when i open up my google chrome, it pops up a different web browser, http://search.safefi...r.com/?st=dn&q=
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
Ran by Remte (administrator) on DESKTOP-9I7M35L (01-05-2016 13:19:35)
Running from C:\Users\Remte\Desktop
Loaded Profiles: Remte (Available Profiles: Remte)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\ProgramData\xedmal\TopRedeco.dll => C:\ProgramData\xedmal\TopRedeco.dll [361984 2016-04-20] ()
AppInit_DLLs-x32: C:\ProgramData\xedmal\Trio-Com.dll => C:\ProgramData\xedmal\Trio-Com.dll [257536 2016-04-20] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{dad9fc86-2f82-4843-9c67-cea6380983df}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_qcUO0WcBg0_0E7hZe1xZ-I0OVAEERZ9BvHcKPuSmLELtTE7CEG-0_tXIIcF4Uh-IdnoyEpfUkdG6g1M4uEyLrq6Sf6SEVA,,
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-175105307-3027912839-4080859387-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-175105307-3027912839-4080859387-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pTcigsy7VDsPjeLh4hwr0UD2gzCG5mTjyBKPcFdRRwVDkWSgHNlYg0uHLQ1-Gbjb15jOULbNgFwNMIfr7LwsjYXvBQBuzw,,&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-20] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-20] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-20] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-03-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-31] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Remte\AppData\Roaming\Mozilla\Firefox\Profiles\syrjit1m.default
FF Homepage: C:\ProgramData\xedmals\ff.HP
FF NewTab: C:\ProgramData\xedmals\ff.NT
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-31] ()
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-31] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-175105307-3027912839-4080859387-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Remte\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Remte\AppData\Roaming\Mozilla\Firefox\Profiles\syrjit1m.default\searchplugins\findit.xml [2016-04-29]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-04-16] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBP24eo9kfZX0nx5RMnF8q7m-bdyJXQSIj1yxHCsHkfkQ3w0CSn9Ru87IcbG97Lt9Xm5mGf0Kiop7dddibAEEbHwKgOxXj_pSCtXiLMMSYX3W95LMQoUXyVDGXo0ViEcM0JBqXdc0akoTAAcajbJbBueKipZEfdLDG6v95mYLz8tA95gUYf1v-TJD79Vw,,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Remte\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Remte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-23]
CHR Extension: (SiteAdvisor) - C:\Users\Remte\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\Remte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (Skype) - C:\Users\Remte\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0212411461270312mcinstcleanup; C:\Windows\TEMP\021241~1.EXE [883024 2015-05-04] (McAfee, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-20] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [889704 2016-03-31] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe [1709096 2016-03-14] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [718248 2016-03-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1037048 2016-03-15] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-19] (DotC United Inc)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-03-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 xedmal; C:\ProgramData\\xedmal\\xedmal.exe [693248 2016-04-20] () [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2015-12-19] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-12-30] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [84824 2016-03-16] (McAfee, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-07-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-19] (DotC United Inc)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\Remte\Downloads\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-01 13:19 - 2016-05-01 13:20 - 00020450 _____ C:\Users\Remte\Desktop\FRST.txt
2016-05-01 13:19 - 2016-05-01 13:19 - 00000000 ____D C:\FRST
2016-05-01 13:16 - 2016-04-26 20:33 - 02376192 _____ (Farbar) C:\Users\Remte\Desktop\FRST64.exe
2016-05-01 13:15 - 2016-05-01 13:15 - 02377216 _____ (Farbar) C:\Users\Remte\Downloads\FRST64 (2).exe
2016-05-01 13:14 - 2016-05-01 13:14 - 02377216 _____ (Farbar) C:\Users\Remte\Downloads\FRST64 (1).exe
2016-05-01 12:03 - 2016-05-01 12:03 - 00000000 ____D C:\Users\Remte\AppData\Roaming\MCorp
2016-05-01 11:57 - 2016-05-01 11:57 - 00001798 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-05-01 11:57 - 2016-05-01 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-05-01 04:20 - 2016-05-01 04:20 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-05-01 01:25 - 2016-05-01 01:25 - 07406896 _____ (Acresso Software Inc.) C:\Users\Remte\Downloads\InstallPirate101.exe
2016-05-01 01:25 - 2016-05-01 01:25 - 00000793 _____ C:\Users\Remte\Desktop\Play Pirate101.lnk
2016-04-26 20:33 - 2016-04-26 20:33 - 02376192 _____ (Farbar) C:\Users\Remte\Downloads\FRST64.exe
2016-04-24 01:39 - 2016-04-24 01:39 - 00000000 ____D C:\Users\Remte\AppData\Local\AliensVsPredator
2016-04-24 00:15 - 2016-04-24 00:15 - 00000221 _____ C:\Users\Remte\Desktop\Aliens vs. Predator.url
2016-04-23 13:45 - 2016-04-22 20:29 - 1335261691 ____R C:\Users\Remte\OneDrive\Documents\A.Haunted.House.2.2014.1080p.BluRay.x264.YIFY.mp4
2016-04-23 01:12 - 2016-04-29 00:31 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-23 01:12 - 2016-04-29 00:31 - 00002344 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-23 01:11 - 2016-04-23 01:11 - 00987728 _____ (Google Inc.) C:\Users\Remte\Downloads\ChromeSetup (3).exe
2016-04-21 22:57 - 2016-04-21 22:58 - 00000000 ____D C:\Users\Remte\AppData\Roaming\com.freakinware.mitosis
2016-04-21 22:56 - 2016-04-21 22:56 - 00000222 _____ C:\Users\Remte\Desktop\Mitos.is The Game.url
2016-04-20 22:59 - 2016-05-01 13:16 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-20 22:59 - 2016-05-01 11:57 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-20 22:59 - 2016-04-23 01:11 - 00003986 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-20 22:59 - 2016-04-23 01:11 - 00003754 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-20 22:59 - 2016-04-20 22:59 - 00987728 _____ (Google Inc.) C:\Users\Remte\Downloads\ChromeSetup (2).exe
2016-04-20 00:31 - 2016-04-29 00:31 - 00002401 _____ C:\Windows\SysWOW64\findit.xml
2016-04-20 00:31 - 2016-04-29 00:31 - 00000000 ____D C:\ProgramData\xedmal
2016-04-20 00:31 - 2016-04-20 00:31 - 00001074 _____ C:\Users\Default\Desktop\Get Random Viral.lnk
2016-04-20 00:31 - 2016-04-20 00:31 - 00001074 _____ C:\Users\Default User\Desktop\Get Random Viral.lnk
2016-04-20 00:31 - 2016-04-20 00:31 - 00001050 _____ C:\Users\Default\Desktop\Google Search.lnk
2016-04-20 00:31 - 2016-04-20 00:31 - 00001050 _____ C:\Users\Default User\Desktop\Google Search.lnk
2016-04-20 00:31 - 2016-04-20 00:31 - 00000000 ____D C:\ProgramData\xedmals
2016-04-19 21:31 - 2016-04-20 01:32 - 00000000 ____D C:\Program Files\nplus
2016-04-19 21:31 - 2016-04-19 21:31 - 06494208 _____ C:\Users\Remte\AppData\Roaming\agent.dat
2016-04-19 21:31 - 2016-04-19 21:31 - 01626777 _____ C:\Users\Remte\AppData\Roaming\Ecolam.tst
