cScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2016 Ran by SYSTEM on MININT-6TKV6AC (21-07-2016 17:41:14) Running from E:\ Platform: Windows 8.1 Connected (Update) (X86) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [73216 2014-06-24] (Intel Corporation) HKLM\...\Run: [autoauto] => notepad HKLM\...\Run: [Note-up] => C:\Program Files\Note-up\note-up.exe [6777856 2016-05-18] (TODO: ) HKLM\...\Run: [L] => C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] () HKLM\...\Run: [cpx] => C:\Program Files\cpx\cpx.exe [641536 2016-03-24] () HKLM\...\Run: [msrtn32] => C:\Program Files\msrtn32\msrtn32.exe [1141760 2016-04-18] () HKLM\...\RunOnce: [Update] => C:\Users\JLyn\AppData\Roaming\NUIns\NUIns.exe [1108126 2016-07-20] () HKLM\...\Winlogon: [Shell] C:\Program Files\Power Update\fatalerror.exe [x ] () <=== ATTENTION HKU\Default\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\\WINDOWS\\System32\\products.scr HKU\Default User\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\\WINDOWS\\System32\\products.scr HKU\JLyn\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.) HKU\JLyn\...\Run: [Chromium] => "c:\users\jlyn\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\JLyn\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation) HKU\JLyn\...\Run: [L] => C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] () HKU\JLyn\...\Run: [fastweb] => C:\Program Files\FastWeb\fastweb.exe [194048 2016-07-20] () HKU\JLyn\...\Winlogon: [Shell] C:\Program Files\Power Update\fatalerror.exe [245760 2016-07-14] () <==== ATTENTION ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 55218e6f4f23000c941bd2cd54b2b717; C:\Program Files\55218e6f4f23000c941bd2cd54b2b717\cbced1c097d7ae63193d8d2a97ca9d86.exe [3483648 2016-07-18] () S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2118848 2016-07-04] (Microsoft Corporation) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2014-06-13] (Intel Corporation) S2 Dataup; C:\Program Files\dataup\dataup.exe [77824 2015-08-06] () S2 dowidoly; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\jnsm8CE0.tmp [244224 2016-07-20] () S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [75264 2014-06-24] (Intel Corporation) S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [89088 2014-06-24] (Intel Corporation) S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [82432 2014-06-24] (Intel Corporation) S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [277976 2014-06-13] (Intel Corporation) S2 kijuxokozbt; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\knslF627.tmp [480768 2016-07-20] () S2 rijufoze; C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC\hnsgA53C.tmp [138240 2016-07-20] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-21] (Microsoft Corporation) S2 windowsmanagementservice; C:\Users\JLyn\AppData\Local\Temp\20160720\ct.exe [852992 2016-03-21] (Google Inc.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S1 0db2c77f75b621415c89c6d10c45e881; C:\WINDOWS\system32\drivers\0db2c77f75b621415c89c6d10c45e881.sys [69072 2016-07-18] (IKWAA2) S3 ACC_SensorDriver; C:\Windows\System32\drivers\ACC_SensorDriver.sys [19968 2014-06-27] () S1 bsdp32; C:\WINDOWS\system32\Drivers\bsdp32.sys [32576 2016-07-20] () S3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [23552 2014-11-20] (Microsoft Corporation) S3 camera; C:\Windows\system32\DRIVERS\camera.sys [462336 2014-07-21] (Intel Corporation) S3 DptfDevAmbient; C:\Windows\System32\drivers\DptfDevAmbient.sys [36352 2014-06-24] (Intel Corporation) S3 DptfDevDBPT; C:\Windows\System32\drivers\DptfDevPower.sys [17408 2014-06-24] (Intel Corporation) S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [19968 2014-06-24] (Intel Corporation) S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [28160 2014-06-24] (Intel Corporation) S3 DptfDevProc; C:\Windows\System32\drivers\DptfDevProc.sys [72704 2014-06-24] (Intel Corporation) S3 DptfManager; C:\Windows\System32\drivers\DptfManager.sys [174080 2014-06-24] (Intel Corporation) S3 gc2235; C:\Windows\System32\drivers\gc2235.sys [43520 2014-08-01] (Intel Corporation) S3 gc310; C:\Windows\System32\drivers\gc310.sys [39936 2014-08-01] (Intel Corporation) S3 GoodixTouchDriver; C:\Windows\System32\drivers\GoodixTouchDriver.sys [37888 