Every time I boot up my PC , it brings up a window that says " the module C:\User\Kam\AppData\Local\Azngworks\QSCtraceCmds.dll failed to load" and then goes on to say make sure its connected to the right binary or disable it.
It has been happening for a few days now and my disk % shot up to 99 and wont stop , i dont know why.
and here is FRST.TXT 1 and 2:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2017
Ran by Kam (administrator) on KAMERON (19-01-2017 23:32:18)
Running from C:\Users\Kam\Downloads
Loaded Profiles: Kam (Available Profiles: Kam)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-16] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\Run: [Abnlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kam\AppData\Local\Azngworks\QSCtraceCmds.dll
HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\Run: [Discord] => C:\Users\Kam\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2016-09-04]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v3 Genie.lnk [2016-05-22]
ShortcutTarget: NETGEAR WNDA3100v3 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXE (NETGEAR)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{31d4c54b-c940-45f0-925a-3e4e1513b8b5}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5d8d18c5-17f1-4493-8206-2bfa13ecde8b}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{e41beaf7-7772-4713-9cc1-ce3da3812766}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{fe4941d6-8dd7-4393-ac5a-6e48038901a4}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2727943125-610961202-1791343237-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2727943125-610961202-1791343237-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-23] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-23] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-06-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-23] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default [2017-01-19]
CHR Extension: (Google Slides) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-23]
CHR Extension: (Google Docs) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-23]
CHR Extension: (Google Drive) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-23]
CHR Extension: (YouTube) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-23]
CHR Extension: (Google Sheets) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-23]
CHR Extension: (Google Docs Offline) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-23]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Kam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-25]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2017-01-05] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [240416 2016-06-17] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-15] (Hi-Rez Studios) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-16] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-11-24] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-11-24] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 PSEXESVC; C:\Windows\PSEXESVC.EXE [95496 2016-06-03] (Sysinternals)
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 A6100; C:\WINDOWS\System32\drivers\A6100.sys [5004560 2016-02-17] (Realtek Semiconductor Corporation )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows ® Win 7 DDK provider)
R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-10] (ELECOM)
R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-10] (ELECOM)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-19 23:32 - 2017-01-19 23:33 - 00012432 _____ C:\Users\Kam\Downloads\FRST.txt
2017-01-19 23:31 - 2017-01-19 23:32 - 00000000 ____D C:\FRST
2017-01-19 23:31 - 2017-01-19 23:31 - 02419712 _____ (Farbar) C:\Users\Kam\Downloads\FRST64.exe
2017-01-19 23:28 - 2017-01-19 23:28 - 00000795 _____ C:\Users\Kam\Desktop\JRT.txt
2017-01-19 23:25 - 2017-01-19 23:25 - 01663040 _____ (Malwarebytes) C:\Users\Kam\Downloads\JRT.exe
2017-01-19 23:09 - 2017-01-19 23:11 - 00000000 ____D C:\AdwCleaner
2017-01-19 23:09 - 2017-01-19 23:09 - 03988944 _____ C:\Users\Kam\Downloads\AdwCleaner.exe
2017-01-19 23:03 - 2017-01-19 23:03 - 00544148 _____ C:\WINDOWS\Minidump\011917-26781-01.dmp
2017-01-17 21:55 - 2017-01-17 21:55 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2017-01-17 21:40 - 2017-01-17 21:40 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-01-17 21:39 - 2017-01-17 21:39 - 00000000 _____ C:\WINDOWS\HPMProp.INI
2017-01-17 21:39 - 2013-12-04 00:14 - 00601376 _____ (HP) C:\WINDOWS\SysWOW64\hpcdmc32.dll
2017-01-17 21:39 - 2013-12-04 00:14 - 00237344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpmlm135.dll
2017-01-17 21:39 - 2013-12-04 00:13 - 00217376 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmml160.dll
2017-01-17 21:39 - 2013-12-04 00:13 - 00189728 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmpm081.dll
2017-01-17 21:39 - 2013-12-04 00:13 - 00162080 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmtp160.dll
2017-01-17 21:39 - 2013-12-04 00:13 - 00074016 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmpw081.dll
2017-01-17 21:39 - 2013-12-04 00:12 - 00199968 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmja160.dll
2017-01-17 21:39 - 2013-12-04 00:11 - 00447264 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn160.dll
2017-01-17 21:39 - 2013-12-04 00:11 - 00140064 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpcjpm.dll
2017-01-17 21:39 - 2013-12-04 00:07 - 00446240 _____ (Hewlett Packard Corporation) C:\WINDOWS\SysWOW64\hpcc3160.dll
2017-01-17 21:39 - 2011-02-11 14:23 - 00193592 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppdcompio.dll
2017-01-17 21:39 - 2011-02-11 14:23 - 00167480 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hppccompio.dll
2017-01-17 21:39 - 2009-02-25 16:32 - 00060440 _____ (Hewlett-Packard) C:\WINDOWS\system32\FxCompChannel_x64.dll
