 - 2016-05-07 15:23 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Adobe
2016-04-29 17:50 - 2016-05-06 20:35 - 00000000 ____D C:\Users\Elliot\AppData\Local\Packages
2016-04-29 17:50 - 2016-05-02 22:29 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-29 17:50 - 2016-04-29 17:50 - 00000000 ____D C:\Users\Elliot\AppData\Local\VirtualStore
2016-04-29 17:50 - 2016-04-29 17:50 - 00000000 ____D C:\Users\Elliot\AppData\Local\TileDataLayer
2016-04-29 17:50 - 2016-04-29 17:50 - 00000000 ____D C:\Users\Elliot\AppData\Local\Publishers
2016-04-29 17:50 - 2016-04-29 17:50 - 00000000 ____D C:\Users\Elliot\AppData\Local\ActiveSync
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Videos
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Pictures
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Users\Default.migrated\Documents\My Music
2016-04-29 17:48 - 2016-04-29 17:48 - 00000000 _SHDL C:\Documents and Settings
2016-04-25 00:36 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-04-25 00:36 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-04-25 00:35 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-04-25 00:35 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-08 22:08 - 2016-03-19 13:40 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-08 09:34 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-07 09:40 - 2016-03-19 15:04 - 00000000 ____D C:\WINDOWS\INF
2016-05-07 09:23 - 2016-03-19 15:07 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-06 14:39 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\rescache
2016-05-03 08:02 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\appcompat
2016-05-03 07:23 - 2016-03-19 15:07 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-03 07:21 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-03 07:21 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-02 22:42 - 2016-03-19 14:45 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-02 22:30 - 2016-03-19 15:07 - 00000000 ____D C:\ProgramData\USOPrivate
2016-05-02 22:29 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-02 22:29 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\Registration
2016-05-02 22:29 - 2016-03-19 13:40 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-02 22:28 - 2016-03-19 15:07 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-02 22:27 - 2016-03-19 17:15 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-02 22:27 - 2016-03-19 15:07 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-02 22:26 - 2016-03-19 17:12 - 00000000 ____D C:\WINDOWS\OCR
2016-05-02 22:26 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-02 22:26 - 2016-03-19 15:07 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-02 22:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2016-05-02 22:25 - 2016-03-19 15:07 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-02 22:25 - 2016-03-19 15:07 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-05-02 22:25 - 2016-03-19 15:07 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-05-02 22:25 - 2016-03-19 15:07 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-02 22:25 - 2016-03-19 15:07 - 00000000 ____D C:\WINDOWS\Help
2016-05-02 22:25 - 2016-03-19 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-02 22:18 - 2016-03-21 17:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-29 17:50 - 2016-03-09 02:46 - 00000000 ____D C:\WINDOWS\CSC
 
==================== Files in the root of some directories =======
 
2016-05-02 22:24 - 2016-05-02 22:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-02 22:24
 