2014-07-21] (Windows (R) Win 7 DDK provider) S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [23552 2014-05-16] (Intel Corporation) S3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-21] (Intel Corporation) S3 GYRO_SensorDriver; C:\Windows\System32\drivers\GYRO_SensorDriver.sys [18944 2014-06-27] () S3 hm2056; C:\Windows\System32\drivers\hm2056.sys [43008 2014-07-25] (Intel Corporation) S3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [62464 2014-05-16] (Intel Corporation) S3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [87552 2014-03-21] (Intel Corporation) S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [32152 2014-05-06] (Intel Corporation) S3 IntelBatteryManagement; C:\Windows\System32\drivers\IntelBatteryManagement.sys [38400 2014-08-01] () S3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [263168 2014-09-25] (Intel(R) Corporation) S3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [23448 2014-05-06] (Intel Corporation) S3 kxspb; C:\Windows\System32\drivers\kxspb.sys [46928 2014-07-03] (Kionix, Inc.) S0 Lm3554; C:\Windows\System32\drivers\lm3554.sys [25088 2013-12-30] (Intel Corporation) S3 MAG_SensorDriver; C:\Windows\System32\drivers\MAG_SensorDriver.sys [20480 2014-06-27] () S0 MBI; C:\Windows\System32\drivers\MBI.sys [21968 2014-03-15] (Intel Corporation) S3 PMIC; C:\Windows\System32\drivers\PMIC.sys [66560 2014-08-06] (Intel Corporation) S3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [185560 2014-06-17] (Realtek Semiconductor Corp.) S3 RtkUart; C:\Windows\System32\drivers\RtkUart.sys [508120 2014-07-08] (Realtek Semiconductor Corporation) S3 RtlWlans; C:\Windows\system32\DRIVERS\rtwlans.sys [2862296 2014-11-19] (Realtek Semiconductor Corporation ) S3 SensorFusion; C:\Windows\System32\drivers\HIDFusion.sys [59240 2014-07-21] (Intel Corporation) S3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-20] (Microsoft Corporation) S3 TXEI; C:\Windows\System32\drivers\TXEI.sys [75792 2014-01-09] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [29688 2014-09-21] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [219968 2014-09-21] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-21] (Microsoft Corporation) S3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-20] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-21 17:38 - 2016-07-21 17:40 - 00000000 ___DC C:\FRSTc 2016-07-20 10:37 - 2016-07-20 10:37 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER 2016-07-20 09:41 - 2016-07-20 09:41 - 00000000 ___DC C:\Program Files\Nusrekkegu 2016-07-20 07:04 - 2016-07-20 15:07 - 00000000 ___DC C:\Users\JLyn\AppData\Local\mstrn32 2016-07-20 07:04 - 2016-07-20 09:05 - 00000000 ___DC C:\Users\JLyn\AppData\Local\cpx 2016-07-20 05:52 - 2016-07-21 12:01 - 00000000 ___DC C:\Program Files\cpx 2016-07-20 05:52 - 2016-07-20 05:52 - 00000000 ___DC C:\Program Files\regtool 2016-07-20 05:51 - 2016-07-21 13:17 - 00031091 ____C C:\Windows\2ae877468b564e445daaea9ec08b3cf1.ps1 2016-07-20 05:51 - 2016-07-21 13:17 - 00000000 ___DC C:\Program Files\55218e6f4f23000c941bd2cd54b2b717 2016-07-20 05:51 - 2016-07-20 05:52 - 00000000 ___DC C:\Program Files\msrtn32 2016-07-20 05:51 - 2016-07-20 05:51 - 00032576 ____C C:\Windows\System32\Drivers\bsdp32.sys 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Windows\System32\SSL 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\SejafLuo 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\gplyra 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Efhpe 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Tempfolder 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\JadmiipmefkowadUn 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\Jadmiipmefkowad 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\Itibiti Soft Phone 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\FastWeb 2016-07-20 05:51 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\dataup 2016-07-20 05:50 - 2016-07-20 05:51 - 00011568 ____C C:\Users\JLyn\AppData\Roaming\InstallationConfiguration.xml 2016-07-20 05:50 - 2016-07-20 05:51 - 00000000 ___DC C:\Program Files\CleanBrowser 2016-07-20 05:50 - 2016-07-20 05:50 - 00129024 ____C C:\Users\JLyn\AppData\Roaming\Installer.dat 2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Apps\2.0 