2016-04-19 21:31 - 2016-04-19 21:31 - 00126464 _____ C:\Users\Remte\AppData\Roaming\noah.dat
2016-04-19 21:31 - 2016-04-19 21:31 - 00065568 _____ C:\Users\Remte\AppData\Roaming\Config.xml
2016-04-19 21:31 - 2016-04-19 21:31 - 00018432 _____ C:\Users\Remte\AppData\Roaming\Main.dat
2016-04-19 21:30 - 2016-05-01 11:58 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-19 21:30 - 2016-04-19 21:31 - 00005568 _____ C:\Users\Remte\AppData\Roaming\md.xml
2016-04-19 21:30 - 2016-04-19 21:30 - 00127488 _____ C:\Users\Remte\AppData\Roaming\Installer.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 00126464 _____ C:\Users\Remte\AppData\Roaming\lobby.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 00072717 _____ C:\Users\Remte\AppData\Roaming\S-sonlab.tst
2016-04-19 21:30 - 2016-04-19 21:30 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-19 21:30 - 2016-04-19 21:30 - 00054272 _____ C:\Users\Remte\AppData\Roaming\ApplicationHosting.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 00046128 _____ C:\Users\Remte\AppData\Roaming\inst.lat
2016-04-19 21:30 - 2016-04-19 21:30 - 00017040 _____ C:\Users\Remte\AppData\Roaming\InstallationConfiguration.xml
2016-04-19 21:30 - 2016-04-19 21:30 - 00000000 ____D C:\Users\Remte\AppData\Local\Shortcut Installer
2016-04-16 00:21 - 2016-04-16 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-16 00:21 - 2016-04-16 00:21 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-15 19:04 - 2016-04-15 19:04 - 00000000 ____D C:\Users\Remte\AppData\Local\CrashRpt
2016-04-15 18:59 - 2016-04-17 04:53 - 00000000 ____D C:\Users\Remte\AppData\Local\wf-launcher
2016-04-15 18:59 - 2016-04-17 01:11 - 00000000 ____D C:\ProgramData\GFACE
2016-04-15 18:35 - 2016-04-15 18:35 - 00000222 _____ C:\Users\Remte\Desktop\Warface.url
2016-04-13 22:50 - 2016-04-13 22:50 - 00000222 _____ C:\Users\Remte\Desktop\Brawlhalla.url
2016-04-12 20:06 - 2016-04-02 00:13 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-04-12 20:06 - 2016-04-02 00:10 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 20:06 - 2016-04-01 23:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-04-12 20:06 - 2016-04-01 23:21 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-04-12 20:06 - 2016-04-01 23:19 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-04-12 20:06 - 2016-04-01 23:18 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-04-12 20:06 - 2016-04-01 23:15 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-04-12 20:06 - 2016-04-01 23:14 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-04-12 20:06 - 2016-04-01 23:09 - 01832448 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-12 20:06 - 2016-04-01 23:07 - 03575296 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 20:06 - 2016-04-01 23:07 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-12 20:06 - 2016-04-01 23:00 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-04-12 20:06 - 2016-03-29 06:22 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 20:06 - 2016-03-29 06:22 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-12 20:06 - 2016-03-29 06:20 - 07474016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-12 20:06 - 2016-03-29 06:20 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2016-04-12 20:06 - 2016-03-29 06:20 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 20:06 - 2016-03-29 06:20 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-12 20:06 - 2016-03-29 06:18 - 02152280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-04-12 20:06 - 2016-03-29 06:02 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-04-12 20:06 - 2016-03-29 05:56 - 01297752 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-04-12 20:06 - 2016-03-29 05:37 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-04-12 20:06 - 2016-03-29 05:28 - 00696664 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-04-12 20:06 - 2016-03-29 05:17 - 00300104 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-04-12 20:06 - 2016-03-29 05:13 - 00986976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-04-12 20:06 - 2016-03-29 05:11 - 00605440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-12 20:06 - 2016-03-29 05:08 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-12 20:06 - 2016-03-29 04:44 - 00502104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-04-12 20:06 - 2016-03-29 04:41 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-04-12 20:06 - 2016-03-29 04:32 - 00253088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-04-12 20:06 - 2016-03-29 04:26 - 01089888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-04-12 20:06 - 2016-03-29 04:24 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-12 20:06 - 2016-03-29 04:06 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-04-12 20:06 - 2016-03-29 04:02 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-04-12 20:06 - 2016-03-29 04:01 - 00541304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-04-12 20:06 - 2016-03-29 03:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-04-12 20:06 - 2016-03-29 03:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-12 20:06 - 2016-03-29 03:46 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-04-12 20:06 - 2016-03-29 03:42 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-04-12 20:06 - 2016-03-29 03:39 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-04-12 20:06 - 2016-03-29 03:38 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-04-12 20:06 - 2016-03-29 03:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-04-12 20:06 - 2016-03-29 03:36 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-04-12 20:06 - 2016-03-29 03:34 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-04-12 20:06 - 2016-03-29 03:28 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-04-12 20:06 - 2016-03-29 03:27 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-04-12 20:06 - 2016-03-29 03:23 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-04-12 20:06 - 2016-03-29 03:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-04-12 20:06 - 2016-03-29 03:22 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2016-04-12 20:06 - 2016-03-29 03:20 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-04-12 20:06 - 2016-03-29 03:19 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-04-12 20:06 - 2016-03-29 03:19 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-04-12 20:06 - 2016-03-29 03:17 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-04-12 20:06 - 2016-03-29 03:16 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-04-12 20:06 - 2016-03-29 03:16 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-04-12 20:06 - 2016-03-29 03:15 - 01714688 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-04-12 20:06 - 2016-03-29 03:15 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 20:06 - 2016-03-29 03:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-04-12 20:06 - 2016-03-29 03:14 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-04-12 20:06 - 2016-03-29 03:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-04-12 20:06 - 2016-03-29 03:12 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-04-12 20:06 - 2016-03-29 03:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-04-12 