==================== End of FRST.txt ============================

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-05-2016
Ran by Elliot (2016-05-09 16:59:31)
Running from E:\Desktop
Windows 10 Pro Insider Preview Version 1511 (X64) (2016-05-02 21:29:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-797883273-1019165388-3601654479-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-797883273-1019165388-3601654479-503 - Limited - Disabled)
Elliot (S-1-5-21-797883273-1019165388-3601654479-1001 - Administrator - Enabled) => C:\Users\Elliot
Guest (S-1-5-21-797883273-1019165388-3601654479-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 12.014.0.0 - Power Technology)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-797883273-1019165388-3601654479-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
MiniLyrics (HKLM-x32\...\MiniLyrics) (Version: 7.7.49 - Crintsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.014 - MSI)
Muzecast Music Streaming Server (HKLM-x32\...\{D905B704-BB73-4DBB-BD0E-613F352DF220}) (Version: 5.6.0 - Vorlan Group, Inc.)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plex Media Server (HKLM-x32\...\{4083e0fa-f188-4146-a257-61608ff30764}) (Version: 0.9.1606 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1606 - Plex, Inc.) Hidden
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 3.3.4 (HKLM-x32\...\qBittorrent) (Version: 3.3.4 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Stardock Start10 (HKLM-x32\...\Stardock Start10) (Version: 1.11 - Stardock Software, Inc.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59131 - TeamViewer)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-797883273-1019165388-3601654479-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Elliot\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-797883273-1019165388-3601654479-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Elliot\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-797883273-1019165388-3601654479-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Elliot\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {28EBA388-8A6D-4019-9DC5-67571E7B0E7E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {2FB3BFF3-D489-4E8A-BD97-84E196C60C08} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {3477719A-D5F0-483A-834D-7471F3491BA7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001Core => C:\Users\Elliot\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-30] (Google Inc.)
Task: {756883A2-96EC-4C8D-A49C-B2844A054C51} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\updateservice\ISUSPM.exe [2016-04-20] (InstallShield®)
Task: {77C1BC9E-1C2D-430C-BA5C-77D6E021BF51} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-03-19] (Microsoft Corporation)
Task: {AC4175DB-A41E-47D3-9838-7C28ED6B80C3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {BF97B209-6EBB-48F9-A3E7-B87E95078E12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001UA => C:\Users\Elliot\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-30] (Google Inc.)
Task: {BFCA56E8-79CD-443E-A37D-B3D7327C7684} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {DC2F7500-0258-4F07-BA62-AAE9EC3B56EF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {E1D927B8-945A-4D43-A433-5E972BD611E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F945E30D-62CD-4A40-85CA-FDDCC6A99415} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-03-19] (Microsoft Corporation)
Task: {FD0EB90D-633C-4D4D-A8EF-952691C336C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001Core.job => C:\Users\Elliot\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-797883273-1019165388-3601654479-1001UA.job => C:\Users\Elliot\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-03-19 14:56 - 2016-03-19 14:56 - 00041984 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-04-30 10:07 - 2016-05-02 06:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-30 10:07 - 2016-05-02 06:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-30 10:07 - 2016-05-02 06:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-30 10:07 - 2016-05-02 06:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-07 09:50 - 2016-05-07 09:50 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-04-30 10:07 - 2016-05-02 06:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-30 10:07 - 2016-05-02 06:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-30 10:07 - 2016-05-02 06:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-30 10:07 - 2016-05-02 06:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-19 14:56 - 2016-03-19 14:56 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-19 14:56 - 2016-03-19 14:56 - 02602672 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-19 14:56 - 2016-03-19 14:56 - 02602672 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-19 14:56 - 2016-03-19 14:56 - 02602672 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-02 22:31 - 2016-05-02 22:31 - 00959176 _____ () C:\Users\Elliot\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64\ClientTelemetry.dll
2016-03-19 15:00 - 2016-03-19 15:00 - 00136192 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-03-19 15:00 - 2016-03-19 15:00 - 00465408 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-03-19 14:59 - 2016-03-19 17:15 - 08049664 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-19 14:59 - 2016-03-19 17:15 - 00716288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-19 14:59 - 2016-03-19 17:15 - 01847808 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-19 14:59 - 2016-03-19 17:15 - 04063744 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-02 22:25 - 2016-03-22 03:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-12 22:44 - 2016-04-12 22:44 - 02744320 _____ () C:\Muzecast\MusicMagicServer.exe
2015-06-13 17:29 - 2015-06-13 17:29 - 47730823 _____ () C:\Program Files (x86)\Messenger for Desktop\Messenger.exe
2015-12-04 23:48 - 2015-12-04 23:48 - 01328632 _____ () C:\Program Files (x86)\DFX\DFX.exe
2015-12-04 23:37 - 2015-12-04 23:37 - 00133624 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2015-12-04 23:43 - 2015-12-04 23:43 - 00134648 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2015-12-05 00:16 - 2015-12-05 00:16 - 00051192 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2016-04-29 19:27 - 2016-04-29 19:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-30 10:07 - 2016-05-02 06:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-30 10:07 - 2016-05-02 06:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-03 08:23 - 2016-05-03 08:23 - 03841944 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1603.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-04-30 16:39 - 2016-04-30 16:39 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-05-05 08:08 - 2016-05-05 08:08 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.428.23090.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-05-05 08:08 - 2016-05-05 08:08 - 12446720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.428.23090.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-04-29 19:21 - 2016-04-29 19:22 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.428.23090.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-29 18:53 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-04-30 10:07 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-15 06:23 - 2016-03-15 06:23 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-05-02 22:31 - 2016-05-02 22:31 - 00679624 _____ () C:\Users\Elliot\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\ClientTelemetry.