2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ___DC C:\Program Files\Power Update 2016-07-20 05:50 - 2016-07-20 05:50 - 00000000 ____C C:\Windows\System32\Number of results 2016-07-20 05:46 - 2016-07-20 05:46 - 01002871 ____C C:\Users\JLyn\AppData\Local\setupone.exe 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Note-UP 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\c 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\ProgramData\1469022385 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\S5 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\Note-up 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ___DC C:\Program Files\maguire 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\tr5b.txt 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\stxtname.txt 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\run.txt 2016-07-20 05:46 - 2016-07-20 05:46 - 00000000 ____C C:\Users\JLyn\AppData\Local\aatxtname.txt 2016-07-20 05:45 - 2016-07-21 11:49 - 00000000 ___DC C:\Program Files\12345678-1469022310-5678-90AB-CDDEEFAABBCC 2016-07-20 05:45 - 2016-07-20 05:45 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\NUIns 2016-07-20 05:45 - 2016-07-20 05:42 - 00001006 ____C C:\Windows\System32\Drivers\etc\hp.bak 2016-07-20 05:41 - 2016-07-20 05:41 - 00980992 ____C C:\Users\JLyn\Downloads\The Game.iso 2016-07-19 23:04 - 2016-07-19 23:04 - 00041199 ____C C:\Windows\spoor.exe 2016-07-19 23:04 - 2016-07-19 23:04 - 00030208 ____C (windows 99) C:\Windows\tenney.exe 2016-07-18 10:45 - 2016-07-18 10:45 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\GamesFaction 2016-07-18 10:45 - 2016-07-18 10:45 - 00000000 ___DC C:\ProgramData\TEMP 2016-07-18 05:51 - 2016-07-18 05:51 - 00069072 ____C (IKWAA2) C:\Windows\System32\Drivers\0db2c77f75b621415c89c6d10c45e881.sys 2016-07-15 12:07 - 2016-07-15 12:07 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\The Creative Assembly 2016-07-15 05:50 - 2016-06-25 10:40 - 00045760 ____C (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe 2016-07-15 05:50 - 2016-06-22 05:42 - 00208896 ____C (Microsoft Corporation) C:\Windows\System32\centel.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 01288192 ____C (Microsoft Corporation) C:\Windows\System32\appraiser.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 01004544 ____C (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 00468992 ____C (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 00461312 ____C (Microsoft Corporation) C:\Windows\System32\devinv.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 00251392 ____C (Microsoft Corporation) C:\Windows\System32\invagent.dll 2016-07-15 05:50 - 2016-06-21 05:40 - 00179712 ____C (Microsoft Corporation) C:\Windows\System32\aepic.dll 2016-07-15 05:49 - 2016-06-21 05:40 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\acmigration.dll 2016-07-13 10:44 - 2016-05-25 05:22 - 00875712 ____C (Microsoft Corporation) C:\Windows\System32\msvcr120_clr0400.dll 2016-07-13 10:44 - 2016-05-25 05:22 - 00536768 ____C (Microsoft Corporation) C:\Windows\System32\msvcp120_clr0400.dll 2016-07-13 08:38 - 2016-06-21 06:12 - 00129536 ____C (Microsoft Corporation) C:\Windows\System32\poqexec.exe 2016-07-13 08:38 - 2016-06-11 08:31 - 00692736 ____C (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2016-07-13 08:38 - 2016-06-11 07:56 - 01315840 ____C (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2016-07-13 08:37 - 2016-06-11 09:22 - 00497664 ____C (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2016-07-13 08:37 - 2016-06-11 09:21 - 00064000 ____C (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2016-07-13 08:37 - 2016-06-11 09:13 - 02287104 ____C (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2016-07-13 08:37 - 2016-06-11 09:12 - 20348928 ____C (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2016-07-13 08:37 - 2016-06-11 09:07 - 00663552 ____C (Microsoft Corporation) C:\Windows\System32\jscript.dll 2016-07-13 08:37 - 2016-06-11 08:44 - 00128000 ____C (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2016-07-13 08:37 - 2016-06-11 08:43 - 00279040 ____C (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2016-07-13 08:37 - 2016-06-11 08:38 - 00880128 ____C (Microsoft Corporation) C:\Windows\System32\inetcomm.dll 