Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer randomly hanging


  • This topic is locked This topic is locked
81 replies to this topic

#1 Saifage

Saifage

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 05 August 2017 - 09:21 PM

Recently, my computer has been randomly freezing and the screen is left with the last image on the monitor. I had started a new thread, but after a couple days he told me to go to some "experts" on this side then told me to come back later. Mind helping me? Also I'm getting a event in my event viewer. Audit events have been dropped by the transport. 0. Please help me out! This has been going on for about 5-6 weeks now!

BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 05 August 2017 - 09:57 PM

Welcome :)

 

Follow the instructions here and post the require reports.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 07 August 2017 - 08:51 PM

This is the FRST Log. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2017
Ran by Saif (administrator) on SAIF-PC (07-08-2017 21:44:15)
Running from C:\Users\Saif\Downloads
Loaded Profiles: Saif (Available Profiles: Saif)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (OracleCorporation)
HKU\S-1-5-21-2751604055-2877864595-2312337091-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-17] (ValveCorporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1994D5B2-C959-44C5-8242-701B94FC185D}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-2751604055-2877864595-2312337091-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-31] (OracleCorporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-31] (OracleCorporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-31] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default [2017-08-07]
CHR Extension: (Google Slides) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-31]
CHR Extension: (Google Docs) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-31]
CHR Extension: (Google Drive) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-31]
CHR Extension: (YouTube) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-31]
CHR Extension: (Google Sheets) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-31]
CHR Extension: (Google Docs Offline) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-31]
CHR Extension: (Gmail) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\Saif\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-31]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIACorporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIACorporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-18] (NVIDIACorporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIACorporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (MicrosoftCorporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (MicrosoftCorporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIACorporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIACorporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-26] (NVIDIACorporation)
R3 RtlWlanu; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (RealtekSemiconductorCorporation)
S0 viaide; C:\WINDOWS\System32\drivers\viaide.sys [19808 2013-08-22] (VIATechnologies,Inc.)
S0 vsmraid; C:\WINDOWS\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIATechnologiesInc.,Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [35856 2014-11-21] (MicrosoftCorporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [257880 2014-11-21] (MicrosoftCorporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (MicrosoftCorporation)
R3 xb1usb; C:\WINDOWS\System32\drivers\xb1usb.sys [34016 2014-05-27] (MicrosoftCorporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-07 21:41 - 2017-08-07 21:44 - 000008810 _____ C:\Users\Saif\Downloads\FRST.txt
2017-08-07 21:41 - 2017-08-07 21:41 - 000000000 ____D C:\FRST
2017-08-07 21:40 - 2017-08-07 21:40 - 002381312 _____ (Farbar) C:\Users\Saif\Downloads\FRST64.exe
2017-08-05 22:13 - 2017-05-30 16:45 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-05 21:26 - 2017-08-05 21:26 - 000000000 ____D C:\Users\Saif\Desktop\LocaleMetaData
2017-08-02 20:23 - 2017-08-02 20:23 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2017-08-01 01:03 - 2017-08-01 01:03 - 000002786 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-08-01 01:03 - 2017-08-01 01:03 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-01 01:03 - 2017-08-01 01:03 - 000000808 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-08-01 01:03 - 2017-08-01 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-08-01 01:03 - 2017-08-01 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-01 01:03 - 2017-08-01 01:03 - 000000000 ____D C:\Program Files\Speccy
2017-08-01 01:03 - 2017-08-01 01:03 - 000000000 ____D C:\Program Files\CCleaner
2017-07-31 20:19 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-07-31 20:19 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-07-31 20:19 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-07-31 20:19 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-07-31 20:19 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-07-31 20:19 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-07-31 20:19 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-07-31 20:19 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-07-31 20:19 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-07-31 20:19 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-07-31 20:19 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-07-31 20:19 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-07-31 20:19 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-07-31 20:19 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-07-31 20:19 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-07-31 20:19 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-07-31 20:19 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-07-31 20:19 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-07-31 20:19 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-07-31 20:19 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-07-31 20:19 