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00851784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00057672 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00097608 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 01986376 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 01743688 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00501064 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00031048 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00083784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00206664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00551984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libdcadec.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00055112 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00038728 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00029512 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00045896 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00853832 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00073544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00177480 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2016-04-22 14:09 - 2016-04-22 14:09 - 00204104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00026440 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00092488 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00122696 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2016-04-22 14:09 - 2016-04-22 14:09 - 00700744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2016-04-12 22:44 - 2016-04-12 22:44 - 00147456 _____ () C:\Muzecast\LIBEXPAT.dll
2016-04-08 23:35 - 2016-04-08 23:35 - 03481600 _____ () C:\Users\Elliot\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-12-05 00:11 - 2015-12-05 00:11 - 00052216 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2015-06-13 17:29 - 2015-06-13 17:29 - 01481728 _____ () C:\Program Files (x86)\Messenger for Desktop\libglesv2.dll
2015-06-13 17:29 - 2015-06-13 17:29 - 00073728 _____ () C:\Program Files (x86)\Messenger for Desktop\libegl.dll
2016-04-29 19:27 - 2016-04-29 19:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-29 19:27 - 2016-04-29 19:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-29 18:43 - 2016-04-28 00:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-04-29 18:43 - 2016-04-28 00:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-797883273-1019165388-3601654479-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Elliot\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\black wallpaper.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "Live Update"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{13FDA04E-F4CC-4232-9A39-3356E4AAC82C}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{B618FCC3-0210-4D12-92AB-AE54BA7B6760}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{60A146DA-ACA1-4646-9D6D-9688A64D5A62}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{FE3D7504-D91E-4F82-9F27-97507026266B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{B3D9CA17-4A81-4C86-BA58-0C9116E2E31E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B7DD065B-5E96-4B6B-8207-6530DA6334C3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{07EFC961-C9D1-4410-A2DB-BF6F32D957CB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{DD3C6E74-AD29-46C6-A02A-034DF549FE79}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{CBB9C6A1-68B9-45F1-9211-29F98AAF4704}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F115CBB2-CAA0-4C78-8EC9-D3A03D5602F1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F4488D1A-574C-4B15-BF0E-8DB3CDD13C3E}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1C28BAA7-964C-4952-A5AF-8C05E278D21E}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E1FDB110-31FF-41C7-9071-7FD1DE257CD2}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AD6A2036-3349-4EEA-A1AE-FA995948C66C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{51FD431F-A884-4C77-B7C2-B58527BBDF80}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{01268702-81D2-4FB5-930C-7232078E02F6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{125F7F2D-93A5-4B77-B827-B95AD2B8FC86}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DE45200B-8490-467F-9D24-E908203C4239}] => (Allow) LPort=1900
FirewallRules: [{6800FC3D-CEF1-4F32-B453-C79A9E983CF8}] => (Allow) LPort=2869
FirewallRules: [{C3F55561-CE82-4D8F-B5CA-7322F79DC2B0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E2DF39AD-2E07-4201-8BD2-6CC2613AB89A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C41C9427-C445-4BE9-8730-479C26A81B54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0D122600-9E07-486B-957B-D425AE45BCC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{766ED512-398C-46A0-B92E-3688D568313A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A67B473E-B674-4679-88CD-612194AC9BE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{167B21BB-AF6F-4E1F-99EF-9D23B057DCCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FBA98546-C859-49FE-963A-D905D0C1C652}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EA52C16F-B100-474E-98FB-624DBDB544DE}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{D3BF444A-6EEA-4ECE-9936-67F19B17AE70}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{9D6004EB-3E13-4C53-9921-D3A41505F97D}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{82835B96-3066-448D-8B08-EF8D7F2B341D}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{9A543B83-C731-4923-B10A-3B9115753569}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{624F76A7-005A-4369-B89B-FBA326CA62CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B95C4F7D-69C0-44D4-8955-48333EEB9775}] => (Allow) C:\Muzecast\Vorlan.HomeDJ.Server.exe
FirewallRules: [{CDC7AADA-7C1F-41B4-B657-D66242B45F08}] => (Allow) C:\Muzecast\Vorlan.HomeDJ.Server.exe
FirewallRules: [{E5B2F9ED-D3D9-4ED7-A21D-34A5966C2323}] => (Allow) LPort=37003
FirewallRules: [{6BC09763-A12D-45F4-A117-63C76AC3BD77}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2D7EDC1C-1A02-4249-B4AE-5C64ED225B9F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8C19BE7F-BE90-4450-BDDA-7CF1ED875FFB}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{979E1BD0-84B9-4231-8A32-33C227DC5D1D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{06EB21A6-3051-491F-8280-C6A8EC4C0C7E}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{F89400B8-1061-47EE-B29D-32EEE6D93172}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D77CC5F6-3A17-45DB-95F6-CEE559BF4F32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D294F514-9DF8-4599-9CAB-A520F1DFF858}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CBB7C75D-77B9-4F2A-BCA6-1EB333CEEB9C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{226E339E-26E3-4160-8434-24024A8C7CEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{90AE8C2A-C803-4BDB-B153-39617D4F3B27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{3EBBB6C5-D5CA-47A5-BD31-CDD8D544C886}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{28227A32-A0AB-48CD-8077-C54DEA7168C3}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{2AB24A2A-439B-4C39-BB64-A27A933F3D24}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{2FD0D6EF-5968-4D06-9029-6647BBB590F9}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{7F324922-21AF-4048-B817-72EAEF3917B8}D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) D:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{47016664-62DE-400C-8D2D-868010CE5BF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42D998D0-ADB1-4BAB-A0F9-85CC7B2B2876}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{297ED568-7475-4AD8-9C3A-B047DEC4CB7F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2A644EE8-47A1-4755-AD98-453BB4A9BCCD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/09/2016 07:41:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (05/09/2016 07:41:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
 