2016-07-13 08:37 - 2016-06-11 08:33 - 00230400 ____C (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2016-07-13 08:37 - 2016-06-11 08:31 - 04608000 ____C (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2016-07-13 08:37 - 2016-06-11 08:31 - 00689152 ____C (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2016-07-13 08:37 - 2016-06-11 08:31 - 00330752 ____C (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2016-07-13 08:37 - 2016-06-11 08:29 - 02055680 ____C (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2016-07-13 08:37 - 2016-06-11 08:15 - 13806080 ____C (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2016-07-13 08:37 - 2016-06-11 07:59 - 02392576 ____C (Microsoft Corporation) C:\Windows\System32\wininet.dll 2016-07-13 08:37 - 2016-06-11 07:56 - 00710144 ____C (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2016-07-13 08:36 - 2016-06-25 09:15 - 00134144 ____C (Microsoft Corporation) C:\Windows\System32\inetpp.dll 2016-07-13 08:36 - 2016-06-25 08:47 - 00367104 ____C (Microsoft Corporation) C:\Windows\System32\puiobj.dll 2016-07-13 08:36 - 2016-06-25 08:05 - 00306176 ____C (Microsoft Corporation) C:\Windows\System32\ntprint.dll 2016-07-13 08:36 - 2016-06-25 08:03 - 00167424 ____C (Microsoft Corporation) C:\Windows\System32\puiapi.dll 2016-07-13 08:36 - 2016-06-25 07:59 - 00878080 ____C (Microsoft Corporation) C:\Windows\System32\localspl.dll 2016-07-13 08:36 - 2016-06-25 07:59 - 00603136 ____C (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2016-07-13 08:36 - 2016-06-25 07:51 - 00203776 ____C (Microsoft Corporation) C:\Windows\System32\DafPrintProvider.dll 2016-07-13 08:36 - 2016-06-10 11:06 - 03485184 ____C (Microsoft Corporation) C:\Windows\System32\win32k.sys 2016-07-13 08:35 - 2016-06-11 10:27 - 05761888 ____C (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2016-07-12 12:13 - 2016-07-13 02:55 - 00000000 ___DC C:\Users\JLyn\Documents\ArmA 2 OA Demo 2016-07-12 12:13 - 2016-07-12 12:13 - 00000000 ___DC C:\Users\JLyn\AppData\Local\ArmA 2 OA DEMO 2016-07-12 06:07 - 2016-07-12 07:59 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Origin 2016-07-12 06:03 - 2016-07-18 14:04 - 00000000 ___DC C:\ProgramData\Package Cache 2016-07-12 06:03 - 2016-07-13 12:02 - 00000000 ___DC C:\ProgramData\Origin 2016-07-12 06:02 - 2016-07-12 06:02 - 31395368 ____C (Electronic Arts, Inc.) C:\Users\JLyn\Downloads\OriginThinSetup.exe 2016-07-08 13:39 - 2016-07-08 13:40 - 00000000 ___DC C:\Users\JLyn\AppData\Local\PAYDAY 2 2016-07-08 13:39 - 2016-07-08 13:39 - 00000000 ___DC C:\Program Files\NVIDIA Corporation 2016-07-08 13:39 - 2016-07-08 13:39 - 00000000 ___DC C:\Program Files\AGEIA Technologies 2016-07-06 05:31 - 2016-07-12 09:53 - 00000000 ___DC C:\Users\JLyn\Documents\my games 2016-07-06 05:31 - 2010-06-02 00:55 - 00527192 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll 2016-07-06 05:31 - 2010-06-02 00:55 - 00239960 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll 2016-07-06 05:31 - 2010-06-02 00:55 - 00074072 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll 2016-07-06 05:31 - 2010-05-26 07:41 - 02106216 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll 2016-07-06 05:31 - 2010-05-26 07:41 - 01998168 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll 2016-07-06 05:31 - 2010-05-26 07:41 - 01868128 ____C (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll 2016-07-06 05:31 - 2010-05-26 07:41 - 00470880 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll 2016-07-06 05:31 - 2010-05-26 07:41 - 00248672 ____C (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll 2016-07-06 05:31 - 2010-02-04 06:01 - 00528216 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll 2016-07-06 05:31 - 2010-02-04 06:01 - 00238936 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll 2016-07-06 05:31 - 2010-02-04 06:01 - 00074072 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll 2016-07-06 05:31 - 2010-02-04 06:01 - 00022360 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll 2016-07-06 05:31 - 2009-09-04 13:44 - 00515416 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll 2016-07-06 05:31 - 2009-09-04 13:44 - 00238936 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll 2016-07-06 05:31 - 2009-09-04 13:44 - 00069464 