20:06 - 2016-03-29 03:12 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-12 20:06 - 2016-03-29 03:11 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-04-12 20:06 - 2016-03-29 03:10 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-04-12 20:06 - 2016-03-29 03:10 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-04-12 20:06 - 2016-03-29 03:09 - 01239552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-04-12 20:06 - 2016-03-29 03:07 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 20:06 - 2016-03-29 03:07 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-04-12 20:06 - 2016-03-29 03:06 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-04-12 20:06 - 2016-03-29 03:06 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-04-12 20:06 - 2016-03-29 03:05 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-04-12 20:06 - 2016-03-29 03:02 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-04-12 20:06 - 2016-03-29 03:02 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-04-12 20:06 - 2016-03-29 03:02 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-04-12 20:06 - 2016-03-29 03:00 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-04-12 20:06 - 2016-03-29 03:00 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-04-12 20:06 - 2016-03-29 02:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-04-12 20:06 - 2016-03-29 02:56 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-04-12 20:06 - 2016-03-29 02:56 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-04-12 20:06 - 2016-03-29 02:55 - 01052160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-04-12 20:06 - 2016-03-29 02:48 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-04-12 20:06 - 2016-03-29 02:44 - 00498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-04-12 20:06 - 2016-03-29 02:43 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AccountsRt.dll
2016-04-12 20:06 - 2016-03-29 02:42 - 03592704 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-04-12 20:06 - 2016-03-29 02:42 - 01410560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2016-04-12 20:06 - 2016-03-29 02:39 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-04-12 20:06 - 2016-03-29 02:38 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-04-12 20:06 - 2016-03-29 02:37 - 01444352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-04-12 20:06 - 2016-03-29 02:37 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-04-12 20:06 - 2016-03-29 02:37 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 20:06 - 2016-03-29 02:36 - 00649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 20:06 - 2016-03-29 02:35 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-04-12 20:06 - 2016-03-29 02:34 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-04-12 20:06 - 2016-03-29 02:34 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-04-12 20:06 - 2016-03-29 02:32 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-12 20:06 - 2016-03-29 02:32 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-04-12 20:06 - 2016-03-29 02:31 - 02275328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-04-12 20:06 - 2016-03-29 02:31 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-04-12 20:06 - 2016-03-29 02:30 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-04-12 20:06 - 2016-03-29 02:29 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-04-12 20:06 - 2016-03-29 02:28 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-04-12 20:06 - 2016-03-29 02:28 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-04-12 20:06 - 2016-03-29 02:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-04-12 20:06 - 2016-03-29 02:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 20:06 - 2016-03-29 02:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-04-12 20:06 - 2016-03-29 02:26 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-12 20:06 - 2016-03-29 02:19 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-04-12 20:06 - 2016-03-29 02:17 - 00765952 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-12 20:06 - 2016-03-29 02:14 - 01072128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2016-04-12 20:06 - 2016-03-29 02:05 - 07199232 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-04-12 20:06 - 2016-03-29 02:05 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-04-12 20:06 - 2016-03-29 02:05 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-12 20:06 - 2016-03-29 02:05 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 20:06 - 2016-03-29 02:05 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-04-12 20:06 - 2016-03-29 02:04 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-04-12 20:06 - 2016-03-29 02:02 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-12 20:06 - 2016-03-29 02:01 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 20:06 - 2016-03-29 01:58 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-04-12 20:06 - 2016-03-29 01:56 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-04-12 20:06 - 2016-03-29 01:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-12 20:06 - 2016-03-29 01:51 - 22378496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-04-12 20:06 - 2016-03-29 01:51 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-12 20:06 - 2016-03-29 01:49 - 05202944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-04-12 20:06 - 2016-03-29 01:45 - 03078144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-04-12 20:06 - 2016-03-29 01:43 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-04-12 20:06 - 2016-03-29 01:41 - 24602112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-12 20:06 - 2016-03-29 01:41 - 12125184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-12 20:06 - 2016-03-29 01:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-12 20:06 - 2016-03-29 01:38 - 18673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-04-12 20:06 - 2016-03-29 01:38 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-04-12 20:06 - 2016-03-29 01:37 - 19340800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-12 20:06 - 2016-03-29 01:36 - 02722816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-04-12 20:06 - 2016-03-29 01:27 - 07836160 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-12 20:06 - 2016-03-29 01:27 - 05662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-04-12 20:06 - 2016-03-29 01:26 - 00958976 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-04-12 20:06 - 2016-03-29 01:25 - 00712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 20:05 - 2016-04-02 00:10 - 00770640 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2016-04-12 20:05 - 2016-04-02 00:10 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-12 20:05 - 2016-04-01 23:30 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-04-12 20:05 - 2016-04-01 23:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-04-12 20:05 - 2016-04-01 23:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 20:05 - 2016-04-01 23:25 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-04-12 20:05 - 2016-04-01 23:25 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-04-12 20:05 - 2016-04-01 23:23 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-04-12 