Error: (05/08/2016 10:11:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELLIOT-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (05/08/2016 10:11:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELLIOT-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (05/08/2016 10:09:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (05/08/2016 10:09:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (05/08/2016 10:07:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: regedit.exe, version: 10.0.14295.1000, time stamp: 0x56ece72d
Faulting module name: COMCTL32.dll, version: 6.10.14295.1000, time stamp: 0x56ecd7df
Exception code: 0xc000041d
Fault offset: 0x00000000000034a7
Faulting process id: 0x178
Faulting application start time: 0xregedit.exe0
Faulting application path: regedit.exe1
Faulting module path: regedit.exe2
Report Id: regedit.exe3
Faulting package full name: regedit.exe4
Faulting package-relative application ID: regedit.exe5
 
Error: (05/08/2016 09:57:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (05/08/2016 09:57:14 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (05/08/2016 09:51:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: notepad.exe, version: 10.0.14295.1000, time stamp: 0x56ecde8c
Faulting module name: ntdll.dll, version: 10.0.14295.1000, time stamp: 0x56ecd09b
Exception code: 0xc0000005
Fault offset: 0x000000000001dab6
Faulting process id: 0x25e0
Faulting application start time: 0xnotepad.exe0
Faulting application path: notepad.exe1
Faulting module path: notepad.exe2
Report Id: notepad.exe3
Faulting package full name: notepad.exe4
Faulting package-relative application ID: notepad.exe5
 