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll 2016-07-06 05:31 - 2009-09-04 13:29 - 05501792 ____C (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll 2016-07-06 05:31 - 2009-09-04 13:29 - 01974616 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll 2016-07-06 05:31 - 2009-09-04 13:29 - 01892184 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll 2016-07-06 05:31 - 2009-09-04 13:29 - 00453456 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll 2016-07-06 05:31 - 2009-09-04 13:29 - 00235344 ____C (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll 2016-07-06 05:31 - 2009-03-16 10:18 - 00517448 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll 2016-07-06 05:31 - 2009-03-16 10:18 - 00235352 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll 2016-07-06 05:31 - 2009-03-16 10:18 - 00022360 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll 2016-07-06 05:31 - 2009-03-09 11:27 - 04178264 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2016-07-06 05:31 - 2009-03-09 11:27 - 01846632 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll 2016-07-06 05:31 - 2009-03-09 11:27 - 00453456 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll 2016-07-06 05:31 - 2008-10-27 06:04 - 00514384 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll 2016-07-06 05:31 - 2008-10-27 06:04 - 00235856 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll 2016-07-06 05:31 - 2008-10-27 06:04 - 00070992 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll 2016-07-06 05:31 - 2008-10-27 06:04 - 00023376 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll 2016-07-06 05:31 - 2008-10-15 02:22 - 04379984 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll 2016-07-06 05:31 - 2008-10-15 02:22 - 02036576 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll 2016-07-06 05:31 - 2008-10-15 02:22 - 00452440 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll 2016-07-06 05:31 - 2008-07-31 06:41 - 00238088 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll 2016-07-06 05:31 - 2008-07-31 06:41 - 00068616 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll 2016-07-06 05:31 - 2008-07-31 06:40 - 00509448 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll 2016-07-06 05:31 - 2008-07-10 07:01 - 00467984 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll 2016-07-06 05:31 - 2008-07-10 07:00 - 03851784 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll 2016-07-06 05:31 - 2008-07-10 07:00 - 01493528 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll 2016-07-06 05:31 - 2008-05-30 10:19 - 00507400 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll 2016-07-06 05:31 - 2008-05-30 10:18 - 00238088 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll 2016-07-06 05:31 - 2008-05-30 10:17 - 00065032 ____C (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll 2016-07-06 05:31 - 2008-05-30 10:17 - 00025608 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll 2016-07-06 05:31 - 2008-05-30 10:11 - 01491992 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll 2016-07-06 05:31 - 2008-05-30 10:11 - 00467984 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll 2016-07-06 05:30 - 2008-05-30 10:11 - 03850760 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll 2016-07-06 05:30 - 2008-03-05 12:03 - 00479752 ____C (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll 2016-07-06 05:30 - 2008-03-05 12:03 - 00238088 ____C (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll 2016-07-06 05:30 - 2008-03-05 12:00 - 00025608 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll 2016-07-06 05:30 - 2008-03-05 11:56 - 03786760 ____C (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll 2016-07-06 05:30 - 2008-03-05 11:56 - 01420824 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll 2016-07-06 05:30 - 2008-02-05 19:07 - 00462864 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll 2016-07-06 05:30 - 2007-10-21 23:39 - 00267272 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll 2016-07-06 05:30 - 2007-10-21 23:37 - 00017928 ____C (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll 2016-07-06 05:30 - 2007-10-12 11:14 - 03734536 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll 2016-07-06 05:30 - 2007-10-12 11:14 - 01374232 