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-07-31 20:19 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-07-31 20:19 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-07-31 20:19 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-07-31 20:19 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-07-31 20:19 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-07-31 20:19 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-07-31 20:19 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-07-31 20:19 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-07-31 20:19 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-07-31 20:19 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-07-31 20:19 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-07-31 20:19 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-07-31 20:19 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-07-31 20:19 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-07-31 20:19 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-07-31 20:19 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-07-31 20:19 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-07-31 20:19 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-07-31 20:19 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-07-31 20:19 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-07-31 20:19 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-07-31 20:19 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-07-31 20:19 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-07-31 20:19 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-07-31 20:19 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-07-31 20:19 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-07-31 20:19 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-07-31 20:19 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-07-31 20:19 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-07-31 20:19 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-07-31 20:19 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-07-31 20:19 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-07-31 20:19 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-07-31 20:19 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-07-31 20:19 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-07-31 20:19 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-07-31 20:19 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-07-31 20:19 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-07-31 20:19 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-07-31 20:19 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-07-31 20:19 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-07-31 20:19 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-07-31 20:19 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-07-31 20:19 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-07-31 20:19 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-07-31 20:19 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-07-31 20:19 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-07-31 20:19 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-07-31 20:19 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-07-31 20:19 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-07-31 20:19 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-07-31 20:19 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-07-31 20:19 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-07-31 20:19 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-07-31 20:19 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-07-31 20:19 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-07-31 20:19 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-07-31 20:19 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-07-31 20:19 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-07-31 20:19 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-07-31 20:19 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-07-31 20:19 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-07-31 20:19 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-07-31 20:19 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-07-31 20:19 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-07-31 20:19 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-07-31 20:19 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-07-31 20:19 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-07-31 20:19 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-07-31 20:19 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-07-31 20:19 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-07-31 20:19 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-07-31 20:19 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-07-31 20:19 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-07-31 20:19 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-07-31 20:19 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-07-31 20:19 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-07-31 20:19 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-07-31 20:19 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-07-31 20:19 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-07-31 20:19 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-07-31 20:19 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-07-31 20:19 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-07-31 20:19 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-07-31 20:19 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-07-31 20:19 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-07-31 20:19 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-07-31 20:19 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-07-31 20:19 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-07-31 20:19 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-07-31 20:19 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-07-31 20:19 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-07-31 20:19 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-07-31 20:19 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-07-31 20:19 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-07-31 20:19 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-07-31 20:19 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-07-31 20:17 - 2017-07-31 20:17 - 000000000 ____D C:\Program Files\Microsoft Xbox One Controller for Windows