20:05 - 2016-04-01 23:23 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-04-12 20:05 - 2016-04-01 23:08 - 02193408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-04-12 20:05 - 2016-04-01 23:03 - 04774912 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-04-12 20:05 - 2016-03-29 06:23 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-04-12 20:05 - 2016-03-29 06:15 - 00100232 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-04-12 20:05 - 2016-03-29 06:11 - 00686976 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-04-12 20:05 - 2016-03-29 06:05 - 01152864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-04-12 20:05 - 2016-03-29 06:02 - 00334736 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-04-12 20:05 - 2016-03-29 05:28 - 00535080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-04-12 20:05 - 2016-03-29 05:28 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-04-12 20:05 - 2016-03-29 05:25 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-04-12 20:05 - 2016-03-29 05:25 - 00058400 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.dll
2016-04-12 20:05 - 2016-03-29 05:19 - 00296488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-04-12 20:05 - 2016-03-29 05:18 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-04-12 20:05 - 2016-03-29 05:11 - 00074424 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2016-04-12 20:05 - 2016-03-29 05:10 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-04-12 20:05 - 2016-03-29 05:09 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-04-12 20:05 - 2016-03-29 05:08 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2016-04-12 20:05 - 2016-03-29 05:07 - 00081144 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-04-12 20:05 - 2016-03-29 04:44 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-04-12 20:05 - 2016-03-29 04:41 - 00051128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.dll
2016-04-12 20:05 - 2016-03-29 04:26 - 02403680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-04-12 20:05 - 2016-03-29 04:26 - 00073872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-04-12 20:05 - 2016-03-29 04:25 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-04-12 20:05 - 2016-03-29 04:23 - 00069744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-04-12 20:05 - 2016-03-29 04:21 - 00378208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-04-12 20:05 - 2016-03-29 04:17 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-04-12 20:05 - 2016-03-29 04:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-04-12 20:05 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-04-12 20:05 - 2016-03-29 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2016-04-12 20:05 - 2016-03-29 04:07 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-04-12 20:05 - 2016-03-29 04:07 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2016-04-12 20:05 - 2016-03-29 04:07 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2016-04-12 20:05 - 2016-03-29 04:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\oleacchooks.dll
2016-04-12 20:05 - 2016-03-29 04:00 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-04-12 20:05 - 2016-03-29 04:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2016-04-12 20:05 - 2016-03-29 04:00 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-04-12 20:05 - 2016-03-29 03:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-04-12 20:05 - 2016-03-29 03:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-04-12 20:05 - 2016-03-29 03:57 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 20:05 - 2016-03-29 03:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-04-12 20:05 - 2016-03-29 03:57 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-04-12 20:05 - 2016-03-29 03:55 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-04-12 20:05 - 2016-03-29 03:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-04-12 20:05 - 2016-03-29 03:55 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2016-04-12 20:05 - 2016-03-29 03:54 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 20:05 - 2016-03-29 03:53 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-04-12 20:05 - 2016-03-29 03:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2016-04-12 20:05 - 2016-03-29 03:51 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-04-12 20:05 - 2016-03-29 03:51 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-04-12 20:05 - 2016-03-29 03:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-04-12 20:05 - 2016-03-29 03:50 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-04-12 20:05 - 2016-03-29 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-04-12 20:05 - 2016-03-29 03:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-04-12 20:05 - 2016-03-29 03:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-04-12 20:05 - 2016-03-29 03:49 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-04-12 20:05 - 2016-03-29 03:48 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2016-04-12 20:05 - 2016-03-29 03:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-04-12 20:05 - 2016-03-29 03:46 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-04-12 20:05 - 2016-03-29 03:44 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2016-04-12 20:05 - 2016-03-29 03:36 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-04-12 20:05 - 2016-03-29 03:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-04-12 20:05 - 2016-03-29 03:35 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2016-04-12 20:05 - 2016-03-29 03:34 - 00686592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-04-12 20:05 - 2016-03-29 03:34 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-04-12 20:05 - 2016-03-29 03:34 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-04-12 20:05 - 2016-03-29 03:33 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-04-12 20:05 - 2016-03-29 03:32 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-04-12 20:05 - 2016-03-29 03:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-04-12 20:05 - 2016-03-29 03:30 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-04-12 20:05 - 2016-03-29 03:30 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 20:05 - 2016-03-29 03:26 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-04-12 20:05 - 2016-03-29 03:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-04-12 20:05 - 2016-03-29 03:21 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 20:05 - 2016-03-29 03:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2016-04-12 20:05 - 2016-03-29 03:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 20:05 - 2016-03-29 03:20 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2016-04-12 20:05 - 2016-03-29 03:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacchooks.dll