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll 2016-07-06 05:30 - 2007-10-02 05:56 - 00444776 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll 2016-07-06 05:30 - 2007-07-19 20:57 - 00267112 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll 2016-07-06 05:30 - 2007-07-19 14:14 - 03727720 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll 2016-07-06 05:30 - 2007-07-19 14:14 - 01358192 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll 2016-07-06 05:30 - 2007-07-19 14:14 - 00444776 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll 2016-07-06 05:30 - 2007-06-20 16:46 - 00266088 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll 2016-07-06 05:30 - 2007-05-16 12:45 - 03497832 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll 2016-07-06 05:30 - 2007-05-16 12:45 - 01124720 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll 2016-07-06 05:30 - 2007-05-16 12:45 - 00443752 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll 2016-07-06 05:30 - 2007-04-04 14:55 - 00261480 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll 2016-07-06 05:30 - 2007-04-04 14:53 - 00081768 ____C (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll 2016-07-06 05:30 - 2007-03-15 12:57 - 00443752 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll 2016-07-06 05:30 - 2007-03-12 12:42 - 03495784 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll 2016-07-06 05:30 - 2007-03-12 12:42 - 01123696 ____C (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll 2016-07-06 05:30 - 2007-03-05 08:42 - 00015128 ____C (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll 2016-07-06 05:30 - 2007-01-24 11:27 - 00255848 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll 2016-07-06 05:30 - 2006-12-08 08:02 - 00251672 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll 2016-07-06 05:30 - 2006-11-29 09:06 - 03426072 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll 2016-07-06 05:30 - 2006-11-29 09:06 - 00440080 ____C (Microsoft Corporation) C:\Windows\System32\d3dx10.dll 2016-07-06 05:30 - 2006-09-28 12:05 - 02414360 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll 2016-07-06 05:30 - 2006-09-28 12:05 - 00237848 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll 2016-07-06 05:30 - 2006-07-28 05:30 - 00236824 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll 2016-07-06 05:30 - 2006-07-28 05:30 - 00062744 ____C (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll 2016-07-06 05:30 - 2006-05-31 03:24 - 00230168 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll 2016-07-06 05:30 - 2006-03-31 08:40 - 02388176 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll 2016-07-06 05:30 - 2006-03-31 08:39 - 00229584 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll 2016-07-06 05:30 - 2006-03-31 08:39 - 00062672 ____C (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll 2016-07-06 05:30 - 2006-02-03 04:43 - 02332368 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll 2016-07-06 05:30 - 2006-02-03 04:42 - 00230096 ____C (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll 2016-07-06 05:30 - 2006-02-03 04:41 - 00014032 ____C (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll 2016-07-06 05:30 - 2005-12-05 14:09 - 02323664 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll 2016-07-06 05:30 - 2005-07-22 15:59 - 02319568 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2016-07-06 05:30 - 2005-05-26 11:34 - 02297552 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll 2016-07-06 05:30 - 2005-03-18 13:19 - 02337488 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll 2016-07-06 05:30 - 2005-02-05 15:45 - 02222800 ____C (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll 2016-07-06 05:13 - 2016-07-06 05:13 - 00000216 ____C C:\Users\JLyn\Desktop\Men Of War Assault Squad GOTY Demo.url 2016-07-06 04:53 - 2016-07-06 04:53 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Steam 2016-07-06 04:53 - 2016-07-06 04:53 - 00000000 ___DC C:\Users\JLyn\AppData\Local\CEF 2016-07-05 16:42 - 2016-07-20 05:48 - 00000000 ___DC C:\Program Files\Steam 2016-07-05 16:42 - 2016-07-11 05:21 - 00000000 ___DC C:\Program Files\Common Files\Steam 2016-07-05 16:42 - 2016-07-05 16:42 - 00000944 ____C C:\Users\Public\Desktop\Steam.lnk 2016-07-05 16:41 - 2016-07-05 16:41 - 01444992 ____C C:\Users\JLyn\Downloads\SteamSetup.exe 2016-06-24 12:46 - 2016-06-24 12:46 - 00007168 ____C C:\Users\JLyn\AppData\Local\cap.exe 2016-06-24 12:45 - 2016-06-24 12:45 - 00007168 ____C C:\Users\JLyn\AppData\Local\cap4.exe 2016-06-23 13:55 - 2016-06-23 13:55 - 00007680 ____C C:\Users\JLyn\AppData\Local\tinstall4.exe 2016-06-23 13:55 - 2016-06-23 13:55 - 00007680 ____C C:\Users\JLyn\AppData\Local\tinstall.exe 2016-06-23 13:50 - 2016-06-23 13:50 - 00005632 ____C C:\Users\JLyn\AppData\Local\ddnow4.