2017-07-31 15:17 - 2017-07-31 15:17 - 000000000 ____D C:\Users\Saif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-31 15:12 - 2017-07-31 15:12 - 000000000 ____D C:\Users\Saif\AppData\Local\Steam
2017-07-31 15:07 - 2017-08-07 21:44 - 000000000 ____D C:\Program Files (x86)\Steam
2017-07-31 15:07 - 2017-07-31 15:07 - 000000979 _____ C:\Users\Public\Desktop\Steam.lnk
2017-07-31 15:07 - 2017-07-31 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-31 13:22 - 2017-07-31 13:22 - 000000000 ____D C:\Users\Saif\AppData\Roaming\NVIDIA
2017-07-31 13:17 - 2017-08-02 21:05 - 000001184 _____ C:\Users\Saif\Desktop\nativelog.txt
2017-07-31 13:16 - 2017-07-31 13:16 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-31 13:16 - 2017-07-18 20:37 - 000512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-07-31 13:16 - 2017-07-18 20:37 - 000418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-07-31 13:16 - 2017-07-18 19:24 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-07-31 13:16 - 2017-07-18 18:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-31 13:16 - 2017-07-12 21:37 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-07-31 13:16 - 2017-03-10 17:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-31 13:16 - 2017-03-10 17:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-31 13:16 - 2017-03-10 17:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-31 13:16 - 2017-03-10 17:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-31 13:15 - 2017-07-18 20:37 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 035803256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 028928120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 021403904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 018704048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 017808120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 015482488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-07-31 13:15 - 2017-07-18 20:37 - 014689632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 012451608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 011591392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 004187336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 003803768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 003691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 003359168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 001615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 001067640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 001005176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000895968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000491536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000429920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000407064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-07-31 13:15 - 2017-07-18 20:37 - 000171384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000154208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000149224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000132072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-07-31 13:15 - 2017-07-18 20:37 - 000044200 _____ C:\WINDOWS\system32\nvinfo.pb
2017-07-31 13:15 - 2017-07-18 20:37 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-31 13:15 - 2017-07-18 20:37 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-31 13:12 - 2017-07-31 13:12 - 000000000 ____D C:\Users\Saif\AppData\Roaming\Sun
2017-07-31 13:12 - 2017-07-31 13:12 - 000000000 ____D C:\Users\Saif\AppData\LocalLow\Sun
2017-07-31 13:11 - 2017-07-31 13:11 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-07-31 13:11 - 2017-07-31 13:11 - 000000000 ____D C:\ProgramData\Oracle
2017-07-31 13:11 - 2017-07-31 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-31 13:11 - 2017-07-31 13:11 - 000000000 ____D C:\Program Files\Java
2017-07-31 13:06 - 2017-07-31 13:06 - 000002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-31 13:06 - 2017-07-31 13:06 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-31 13:05 - 2017-08-04 20:24 - 000000000 ____D C:\Users\Saif\AppData\Local\Google
2017-07-31 13:05 - 2017-08-02 20:31 - 000000000 ____D C:\Users\Saif\AppData\Local\NVIDIA Corporation
2017-07-31 13:05 - 2017-07-31 13:05 - 000003852 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:05 - 2017-07-31 13:05 - 000003814 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:05 - 2017-07-31 13:05 - 000003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-31 13:05 - 2017-07-31 13:05 - 000003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-31 13:05 - 2017-07-31 13:05 - 000001432 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-07-31 13:05 - 2017-07-31 13:05 - 000000000 ____D C:\Users\Saif\AppData\Local\NVIDIA
2017-07-31 13:05 - 2017-07-31 13:05 - 000000000 ____D C:\Program Files (x86)\Google
2017-07-31 13:05 - 2017-07-26 13:06 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-31 13:05 - 2017-07-26 13:06 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-31 13:05 - 2017-07-26 13:06 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-31 13:05 - 2017-07-26 13:06 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-31 13:05 - 2017-07-26 13:06 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-07-31 13:05 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-07-31 13:04 - 2017-08-07 21:44 - 000000000 ____D C:\ProgramData\NVIDIA
2017-07-31 13:04 - 2017-07-31 13:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-31 13:04 - 2017-07-31 13:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-31 13:04 - 2017-07-31 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-31 13:04 - 2017-07-31 13:04 - 000004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000003554 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-31 13:04 - 2017-07-31 13:04 - 000000000 ____D C:\Users\Saif\AppData\Local\CEF