 
System errors:
=============
Error: (05/08/2016 10:11:16 PM) (Source: DCOM) (EventID: 10010) (User: ELLIOT-PC)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca
 
Error: (05/08/2016 10:11:16 PM) (Source: DCOM) (EventID: 10010) (User: ELLIOT-PC)
Description: App.AppX76q4xtxwbj16z0zkyp0pnwtt6m850rvk.mca
 
Error: (05/08/2016 10:11:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_44661 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:11:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_44661 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:11:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_44661 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:11:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_44661 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:11:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/08/2016 10:08:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_47018 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:08:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_47018 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/08/2016 10:08:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_47018 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-05-06 19:19:57.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-06 14:04:38.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-03 10:14:29.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-02 22:39:49.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-02 22:28:39.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-02 22:27:44.292
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-02 22:24:34.174
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 26%
Total physical RAM: 16343.69 MB
Available physical RAM: 12007.63 MB
Total Virtual: 18775.69 MB
Available Virtual: 14165.91 MB
 
==================== Drives ================================
 
Drive c: (SSD) (Fixed) (Total:118.69 GB) (Free:59.99 GB) NTFS
Drive d: (Installed Games & Movie Extras) (Fixed) (Total:2794.39 GB) (Free:755.87 GB) NTFS
Drive e: (Big Boy) (Fixed) (Total:2794.39 GB) (Free:191.74 GB) NTFS
Drive f: (Movies) (Fixed) (Total:4657.4 GB) (Free:168.61 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 86DC725E)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 143BE03A)
 
Partition: GPT.
 
========================================================
Disk: 3 (Size: 4657.5 GB) (Disk ID: 43FDAF4B)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 AM

Posted 10 May 2016 - 09:31 AM

Hi again,

 

Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.

============================================================================
How are your PC and browsers  and are there still septoms ?
 
Have a nice day.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 kingmustard

kingmustard
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:02:39 AM

Posted 10 May 2016 - 11:28 AM

Hi again,
 
Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.
============================================================================
How are your PC and browsers  and are there still septoms ?
 
Have a nice day.

 

Hi olgun52,

Zemana AntiMalware 2.20.179.613 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/5/10
Operating System       : Windows 10 64-bit
Processor              : 8X Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
BIOS Mode              : UEFI
CUID                   : 008908D297E79F4DD2D282
Scan Type              : Smart Scan
Duration               : 0m 42s
Scanned Objects        : 8550
Detected Objects       : 3
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : ON
Detect All Extensions  : OFF
Scan Documents         : OFF
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Proxy Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser = disabled
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 460000002D000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000011000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

I made the bottom two changes and so far, it appears to be solved the problem so far.


Edited by kingmustard, 10 May 2016 - 11:34 AM.


#6 olgun52

olgun52

  • Malware Response Team
  • 3,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 AM

Posted 10 May 2016 - 02:42 PM

Hi there,

 

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

start
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
AutoConfigURL: [HKLM-x32] => hxxp://xn--koa.net/proxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
2016-05-07 11:52 - 2016-05-07 11:52 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\QuickScan
2016-05-06 14:51 - 2016-05-06 14:51 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 4
C:\ProgramData\DP45977C.lfl
2016-04-30 14:09 - 2016-04-30 14:09 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2016-04-30 14:09 - 2016-04-30 14:09 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2016-04-30 11:27 - 2016-04-30 11:27 - 00000000 ____D C:\Users\Elliot\AppData\Roaming\sega
C:\Users\Elliot\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc
2016-04-30 11:19 - 2016-04-30 11:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
end

Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system to restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.
==================================================================================

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete or Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

================================================================================

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users