2016-04-12 20:05 - 2016-03-29 03:18 - 00676352 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-04-12 20:05 - 2016-03-29 03:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 20:05 - 2016-03-29 03:17 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-04-12 20:05 - 2016-03-29 03:11 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-04-12 20:05 - 2016-03-29 03:11 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-04-12 20:05 - 2016-03-29 03:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 20:05 - 2016-03-29 03:11 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-04-12 20:05 - 2016-03-29 03:11 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-04-12 20:05 - 2016-03-29 03:09 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-04-12 20:05 - 2016-03-29 03:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2016-04-12 20:05 - 2016-03-29 03:08 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-04-12 20:05 - 2016-03-29 03:08 - 00841216 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-04-12 20:05 - 2016-03-29 03:08 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 20:05 - 2016-03-29 03:06 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2016-04-12 20:05 - 2016-03-29 03:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 20:05 - 2016-03-29 03:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2016-04-12 20:05 - 2016-03-29 03:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-04-12 20:05 - 2016-03-29 03:00 - 00235008 _____ C:\Windows\system32\MTF.dll
2016-04-12 20:05 - 2016-03-29 03:00 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 20:05 - 2016-03-29 02:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-12 20:05 - 2016-03-29 02:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-04-12 20:05 - 2016-03-29 02:53 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-04-12 20:05 - 2016-03-29 02:53 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2016-04-12 20:05 - 2016-03-29 02:52 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-04-12 20:05 - 2016-03-29 02:52 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2016-04-12 20:05 - 2016-03-29 02:49 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
2016-04-12 20:05 - 2016-03-29 02:42 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 20:05 - 2016-03-29 02:41 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2016-04-12 20:05 - 2016-03-29 02:40 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-04-12 20:05 - 2016-03-29 02:39 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-04-12 20:05 - 2016-03-29 02:39 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 20:05 - 2016-03-29 02:36 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-12 20:05 - 2016-03-29 02:34 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-04-12 20:05 - 2016-03-29 02:34 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-04-12 20:05 - 2016-03-29 02:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-04-12 20:05 - 2016-03-29 02:31 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-04-12 20:05 - 2016-03-29 02:31 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-04-12 20:05 - 2016-03-29 02:29 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-04-12 20:05 - 2016-03-29 02:27 - 07979008 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-04-12 20:05 - 2016-03-29 02:27 - 00162816 _____ C:\Windows\SysWOW64\MTF.dll
2016-04-12 20:05 - 2016-03-29 02:23 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 20:05 - 2016-03-29 02:22 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-04-12 20:05 - 2016-03-29 02:13 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-04-12 20:05 - 2016-03-29 02:10 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-04-12 20:05 - 2016-03-29 02:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-04-12 20:05 - 2016-03-29 02:05 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-04-12 20:05 - 2016-03-29 02:04 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 20:05 - 2016-03-29 02:01 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-12 20:05 - 2016-03-29 02:00 - 06297088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-04-12 20:05 - 2016-03-29 01:45 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2016-04-12 20:05 - 2016-03-29 01:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 20:05 - 2016-03-29 01:35 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-04-12 20:05 - 2016-03-29 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-04-12 20:05 - 2016-03-29 01:27 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-12 20:05 - 2016-03-29 01:26 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-12 20:05 - 2016-03-29 01:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-12 20:05 - 2016-03-29 01:21 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-11 16:33 - 2016-04-11 16:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-09 19:53 - 2016-04-09 19:53 - 00000222 _____ C:\Users\Remte\Desktop\Orcs Must Die! Unchained.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-01 12:59 - 2016-02-04 22:16 - 00000000 ____D C:\Users\Remte\AppData\Roaming\Skype
2016-05-01 12:56 - 2015-12-19 22:13 - 00000000 ____D C:\Users\Remte\AppData\Local\Warframe
2016-05-01 12:56 - 2015-12-19 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-01 12:03 - 2015-12-19 17:18 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-01 12:03 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\AppReadiness
2016-05-01 12:03 - 2015-10-30 03:21 - 00000000 ____D C:\Windows\INF
2016-05-01 12:02 - 2016-03-04 23:57 - 00000000 ____D C:\Users\Remte\AppData\Local\LogMeIn Hamachi
2016-05-01 12:02 - 2015-12-19 17:32 - 00000000 ____D C:\ProgramData\Foolish IT
2016-05-01 11:58 - 2015-12-19 17:24 - 00000000 __RSD C:\Users\Remte\OneDrive\Documents\McAfee Vaults
2016-05-01 11:55 - 2015-12-29 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-01 11:55 - 2015-12-19 20:07 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-01 01:25 - 2016-01-28 23:04 - 00000000 ____D C:\Users\Remte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
2016-05-01 01:25 - 2016-01-28 23:04 - 00000000 ____D C:\Users\Remte\AppData\Roaming\InstallShield Installation Information
2016-05-01 01:25 - 2016-01-28 23:04 - 00000000 ____D C:\ProgramData\KingsIsle Entertainment
2016-04-30 12:40 - 2015-10-30 02:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-04-30 10:32 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-27 23:48 - 2016-02-25 18:07 - 00000000 ____D C:\Users\Remte\BrawlhallaReplays
2016-04-26 19:14 - 2016-01-02 12:25 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-04-26 19:14 - 2016-01-02 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-04-26 19:14 - 2016-01-02 12:25 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-04-25 18:56 - 2015-12-19 17:23 - 00002363 _____ C:\Users\Remte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-25 18:56 - 2015-12-19 17:23 - 00000000 ___RD C:\Users\Remte\OneDrive
2016-04-24 00:15 - 2015-12-19 21:19 - 00000000 ____D C:\Users\Remte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-23 01:11 - 2015-12-26 18:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-23 00:53 - 2016-01-08 13:12 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-23 00:52 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-23 00:52 - 2015-10-30 03:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-22 12:55 - 2016-02-04 22:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-22 12:55 - 2016-02-04 22:16 - 00000000 ____D C:\ProgramData\Skype