2017-07-31 13:04 - 2017-07-31 13:04 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-31 13:04 - 2017-07-26 13:05 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-31 13:04 - 2017-07-26 13:05 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-31 13:04 - 2017-07-26 09:40 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-31 13:04 - 2017-07-18 18:54 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-07-31 13:03 - 2017-08-02 21:29 - 000000000 ____D C:\Users\Saif\AppData\Roaming\.minecraft
2017-07-31 13:03 - 2017-07-31 13:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-31 13:03 - 2017-07-26 13:06 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-31 13:03 - 2017-07-26 13:06 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-31 13:02 - 2017-07-31 13:04 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-07-31 13:02 - 2017-07-31 13:02 - 000000973 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-07-31 13:02 - 2017-07-31 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-07-31 13:01 - 2017-08-05 22:21 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2751604055-2877864595-2312337091-1001
2017-07-31 12:58 - 2017-07-31 12:58 - 000000000 ____D C:\Users\Saif\AppData\Roaming\Macromedia
2017-07-31 12:57 - 2017-07-31 12:57 - 000000000 __SHD C:\Users\Saif\AppData\LocalLow\EmieUserList
2017-07-31 12:57 - 2017-07-31 12:57 - 000000000 __SHD C:\Users\Saif\AppData\LocalLow\EmieSiteList
2017-07-31 12:57 - 2017-07-31 12:57 - 000000000 __SHD C:\Users\Saif\AppData\LocalLow\EmieBrowserModeList
2017-07-31 06:02 - 2017-08-05 22:30 - 000000000 ____D C:\Windows.old
2017-07-31 06:02 - 2017-07-31 20:37 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-31 06:02 - 2017-07-31 06:02 - 000262144 _____ C:\WINDOWS\system32\config\userdiff
2017-07-31 05:51 - 2017-07-31 15:21 - 000000000 ___HD C:\$SysReset
2017-07-31 02:29 - 2017-07-31 02:29 - 000000000 __SHD C:\Users\Saif\AppData\Local\EmieUserList
2017-07-31 02:29 - 2017-07-31 02:29 - 000000000 __SHD C:\Users\Saif\AppData\Local\EmieSiteList
2017-07-31 02:29 - 2017-07-31 02:29 - 000000000 __SHD C:\Users\Saif\AppData\Local\EmieBrowserModeList
2017-07-31 02:25 - 2017-07-31 02:25 - 000016510 _____ C:\Users\Saif\Desktop\Removed Apps.html
2017-07-31 02:25 - 2017-07-31 02:25 - 000001446 _____ C:\Users\Saif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-31 02:25 - 2017-07-31 02:25 - 000000020 ___SH C:\Users\Saif\ntuser.ini
2017-07-31 02:25 - 2017-07-31 02:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-07-31 02:25 - 2017-07-31 02:25 - 000000000 ____D C:\Users\Saif\AppData\Roaming\Adobe
2017-07-31 02:25 - 2017-07-31 02:25 - 000000000 ____D C:\Users\Saif\AppData\Local\VirtualStore
2017-07-31 02:07 - 2017-08-07 21:39 - 000000000 ____D C:\Users\Saif
2017-07-31 02:07 - 2014-11-21 04:52 - 000000369 _____ C:\Users\Saif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-07-31 02:07 - 2014-11-21 04:52 - 000000369 _____ C:\Users\Saif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-07-31 02:06 - 2017-07-31 02:08 - 000013338 _____ C:\WINDOWS\diagwrn.xml
2017-07-31 02:06 - 2017-07-31 02:08 - 000013338 _____ C:\WINDOWS\diagerr.xml
2017-07-31 02:05 - 2017-07-31 02:05 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-28 13:43 - 2017-07-28 13:43 - 000000000 ____D C:\Users\Saif\Documents\My Games
2017-07-28 12:34 - 2017-07-28 12:34 - 000018944 ___SH C:\Users\Saif\Desktop\Thumbs.db
2017-07-28 12:34 - 2017-07-28 12:34 - 000000000 ____D C:\Users\Saif\Documents\Lightshot
2017-07-28 12:25 - 2017-07-28 12:25 - 000004719 _____ C:\Users\Saif\Documents\ST3250310AS_6RY823EL_2017-07-28.txt
2017-07-28 01:43 - 2017-07-28 01:43 - 000000000 ____D C:\ESD
2017-07-28 01:42 - 2017-07-28 01:42 - 000000000 ___HD C:\$Windows.~WS
2017-07-28 01:40 - 2017-07-31 15:17 - 000000222 _____ C:\Users\Saif\Desktop\Rocket League.url
2017-07-28 00:34 - 2017-07-31 13:17 - 000000000 ____D C:\Temp
2017-07-27 23:04 - 2017-07-27 23:04 - 000000000 ___HD C:\ControlCenterCount
2017-07-27 22:58 - 2017-07-27 22:58 - 000000058 _____ C:\Users\Saif\Desktop\New Text Document.txt
2017-07-27 22:52 - 2017-07-27 22:52 - 000177392 _____ C:\Users\Saif\Documents\SysnativeFileCollectionApp.zip
2017-07-27 22:51 - 2017-07-27 22:52 - 000000000 ____D C:\Users\Saif\Documents\SysnativeFileCollectionApp
2017-07-27 22:50 - 2017-07-27 22:50 - 000158720 _____ (Sysnative) C:\Users\Saif\Documents\sysnativebsodcollectionapp.exe
2017-07-26 15:33 - 2017-07-31 05:50 - 000000000 _____ C:\Recovery.txt
2017-07-26 14:58 - 2017-07-26 14:58 - 000000000 ____D C:\Intel
2017-07-26 14:46 - 2017-07-27 23:04 - 000000000 ____D C:\MSI
2017-07-26 14:44 - 2017-07-26 14:44 - 000000000 ____D C:\NVIDIA
2017-07-26 14:40 - 2017-07-31 02:25 - 000000000 ____D C:\Users\Saif\AppData\Local\Packages
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-07 21:43 - 2013-08-22 10:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-07 17:22 - 2013-08-22 09:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-08-05 21:06 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-04 19:18 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\Inf
2017-08-02 17:31 - 2013-08-22 09:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-31 20:18 - 2013-08-22 11:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-31 15:21 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-31 13:16 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\Help
2017-07-31 13:08 - 2014-11-21 04:44 - 000818732 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-31 13:07 - 2013-08-22 11:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-31 13:07 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-07-31 13:01 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-31 06:02 - 2013-08-22 11:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-31 02:12 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\rescache
2017-07-31 02:08 - 2013-08-22 11:36 - 000000000 __RHD C:\Users\Public\Libraries
2017-07-31 02:06 - 2013-08-22 10:44 - 000337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-07-31 02:04
 