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-21 13:09 - 2013-08-21 22:21 - 00000000 ___DC C:\Windows\inf 2016-07-21 11:01 - 2016-05-26 14:46 - 00002186 ____C C:\Users\Public\Desktop\Google Chrome.lnk 2016-07-21 10:36 - 2013-08-22 00:17 - 00000000 ___DC C:\Windows\AppReadiness 2016-07-20 14:13 - 2016-02-23 09:14 - 00000000 ___DC C:\Users\JLyn\OneDrive 2016-07-20 14:01 - 2013-08-22 00:05 - 00000000 ___DC C:\Windows\CbsTemp 2016-07-20 10:37 - 2013-08-22 00:17 - 00000000 ___DC C:\ProgramData\regid.1991-06.com.microsoft 2016-07-20 10:37 - 2013-08-22 00:17 - 00000000 ___DC C:\Program Files\Common Files\microsoft shared 2016-07-20 10:36 - 2015-02-15 03:45 - 00000000 ___DC C:\Program Files\Microsoft Office 2016-07-20 09:12 - 2014-11-20 19:40 - 00818732 ____C C:\Windows\System32\PerfStringBackup.INI 2016-07-20 05:52 - 2013-08-21 22:13 - 02097152 ___SH C:\Windows\System32\config\BBI 2016-07-17 13:02 - 2016-03-28 14:15 - 00000000 ___DC C:\Windows\System32\Appraiser 2016-07-17 06:47 - 2013-08-22 00:17 - 00000000 ____D C:\Windows\rescache 2016-07-17 06:25 - 2016-03-22 16:33 - 00000000 ___DC C:\Windows\System32\MRT 2016-07-17 06:17 - 2016-03-22 16:33 - 141983760 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2016-07-13 13:00 - 2013-08-21 23:22 - 00472736 ____C C:\Windows\System32\FNTCACHE.DAT 2016-07-13 12:03 - 2013-08-22 00:17 - 00000000 ___RD C:\Windows\ToastData 2016-07-13 07:55 - 2013-08-22 00:17 - 00000000 ___DC C:\Windows\LiveKernelReports 2016-07-13 02:24 - 2016-04-17 15:37 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Skype 2016-07-12 07:09 - 2016-02-23 09:12 - 00000000 ___DC C:\users\JLyn 2016-07-11 10:30 - 2016-04-17 15:39 - 00000000 ___DC C:\Users\JLyn\AppData\Local\ElevatedDiagnostics 2016-07-06 16:39 - 2016-03-21 17:54 - 00400552 ____C (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2016-07-06 07:40 - 2013-08-22 00:17 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-03 14:14 - 2016-02-23 09:13 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Packages 2016-07-01 20:29 - 2016-03-25 11:47 - 00828408 ____C (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2016-07-01 20:29 - 2016-03-25 11:47 - 00176632 ____C (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl Files to move or delete: ==================== C:\Windows\Tasks\{35EB43BE-DCF4-0D78-59EB-0D17D864E85D}.job Some files in TEMP: ==================== C:\Users\JLyn\AppData\Local\Temp\c11w.exe C:\Users\JLyn\AppData\Local\Temp\compete.exe C:\Users\JLyn\AppData\Local\Temp\installer1.exe C:\Users\JLyn\AppData\Local\Temp\sdfE034.exe C:\Users\JLyn\AppData\Local\Temp\setup_765.exe C:\Users\JLyn\AppData\Local\Temp\setup_790.exe C:\Users\JLyn\AppData\Local\Temp\setup_v21_ra.exe C:\Users\JLyn\AppData\Local\Temp\uii.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe [2016-03-21 18:23] - [2015-04-08 14:59] - 0333624 ____A (Microsoft Corporation) 9E597749A44C4A39948917B5F30DE1CC C:\Windows\System32\User32.dll [2016-03-22 03:58] - [2015-11-08 14:44] - 1403304 ____A (Microsoft Corporation) C1B4AECDE937261257CF7EC7F9320CB6 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 23% Total physical RAM: 1986.86 MB Available physical RAM: 1510.66 MB Total Virtual: 1986.86 MB Available Virtual: 1530.66 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:23.53 GB) (Free:7.02 GB) NTFS Drive d: (Images) (Fixed) (Total:5.37 GB) (Free:0.74 GB) NTFS Drive e: () (Removable) (Total:14.45 GB) (Free:14.38 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 29.1 GB) (Disk ID: 5A02556E) Partition: GPT. ======================================================== Disk: 1 (Size: 14.5 GB) (Disk ID: 00000000) Partition: GPT. LastRegBack: 2016-07-11 10:30 ==================== End of FRST.txt ============================