2016-04-21 16:24 - 2015-12-19 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-20 00:23 - 2016-03-12 16:34 - 00000000 ____D C:\Users\Remte\AppData\Roaming\uTorrent
2016-04-19 21:32 - 2015-12-29 16:26 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-04-19 21:23 - 2016-03-12 16:36 - 00002660 _____ C:\Users\Remte\Desktop\µTorrent.lnk
2016-04-17 16:34 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\rescache
2016-04-17 04:53 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\NDF
2016-04-16 10:06 - 2015-12-19 17:17 - 00000000 ____D C:\Users\Remte
2016-04-16 10:04 - 2015-10-30 02:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-16 00:18 - 2015-12-19 20:03 - 00332240 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-16 00:13 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-04-16 00:13 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-16 00:12 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-16 00:12 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\bcastdvr
2016-04-14 00:57 - 2015-10-30 03:11 - 00000000 ____D C:\Windows\CbsTemp
2016-04-13 17:46 - 2015-12-19 20:01 - 00000000 ____D C:\ProgramData\McAfee
2016-04-13 17:45 - 2015-12-19 20:01 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-04-13 17:44 - 2015-10-30 03:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-04-13 17:43 - 2015-12-19 20:53 - 00003122 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-04-13 17:43 - 2015-12-19 20:53 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-04-13 16:49 - 2015-12-19 17:19 - 00000000 ____D C:\Users\Remte\AppData\Local\Packages
2016-04-13 00:33 - 2015-12-19 20:37 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 00:33 - 2015-12-19 20:37 - 00000000 ____D C:\Windows\system32\MRT
2016-04-09 20:25 - 2015-12-20 01:01 - 00000000 ____D C:\Users\Remte\OneDrive\Documents\My Games
2016-04-06 14:32 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 14:32 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-04-19 21:31 - 2016-04-19 21:31 - 6494208 _____ () C:\Users\Remte\AppData\Roaming\agent.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 0054272 _____ () C:\Users\Remte\AppData\Roaming\ApplicationHosting.dat
2016-04-19 21:31 - 2016-04-19 21:31 - 0065568 _____ () C:\Users\Remte\AppData\Roaming\Config.xml
2016-04-19 21:31 - 2016-04-19 21:31 - 1626777 _____ () C:\Users\Remte\AppData\Roaming\Ecolam.tst
2016-04-19 21:30 - 2016-04-19 21:30 - 0046128 _____ () C:\Users\Remte\AppData\Roaming\inst.lat
2016-04-19 21:30 - 2016-04-19 21:30 - 0017040 _____ () C:\Users\Remte\AppData\Roaming\InstallationConfiguration.xml
2016-04-19 21:30 - 2016-04-19 21:30 - 0127488 _____ () C:\Users\Remte\AppData\Roaming\Installer.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 0126464 _____ () C:\Users\Remte\AppData\Roaming\lobby.dat
2016-04-19 21:31 - 2016-04-19 21:31 - 0018432 _____ () C:\Users\Remte\AppData\Roaming\Main.dat
2016-04-19 21:30 - 2016-04-19 21:31 - 0005568 _____ () C:\Users\Remte\AppData\Roaming\md.xml
2016-04-19 21:31 - 2016-04-19 21:31 - 0126464 _____ () C:\Users\Remte\AppData\Roaming\noah.dat
2016-04-19 21:30 - 2016-04-19 21:30 - 0072717 _____ () C:\Users\Remte\AppData\Roaming\S-sonlab.tst
2015-12-27 15:21 - 2015-12-29 16:35 - 1065984 _____ () C:\Users\Remte\AppData\Local\file__0.localstorage
Some files in TEMP:
====================
C:\Users\Remte\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Remte\AppData\Local\Temp\Nexus Mod Manager-0.61.17.exe
C:\Users\Remte\AppData\Local\Temp\Nexus Mod Manager-0.61.20.exe
C:\Users\Remte\AppData\Local\Temp\Nexus Mod Manager-0.61.6.exe
C:\Users\Remte\AppData\Local\Temp\Nexus Mod Manager-0.61.8.exe
C:\Users\Remte\AppData\Local\Temp\nsm20D3.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-22 00:10
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-04-2016
Ran by Remte (2016-05-01 13:21:13)
Running from C:\Users\Remte\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-19 21:13:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-175105307-3027912839-4080859387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-175105307-3027912839-4080859387-503 - Limited - Disabled)
Guest (S-1-5-21-175105307-3027912839-4080859387-501 - Limited - Disabled)
Remte (S-1-5-21-175105307-3027912839-4080859387-1001 - Administrator - Enabled) => C:\Users\Remte
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.27 - GIGABYTE)
µTorrent (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Aliens vs. Predator (HKLM\...\Steam App 10680) (Version: - Rebellion)
Assassin's Creed Syndicate (HKLM-x32\...\Steam App 368500) (Version: - Ubisoft Quebec, in collaboration with Ubisoft Annecy, Bucharest, Kiev, Montreal, Montpellier, Shanghai, Singapore, Sofia, Toronto studios)
Assassin's Creed® III (HKLM\...\Steam App 208480) (Version: - Ubisoft Montreal)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Hardsuit Labs)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Easy Tune 6 B12.0713.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0713.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Intel® Chipset Device Software (x32 Version: 10.1.2.9 - Intel® Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 14.0.8185 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.189 - McAfee, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mitos.is: The Game (HKLM\...\Steam App 389570) (Version: - Freakinware Studios)
Move or Die (HKLM-x32\...\Steam App 323850) (Version: - Those Awesome Guys)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.20 - Black Tree Gaming)
NVIDIA 3D Vision Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version: - Robot Entertainment)
PCMark 8 (HKLM-x32\...\{a27cb8b5-5c01-47aa-95dd-c8500325c560}) (Version: 2.5.419.0 - Futuremark)
PCMark 8 (Version: 2.5.419.0 - Futuremark) Hidden
Pirate101 (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Pulse Secure Setup Client (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\Juniper_Setup_Client) (Version: 8.1.4.60057 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Terminal Services Client (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\Juniper_Term_Services) (Version: 8.1.4.37085 - Pulse Secure, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unity Web Player (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wizard101 (HKU\S-1-5-21-175105307-3027912839-4080859387-1001\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-175105307-3027912839-4080859387-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Remte\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {152CC9AF-61F7-4602-A0E0-D20584439FF3} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {230D96C2-BD4E-47EC-B8A7-914A003319B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {7C5364AD-7348-457F-A556-7120C666CC55} - System32\Tasks\{9775D7A3-8B59-4704-B95F-39CC4EA49D93} => pcalua.exe -a "C:\Program Files\PeerBlock\unins000.exe"
Task: {93819DB7-7417-405B-ABC9-7FEC50D2CCA5} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {94355795-323F-4A87-A2E4-0F7948F8E27E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {959806BF-4159-4197-8C84-28F8D36A2FB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {B85596BC-B6BF-40A2-89AA-D7E4CC98759A} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-03-10] (McAfee, Inc.)