==================== End of FRST.txt ============================
 
 
 
 
This is the Addition log.
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2017
Ran by Saif (07-08-2017 21:46:04)
Running from C:\Users\Saif\Downloads
Windows 8.1 (Update) (X64) (2017-07-31 06:11:26)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2751604055-2877864595-2312337091-500 - Administrator - Disabled)
Guest (S-1-5-21-2751604055-2877864595-2312337091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2751604055-2877864595-2312337091-1003 - Limited - Enabled)
Saif (S-1-5-21-2751604055-2877864595-2312337091-1001 - Administrator - Enabled) => C:\Users\Saif
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.78 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 384.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\WINDOWS\system32\syncui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers1: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => C:\Windows\System32\EhStorShell.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers3: [CopyAsPathMenu] -> {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers3: [SendTo] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-18] (NVIDIACorporation)
ContextMenuHandlers5: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers5: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\WINDOWS\system32\syncui.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers6: [Library Location] -> {3dad6c5d-2167-4cae-9914-f99e41c12cfa} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
ContextMenuHandlers6: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\WINDOWS\system32\shell32.dll [2014-11-21] (MicrosoftCorporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {006E650B-C0F4-4DA5-ADB8-C4BD9A2F842B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\WINDOWS\System32\wpcmon.exe [2014-11-21] (MicrosoftCorporation)
Task: {03316BAC-680F-4533-917E-05FD61D0A431} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIACorporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\WINDOWS\system32\aitagent.exe [2014-11-21] (MicrosoftCorporation)
Task: {1A9AE310-E272-4AB9-83C3-721451B77ACA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIACorporation)
Task: {28D1C1B0-A927-4C9E-A857-A3F306AA078E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {28E44CD3-F97D-42B7-9A6D-B74547EE8436} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIACorporation)
Task: {2BC666B2-C77B-492D-A698-30536C6C4D42} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe [2014-11-21] (MicrosoftCorporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (MicrosoftCorporation)
Task: {37364EFB-32B9-4C8E-BFDA-FCCFF89E1C1E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIACorporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (MicrosoftCorporation)
Task: {6323F94B-C89F-4FC1-9775-622421306AF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (PiriformLtd)
Task: {6D21C8E9-C77F-4EE7-9252-2D30C930528A} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\WINDOWS\system32\defrag.exe [2014-11-21] (MicrosoftCorp.)
Task: {73D1388C-336E-40EC-B0B4-62CB862AF2BE} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\WINDOWS\System32\drvinst.exe [2014-11-21] (MicrosoftCorporation)
Task: {7911F103-B039-406C-804B-66D29268294B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIACorporation)
Task: {7A1CA63A-3611-4E61-AAFA-1B56F8746F3A} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe [2014-11-21] (MicrosoftCorporation)
Task: {7DD666D5-AC93-428A-B051-BD4F13C8356D} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe [2014-11-21] (MicrosoftCorporation)
Task: {80BB2794-C310-405C-BD5E-E6ADF639E861} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\WINDOWS\system32\DFDWiz.exe [2014-11-21] (MicrosoftCorporation)
Task: {84400372-B6DB-4852-B387-6CE186EAE25B} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe [2014-11-21] (MicrosoftCorporation)
Task: {860441A3-AE63-4460-8717-EA9497F3E71E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-11-21] (MicrosoftCorporation)
Task: {9147A366-176D-47A1-86F4-072F3F24B4A2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIACorporation)
Task: {920AD45B-4A08-42B4-B9EC-E190DE84219F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIACorporation)
Task: {A0DE6F87-088D-49E1-B804-4CCF578C7B5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-31] (GoogleInc.)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\WINDOWS\system32\BthUdTask.exe [2014-11-21] (MicrosoftCorporation)
Task: {A297F251-9ADE-4781-AC78-0B8FCB57BCE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIACorporation)
Task: {A2E6AF92-A27E-48C6-9213-2231E259B7DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2014-11-21] (MicrosoftCorporation)
Task: {A44A1624-C719-4A46-8833-AA65471469C9} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe [2014-11-21] (MicrosoftCorporation)