Task: {CE6C9778-C748-4232-87AC-33BC19C3F9D6} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-12] (McAfee, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Remte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Remte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2015-12-29 16:23 - 2015-07-13 13:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-28 17:51 - 2016-03-26 15:01 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-04-12 20:06 - 2016-03-29 06:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-12 20:06 - 2016-03-29 06:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-04-25 18:56 - 2016-04-25 18:56 - 00959176 _____ () C:\Users\Remte\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2015-12-19 20:34 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-12 20:05 - 2016-04-01 23:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-12 20:06 - 2016-04-01 23:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-12 20:05 - 2016-04-01 22:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-12 20:06 - 2016-04-01 22:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-12 20:06 - 2016-04-01 23:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-25 18:56 - 2016-04-25 18:56 - 00679624 _____ () C:\Users\Remte\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2015-12-19 21:09 - 2016-03-10 20:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-19 21:09 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-19 21:09 - 2016-03-31 16:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-19 21:08 - 2016-02-08 19:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-19 21:08 - 2016-02-08 19:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-19 21:08 - 2016-02-08 19:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-19 21:08 - 2016-02-08 19:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-19 21:08 - 2016-02-08 19:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-19 21:09 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-19 21:09 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-19 21:09 - 2016-03-31 16:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 00:03 - 2016-02-17 18:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-12-19 21:08 - 2016-02-08 21:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-04-20 00:31 - 2016-04-20 00:31 - 00257536 _____ () C:\ProgramData\xedmal\Trio-Com.dll
2016-04-23 01:11 - 2016-04-20 17:08 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libglesv2.dll
2016-04-23 01:11 - 2016-04-20 17:08 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libegl.dll
2016-04-23 01:11 - 2016-04-20 17:08 - 17536664 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-175105307-3027912839-4080859387-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Remte\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\defense.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1ED36525-7A77-472F-9486-D1515C86813B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{2FE6D725-DC72-44C9-BD54-D7E1C3E36A0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4145E0D5-965D-4695-886C-64D13A8901A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4B20FE61-A539-4E42-BC00-6A8458B2867D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC7CA026-3510-41FE-8CD2-6B456FD6285A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{889BA585-0399-4DB8-BC3B-2FD54E7A6ACE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{96DD970F-AE31-4B75-BBC8-E6C19B90FDC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7A174193-7DFA-47FB-8182-BA14AC4DD08A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D0C22BBF-C4A5-4605-9A47-73F63B09595A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7ECAE44C-3E33-42CF-A7CA-F3E00F77CD48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{5EDC541E-8DDA-477B-8CD4-47F5980DEDFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{54772F0E-FA0B-4F04-A061-F1F9F4FF64A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6B4AF33F-029D-4F52-9675-FBC30C3B209E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{FBACE774-890B-4845-8D96-1959AB8E1928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9451CDF0-AA47-4D1C-AD8D-9AC8DEE5DD6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{ECE2E01F-FDF0-45F7-8BBE-FB0B5A38579E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C6DC36F2-E0B1-4ACD-BFCE-F80C8B7E3789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BB2472A7-A28D-45B7-904B-09399D8C08B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C74585BF-BC72-4CA0-8E28-95E317A99FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{DF8BA8FB-9EA0-431B-82D3-EF2190A01739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{1F03184D-EC01-4D32-9A9A-AFE936C5B4DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{854BA3E0-E17A-4674-937E-5E592263DFBB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2B816DE-7629-48F7-924C-85A6F1939035}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B169C836-4B0A-49FF-8020-3874747F1B21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DC788BF2-F4AA-4628-8C7B-D1C7A0E59B18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{35BF97A2-D24C-4701-A1C9-C1DE1A22DA6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D0D939B4-50A2-4DB1-B52F-968DC5BFC441}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E5925FEB-7BA8-4C06-8222-97BF651BCE6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{4E28CD55-6CD5-4917-A39B-58842670CFF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{1923ACEC-3478-4621-A08E-146E3F08B212}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{1859CD86-ED08-4AB6-ADCF-2BACBFB01A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{7C5FE0C9-5A80-4F86-900C-38D4A712A983}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{DDB18F73-156E-4D17-A873-037588921273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{84084AE1-DCDA-4D66-8223-CCEDB3A84D9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D1947F27-6012-410C-9EDD-88A90188C298}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{16A359A4-7E54-4DC1-90F0-E91BC38A2C83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{2828BEA2-0F28-4451-877B-8E4CDFE72B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{87178EAE-D486-49D1-942E-BB56FB98AF86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{EBC8E042-D211-4C26-98D5-9AF2F73AA887}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{BA6ADEEB-1718-4471-937F-70BA5BD0616E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{FB744AF5-AC29-46D8-BAE8-8C78CEAE72BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{511B1CDB-B03D-4045-A43A-A7453129875F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{53DB9B93-0A5C-4218-94D1-69C184D31A46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{B885BAFD-1B3A-4B8A-B8FA-61C7B6F6262B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{64786EF0-D453-405F-86EA-0398D5064337}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D0E2F7C8-692D-4CB8-B2CB-7E117C833124}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0EA03B2B-9C75-477C-A5C0-95B65F434F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{16B9EF43-7AE8-44BA-B5A5-E527C542F7AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{779D7874-B7C3-42ED-BF8F-EB00CE610D48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BE446C25-53E8-42FE-BF0B-C6ADB041725D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{D8C16C13-29C4-4C77-AF07-0FAF9669E9F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\MoveOrDie.exe
FirewallRules: [{25B592E2-8607-4293-8E47-0C87C39FF77D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{C92920FE-515D-4913-BCAA-33B28F5F2722}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Move or Die\Editor.exe
FirewallRules: [{2EBDED77-43FE-4DA3-A0C9-28C8FCA3A5AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{4F4397A7-07C7-4870-A1B1-1D24E951790B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{EB5D1DB0-E1A5-4CE6-B31D-DE9E846DA8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{C6610C12-20E5-46CB-A675-F612E3EBF36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2E573A09-BE45-4275-AFCB-039E2E3F69D2}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{90FAFD44-F178-4FA7-9045-AA09CB6189ED}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFBCE318-7284-4BDD-9BB2-5BF661AA174F}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4280A0F-7CFE-4B26-8A1F-2C566D0A6E27}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5E68B319-2FAA-43D4-8228-E5B56BCCD139}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBDB1C6A-C497-4938-B1C9-EFD298950883}] => (Allow) C:\Users\Remte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D7CA19CA-A34E-4B09-8B08-1A9C0744B6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{12FF5F16-0E76-44E7-BEEA-EDD91FFFB9FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{23239FC3-FA17-4FD2-B06D-16D09AAF5036}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{40A2DE6C-C10A-4634-BD6C-D57022ACD525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{8508C060-5243-463B-A1DC-3016106410F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{68F35D4A-F45B-48B3-AA73-FF106C0C4EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{C5751E95-FBB7-4BDB-A62F-8A17124D48E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DFD7F0DB-FF13-4AAD-8944-ABF508A1A2FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D5D4F7E-E763-4176-9762-DCBD088F4611}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81FDB438-89F1-4C9C-BAA6-072E274145CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67D882A0-C208-432B-B366-89E4A19D5F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{BED05E66-A447-4E67-B799-B92456A88C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{FB237B82-92BF-4539-A263-837A1C8CEC4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{92C21EE8-CBE2-45FA-84D9-67FAF13C8112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D4AC461C-E882-444B-947D-C3B432227AD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{0E196149-2E6A-4541-8B99-EEB916502FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{772FD4F2-6929-424D-83F9-FCE89F355858}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{0F56361E-92D8-49CE-BD38-F75D08312346}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{2C19DDA9-6A2F-4C11-A8C8-05108786FBFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe
FirewallRules: [{D6D69F28-C212-460C-B310-0BFE09948017}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitos.is The Game\Mitosis.exe
FirewallRules: [{E86DD189-2BCF-4B11-87CD-59A317234542}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B6A47773-74B1-4B75-9683-87DADBAD6592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{1B7FA29F-8B5D-4418-BEF0-F0475339E417}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{89447A1E-5A7E-4337-8CD9-6370D9CD0AD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{9A7CA0FD-E72E-4E1E-9FDE-186FAB622716}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{B8B48F2F-9635-4CFE-8888-4B938411E041}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{953153EE-271D-4A77-A9DA-F7D1CAFC7454}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
==================== Restore Points =========================
24-04-2016 01:32:26 Installed DirectX
24-04-2016 01:33:29 Installed Microsoft Visual C++ 2005 Redistributable
==================== Faulty Device Manager Devices =============
Name: SAS Controller
Description: SAS Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/01/2016 01:07:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUICnt.exe, version: 7.0.8093.0, time stamp: 0x56e118f5
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc000000d
Fault offset: 0x00000000000f5670
Faulting process id: 0xc38
Faulting application start time: 0xMcUICnt.exe0
Faulting application path: McUICnt.exe1
Faulting module path: McUICnt.exe2
Report Id: McUICnt.exe3
Faulting package full name: McUICnt.exe4
Faulting package-relative application ID: McUICnt.exe5
Error: (05/01/2016 12:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 50.0.2661.87, time stamp: 0x5717d482
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0xffffffff
Faulting process id: 0x2040
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
Error: (05/01/2016 12:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MPCNews.exe, version: 3.4.10153.411, time stamp: 0x570b4aeb
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
Exception code: 0xc000000d
Fault offset: 0x000ea22c
Faulting process id: 0x27dc
Faulting application start time: 0xMPCNews.exe0
Faulting application path: MPCNews.exe1
Faulting module path: MPCNews.exe2
Report Id: MPCNews.exe3
Faulting package full name: MPCNews.exe4
Faulting package-relative application ID: MPCNews.exe5
Error: (05/01/2016 10:07:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUICnt.exe, version: 7.0.8093.0, time stamp: 0x56e118f5
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc000000d
Fault offset: 0x00000000000f5670
Faulting process id: 0x4338
Faulting application start time: 0xMcUICnt.exe0
Faulting application path: McUICnt.exe1
Faulting module path: McUICnt.exe2
Report Id: McUICnt.exe3
Faulting package full name: McUICnt.exe4
Faulting package-relative application ID: McUICnt.exe5
Error: (05/01/2016 07:07:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUICnt.exe, version: 7.0.8093.0, time stamp: 0x56e118f5
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc000000d
Fault offset: 0x00000000000f5670
Faulting process id: 0x4944
Faulting application start time: 0xMcUICnt.exe0
Faulting application path: McUICnt.exe1
Faulting module path: McUICnt.exe2
Report Id: McUICnt.exe3
Faulting package full name: McUICnt.exe4
Faulting package-relative application ID: McUICnt.exe5
Error: (05/01/2016 04:07:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUICnt.exe, version: 7.0.8093.0, time stamp: 0x56e118f5
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc000000d
Fault offset: 0x00000000000f5670
Faulting process id: 0x39c8
Faulting application start time: 0xMcUICnt.exe0
Faulting application path: McUICnt.exe1
Faulting module path: McUICnt.exe2
Report Id: McUICnt.exe3
Faulting package full name: McUICnt.exe4
Faulting package-relative application ID: McUICnt.exe5
Error: (05/01/2016 01:27:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-9I7M35L)
Description: Package Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe+Microsoft.ZuneMusic was terminated because it took too long to suspend.
Error: (05/01/2016 01:27:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PirateLauncher.exe, version: 0.0.0.0, time stamp: 0x570eb246
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
Exception code: 0xc000000d
Fault offset: 0x000ea22c
Faulting process id: 0x5044
Faulting application start time: 0xPirateLauncher.exe0
Faulting application path: PirateLauncher.exe1
Faulting module path: PirateLauncher.exe2
Report Id: PirateLauncher.exe3
Faulting package full name: PirateLauncher.exe4
Faulting package-relative application ID: PirateLauncher.exe5
Error: (05/01/2016 01:26:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PirateLauncher.exe, version: 0.0.0.0, time stamp: 0x570eb246
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cc16f5
Exception code: 0xc000000d
Fault offset: 0x000ea22c
Faulting process id: 0x418c
Faulting application start time: 0xPirateLauncher.exe0
Faulting application path: PirateLauncher.exe1
Faulting module path: PirateLauncher.exe2
Report Id: PirateLauncher.exe3
Faulting package full name: PirateLauncher.exe4
Faulting package-relative application ID: PirateLauncher.exe5
Error: (05/01/2016 01:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUICnt.exe, version: 7.0.8093.0, time stamp: 0x56e118f5
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc000000d
Fault offset: 0x00000000000f5670
Faulting process id: 0x31b0
Faulting application start time: 0xMcUICnt.exe0
Faulting application path: McUICnt.exe1
Faulting module path: McUICnt.exe2
Report Id: McUICnt.exe3
Faulting package full name: McUICnt.exe4
Faulting package-relative application ID: McUICnt.exe5
System errors:
=============
Error: (05/01/2016 12:02:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9I7M35L)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-9I7M35LRemteS-1-5-21-175105307-3027912839-4080859387-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/01/2016 12:01:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service hung on starting.
Error: (05/01/2016 11:56:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The xedmal service failed to start due to the following error:
%%1053
Error: (05/01/2016 11:56:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the xedmal service to connect.
Error: (05/01/2016 11:56:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hamachi2Svc service failed to start due to the following error:
%%1053
Error: (05/01/2016 11:56:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Hamachi2Svc service to connect.
Error: (05/01/2016 11:56:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the 0212411461270312mcinstcleanup service to connect.
Error: (05/01/2016 11:55:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:24:27 AM on 5/1/2016 was unexpected.
Error: (04/30/2016 04:29:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (04/29/2016 04:29:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
CodeIntegrity:
===================================
Date: 2016-04-24 03:11:08.670
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-23 00:52:08.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-20 04:55:13.398
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-19 06:45:24.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-16 00:21:29.727
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-14 17:09:06.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-13 16:44:05.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-10 04:03:54.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-01 06:10:06.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-23 04:59:20.415
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 23%
Total physical RAM: 12206.18 MB
Available physical RAM: 9321.36 MB
Total Virtual: 15918.18 MB
Available Virtual: 12897.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1396.71 GB) (Free:1120.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 8D405912)
Partition: GPT.
==================== End of Addition.txt ============================