Task: {AAA89DAF-1B4F-447D-AF21-7F0559AC9962} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2014-11-21] (MicrosoftCorporation)
Task: {BC537794-54F5-4702-8CEB-06F584ECD24A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe [2014-11-21] (MicrosoftCorporation)
Task: {BD4B13A4-FC07-48EE-ACDF-85E53579DB46} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader => C:\WINDOWS\system32\WSqmCons.exe [2014-11-21] (MicrosoftCorporation)
Task: {C2599556-050C-48B7-98E3-CD224A313FE3} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\WINDOWS\system32\appidcertstorecheck.exe [2014-11-21] (MicrosoftCorporation)
Task: {CBD3EF37-0E38-431A-A6E8-607C56893A63} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\WINDOWS\system32\lpremove.exe [2014-11-21] (MicrosoftCorporation)
Task: {CC7E9366-CF26-4DC9-A66C-3EAB252649E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2014-11-21] (MicrosoftCorporation)
Task: {CDF11EB7-6D33-479C-9D2C-9E166A6907A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-31] (GoogleInc.)
Task: {D6F4A061-CEFB-4F38-81EC-6E80ECDD3011} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotifications.exe [2014-11-21] (MicrosoftCorporation)
Task: {E075AC73-7FC0-4ACD-9F28-DD590C391C1C} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\WINDOWS\system32\wermgr.exe [2014-11-21] (MicrosoftCorporation)
Task: {E288921A-4336-4DEA-A1A6-6F3E6A856E5C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2014-11-21] (MicrosoftCorporation)
Task: {F67C3C3C-2EE9-498E-A0D8-AA09F8787FB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2014-11-21] (MicrosoftCorporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-07-31 13:04 - 2017-07-26 13:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-31 15:10 - 2017-05-16 21:54 - 000678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-07-31 15:10 - 2016-08-31 21:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-07-31 15:10 - 2017-07-17 20:33 - 002497824 _____ () C:\Program Files (x86)\Steam\video.dll
2017-07-31 15:09 - 2016-08-31 21:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-07-31 15:09 - 2016-08-31 21:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-07-31 15:09 - 2016-01-27 03:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-07-31 15:09 - 2016-01-27 03:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-07-31 15:09 - 2016-01-27 03:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-07-31 15:09 - 2016-01-27 03:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-07-31 15:09 - 2016-01-27 03:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-07-31 15:10 - 2017-07-17 20:33 - 000884512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-07-31 15:09 - 2016-07-04 18:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-07-31 13:04 - 2017-07-26 13:04 - 069820864 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-07-31 13:04 - 2017-07-26 13:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-31 15:11 - 2017-07-06 13:58 - 073088800 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-07-31 15:11 - 2017-05-16 21:54 - 000678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-07-31 15:10 - 2017-07-17 20:33 - 000384288 _____ () C:\Program Files (x86)\Steam\steam.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2751604055-2877864595-2312337091-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7C6DA8DD-EDA7-4F48-836D-D62485C46CB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2620374C-DFDE-42E3-B6A2-29708AD9754F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85C1EC07-474A-4828-B599-7A00D3EC6C5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E21BB291-74D0-4506-B449-9D4DF222A716}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F5C3533-18AA-47C5-85CE-F2B8D9A2E0D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{78BE614E-D41F-4935-91D6-0A2C1FC10C8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{BFB5D807-04C7-4D6C-9905-94AFD05F348E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{622D723F-AE02-40E0-8081-C2966EFBF20B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{645B2525-8306-41E0-AEB3-969DDB3CF735}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{75E1D0F1-B768-44DB-AE2D-687ED4DB9BC6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC08C267-62DB-4042-97F8-73E4C1E91947}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{49EE9C2C-D350-487A-973C-0CC2EF3C9A1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{69BFDA66-44AE-4E9B-9AFD-81C34AE88343}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3AF5DD8D-792A-4D25-B161-E1AC16107AF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{EE403F32-CCA3-41D0-862C-48D5E84535E6}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{8E419DC3-1A3B-4243-9271-8875E54CE086}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
 
==================== Restore Points =========================
 
31-07-2017 13:01:02 Installed Minecraft
02-08-2017 17:55:52 Driver v
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/07/2017 07:08:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:31:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:31:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:31:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:31:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:31:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:28:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:28:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:26:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
Error: (08/07/2017 05:26:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
.
 
 
System errors:
=============
Error: (08/07/2017 09:43:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/07/2017 09:43:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:39:10 PM on ‎8/‎7/‎2017 was unexpected.
 
Error: (08/07/2017 09:39:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/07/2017 09:39:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:51:11 PM on ‎8/‎7/‎2017 was unexpected.
 
Error: (08/07/2017 06:59:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
 
Error: (08/07/2017 05:31:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/07/2017 05:30:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
The service has not been started.
 
Error: (08/07/2017 05:24:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/07/2017 05:24:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (08/07/2017 05:22:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:20:21 PM on ‎8/‎5/‎2017 was unexpected.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 18%
Total physical RAM: 8121.97 MB
Available physical RAM: 6642.51 MB
Total Virtual: 10041.97 MB
Available Virtual: 8452.76 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.31 GB) (Free:177.38 GB) NTFS
Drive e: (ESD-USB) (Removable) (Total:14.91 GB) (Free:10.17 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 688AE0B0)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 08 August 2017 - 06:23 PM

There is no sign of malware in those logs. You need an antivirus program. I would recommend AVAST.

 

Still experiencing the issue?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 09 August 2017 - 01:57 PM

I am about to download it. However, have you added the fact that it says Audit events have been dropped by the transport.0 ? When I search it up, it comes up with different forum threads with people having the same freezing issue with the same event. Coincedence?

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 09 August 2017 - 02:15 PM

That event is not listed on FRST's event log report.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 09 August 2017 - 02:28 PM

That's funny because I see it on my event viewer. Do you mind helping me find a solution to that problem? (The event)
That only shows recent events. I haven't been on the computer since the 5th

#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 09 August 2017 - 08:23 PM

Auditing provides a way for an administrator to detect an attack that has already occurred or is in progress. In addition, auditing can help a developer to debug security-related problems. For example, if an error in the configuration of the authorization or checking policy accidentally denies access to an authorized user, a developer can quickly discover and isolate the cause of this error by examining the event log. It really isn't that important as the event has already occurred.

Let me see various of those reports.

Go to the Event Viewer, double click on the audit entry then click on Copy. Paste the event on Notepad and post the contents in a reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 09 August 2017 - 08:50 PM

Thanks, will do.

#10 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 09 August 2017 - 10:13 PM

Here it is.

Attached Files



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 10 August 2017 - 11:48 AM

When events are delivered to the Event Log service to be saved in the Security log, they pass through the operating system (OS) kernel. If the kernel does not have enough resources to deliver the events to the Event Log service (which can happen if the Event Log service has to handle a large number of events), then the events are lost. The number of events logged in the Security log Events sent to the Security log are dropped (they cannot reach the Event Log service and the Security log) when their volume exceeds system capabilities. The hardware (CPU speed and disk size) can be improved to allow the system to handle a higher volume of events, or the number of events published should be reduced. In other words, it can be improve if the number of programs and or services in the background are reduced.

 

I would suggest a Clean boot to identify the entry that is causing the issue.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 10 August 2017 - 03:05 PM

I just performed a clean boot about an hour ago and I still got a freeze

#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 10 August 2017 - 10:10 PM

Open the task manager, and when ever you experiencing a hang, check on the CPU Usage. Is it at 100% or less?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:47 AM

Posted 14 August 2017 - 09:42 PM

Are you still with us?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 Saifage

Saifage
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 16 August 2017 - 05:46 PM

Sorry about that, I had school.

The CPU usage was less than 100% at the hang. I opened task manager up before I slept at night, and it froze. I forgot the exact number but I know for sure it was less than 100. So sorry




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users