2017-01-17 21:37 - 2017-01-17 21:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-17 12:28 - 2017-01-17 12:29 - 00000000 ____D C:\Users\Kam\Documents\Stream Labels
2017-01-17 12:27 - 2017-01-17 12:27 - 00000000 ____D C:\Users\Kam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-01-17 01:56 - 2017-01-17 01:56 - 48985385 _____ C:\Users\Kam\Downloads\CLRBrowserSourcePlugin-20140909x64.zip
2017-01-17 01:12 - 2017-01-19 15:33 - 00000000 ____D C:\Users\Kam\AppData\Roaming\obs-studio
2017-01-17 01:12 - 2017-01-19 01:59 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-01-17 01:12 - 2017-01-17 01:12 - 00001275 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-01-17 01:12 - 2017-01-17 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-01-17 01:10 - 2017-01-17 01:11 - 110820200 _____ (obsproject.com) C:\Users\Kam\Downloads\OBS-Studio-17.0-Full-Installer.exe
2017-01-16 21:12 - 2017-01-16 21:12 - 00000000 ____D C:\Users\Kam\AppData\Local\UnrealEngine
2017-01-16 21:12 - 2017-01-16 21:12 - 00000000 ____D C:\Users\Kam\AppData\Local\Astro
2017-01-16 21:00 - 2017-01-16 21:00 - 00000222 _____ C:\Users\Kam\Desktop\ASTRONEER.url
2017-01-16 13:57 - 2017-01-16 13:57 - 00543732 _____ C:\WINDOWS\Minidump\011617-27390-01.dmp
2017-01-13 14:57 - 2017-01-13 14:58 - 00038311 _____ C:\Users\Kam\Downloads\Addition.txt
2017-01-13 14:09 - 2016-12-21 02:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-13 14:09 - 2016-12-21 02:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 14:09 - 2016-12-21 01:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-13 14:09 - 2016-12-21 01:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-13 14:09 - 2016-12-21 01:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 14:09 - 2016-12-21 01:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 14:09 - 2016-12-21 01:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-13 14:09 - 2016-12-21 01:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 14:09 - 2016-12-21 01:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 14:09 - 2016-12-21 01:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 14:09 - 2016-12-21 01:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-13 14:09 - 2016-12-21 01:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-13 14:09 - 2016-12-21 01:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 14:09 - 2016-12-21 00:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-13 14:09 - 2016-12-21 00:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 14:09 - 2016-12-21 00:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 14:09 - 2016-12-21 00:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-13 14:09 - 2016-12-21 00:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-13 14:09 - 2016-12-21 00:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-13 14:09 - 2016-12-20 23:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-13 14:09 - 2016-12-20 23:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 14:09 - 2016-12-20 23:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-13 14:09 - 2016-12-20 22:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 14:09 - 2016-12-20 22:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-13 14:09 - 2016-12-20 22:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-13 14:09 - 2016-12-20 22:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-13 14:09 - 2016-12-20 22:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-13 14:09 - 2016-12-20 22:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-13 14:09 - 2016-12-20 22:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-13 14:09 - 2016-12-20 22:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-13 14:09 - 2016-12-20 22:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-13 14:09 - 2016-12-13 23:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-13 14:09 - 2016-12-13 23:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-13 14:09 - 2016-12-13 23:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-13 14:09 - 2016-12-13 23:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-13 14:09 - 2016-12-13 22:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 14:09 - 2016-12-13 22:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-13 14:09 - 2016-12-13 22:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 14:09 - 2016-12-13 22:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-13 14:09 - 2016-12-13 22:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 14:09 - 2016-12-13 22:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-13 14:09 - 2016-12-13 22:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-13 14:09 - 2016-12-13 22:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-13 14:09 - 2016-12-13 22:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-13 14:09 - 2016-12-13 22:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-13 14:09 - 2016-12-13 22:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-13 14:09 - 2016-12-13 22:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-13 14:09 - 2016-12-13 22:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-13 14:09 - 2016-12-13 22:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-13 14:09 - 2016-12-13 22:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-13 14:09 - 2016-12-13 22:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-13 14:08 - 2016-12-21 02:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 14:08 - 2016-12-21 01:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 14:08 - 2016-12-21 01:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-13 14:08 - 2016-12-21 01:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 14:08 - 2016-12-21 01:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-13 14:08 - 2016-12-21 01:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-13 14:08 - 2016-12-21 01:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 14:08 - 2016-12-21 01:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-13 14:08 - 2016-12-21 01:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 14:08 - 2016-12-21 01:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 14:08 - 2016-12-21 01:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 14:08 - 2016-12-21 01:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 14:08 - 2016-12-21 01:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 14:08 - 2016-12-21 01:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 14:08 - 2016-12-21 01:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-13 14:08 - 2016-12-21 01:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 14:08 - 2016-12-21 01:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 14:08 - 2016-12-21 01:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 14:08 - 2016-12-21 01:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 14:08 - 2016-12-21 01:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 14:08 - 2016-12-21 01:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-13 14:08 - 2016-12-21 01:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 14:08 - 2016-12-21 01:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 14:08 - 2016-12-21 01:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 14:08 - 2016-12-21 01:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-13 14:08 - 2016-12-21 01:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-13 14:08 - 2016-12-21 00:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 14:08 - 2016-12-21 00:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-13 14:08 - 2016-12-21 00:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 14:08 - 2016-12-21 00:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 14:08 - 2016-12-21 00:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-13 14:08 - 2016-12-21 00:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 14:08 - 2016-12-21 00:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-13 14:08 - 2016-12-21 00:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-13 14:08 - 2016-12-21 00:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 14:08 - 2016-12-21 00:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 14:08 - 2016-12-21 00:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 14:08 - 2016-12-21 00:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 14:08 - 2016-12-21 00:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 14:08 - 2016-12-21 00:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-13 14:08 - 2016-12-20 23:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-13 14:08 - 2016-12-20 22:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-13 14:08 - 2016-12-20 22:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 14:08 - 2016-12-20 22:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-13 14:08 - 2016-12-20 22:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-13 14:08 - 2016-12-20 22:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-13 14:08 - 2016-12-20 22:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-13 14:08 - 2016-12-20 22:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-13 14:08 - 2016-12-20 22:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-13 14:08 - 2016-12-20 22:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-13 14:08 - 2016-12-20 22:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-13 14:08 - 2016-12-20 22:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-13 14:08 - 2016-12-20 22:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-13 14:08 - 2016-12-20 22:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-13 14:08 - 2016-12-20 22:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-13 14:08 - 2016-12-20 22:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-13 14:08 - 2016-12-20 22:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-13 14:08 - 2016-12-20 22:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-13 14:08 - 2016-12-20 22:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-13 14:08 - 2016-12-20 22:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-13 14:08 - 2016-12-13 23:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-13 14:08 - 2016-12-13 23:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 14:08 - 2016-12-13 23:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-13 14:08 - 2016-12-13 23:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 14:08 - 2016-12-13 23:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-13 14:08 - 2016-12-13 23:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-13 14:08 - 2016-12-13 23:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-13 14:08 - 2016-12-13 23:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 14:08 - 2016-12-13 23:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 14:08 - 2016-12-13 23:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-13 14:08 - 2016-12-13 23:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-13 14:08 - 2016-12-13 23:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-13 14:08 - 2016-12-13 23:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-13 14:08 - 2016-12-13 23:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-13 14:08 - 2016-12-13 22:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 14:08 - 2016-12-13 22:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-13 14:08 - 2016-12-13 22:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-13 14:08 - 2016-12-13 22:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 14:08 - 2016-12-13 22:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-13 14:08 - 2016-12-13 22:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 14:08 - 2016-12-13 22:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-13 14:08 - 2016-12-13 22:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 14:08 - 2016-12-13 22:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-13 14:08 - 2016-12-13 22:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 14:08 - 2016-12-13 22:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-13 14:08 - 2016-12-13 22:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-13 14:08 - 2016-12-13 22:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 14:08 - 2016-12-13 22:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 14:08 - 2016-12-13 22:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 14:08 - 2016-12-13 22:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 14:08 - 2016-12-13 22:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-13 14:08 - 2016-12-13 22:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 14:08 - 2016-12-13 22:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-13 14:08 - 2016-12-13 22:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-13 14:08 - 2016-12-13 22:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-13 14:08 - 2016-12-13 22:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-13 14:08 - 2016-12-13 22:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-13 14:08 - 2016-12-13 22:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 14:08 - 2016-12-13 22:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-13 14:08 - 2016-12-13 22:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-13 14:08 - 2016-12-13 22:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-13 14:08 - 2016-12-13 22:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-13 14:08 - 2016-12-13 22:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-13 14:08 - 2016-12-13 22:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-13 14:08 - 2016-11-02 06:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-13 14:08 - 2016-11-02 05:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-13 14:08 - 2016-11-02 04:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 14:08 - 2016-11-02 04:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 14:08 - 2016-11-02 04:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-13 14:08 - 2016-08-01 22:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-10 22:27 - 2017-01-10 23:51 - 00000000 ____D C:\Users\Kam\Documents\Scholarships
2017-01-09 22:14 - 2017-01-09 23:09 - 00000000 ____D C:\Users\Kam\AppData\Local\SUPERHOT_Sp_z_o.o
2017-01-09 22:14 - 2017-01-09 22:14 - 00000000 ____D C:\Users\Kam\AppData\LocalLow\SUPERHOT_Team
2017-01-09 22:12 - 2017-01-09 22:40 - 00000000 ___RD C:\Users\Kam\Documents\Superhot
2017-01-09 22:08 - 2017-01-09 22:08 - 176898422 _____ C:\Users\Kam\Downloads\SUPERHOT.Update.8.part2.rar
2017-01-09 22:00 - 2017-01-09 22:01 - 1018844482 _____ C:\Users\Kam\Downloads\SUPERHOT.Update.8.part1.7z
2017-01-09 21:59 - 2017-01-09 21:59 - 1038090240 _____ C:\Users\Kam\Downloads\SUPERHOT.Update.8.part1.rar
2017-01-09 21:33 - 2017-01-09 21:33 - 01381582 _____ (Igor Pavlov) C:\Users\Kam\Downloads\7z1604-x64.exe
2017-01-08 23:03 - 2017-01-08 23:12 - 00000000 ____D C:\Users\Kam\AppData\Roaming\Rustangelo
2017-01-05 13:37 - 2017-01-05 13:37 - 00000222 _____ C:\Users\Kam\Desktop\Tom Clancy's Rainbow Six Siege.url
2016-12-22 19:52 - 2016-12-22 19:52 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-22 19:50 - 2016-12-22 19:50 - 00516236 _____ C:\WINDOWS\Minidump\122216-31875-01.dmp
2016-12-22 00:43 - 2016-12-22 00:43 - 00000000 ____D C:\Users\Kam\AppData\LocalLow\SKS
2016-12-22 00:38 - 2016-12-22 00:38 - 00000222 _____ C:\Users\Kam\Desktop\The Forest.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-19 23:27 - 2016-09-16 16:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-19 23:27 - 2016-06-03 13:23 - 01764964 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-19 23:23 - 2016-05-22 21:16 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-19 23:21 - 2016-09-16 16:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-19 23:21 - 2016-09-16 16:16 - 00000000 ____D C:\Users\Kam
2017-01-19 23:21 - 2016-09-16 16:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-19 23:21 - 2016-06-04 00:37 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-19 23:13 - 2016-12-16 00:40 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-19 23:12 - 2016-07-16 00:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-19 23:10 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-19 23:10 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-19 23:04 - 2016-08-19 00:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-19 23:03 - 2016-09-21 19:29 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-19 23:03 - 2016-05-22 23:41 - 787275827 _____ C:\WINDOWS\MEMORY.DMP
2017-01-19 13:09 - 2016-06-17 23:28 - 00556280 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-01-19 01:50 - 2016-06-24 12:00 - 00000000 ____D C:\Users\Kam\AppData\Local\Ubisoft Game Launcher
2017-01-18 22:40 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-18 00:18 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-17 22:19 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-17 01:09 - 2016-08-08 15:42 - 00000000 ____D C:\Users\Kam\AppData\Roaming\OBS
2017-01-17 01:09 - 2016-08-08 15:39 - 00000000 ____D C:\Program Files\OBS
2017-01-16 18:13 - 2016-05-22 20:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-16 18:07 - 2016-09-16 16:10 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-16 15:30 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-16 15:30 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 15:30 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-16 15:30 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-16 15:30 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-16 14:19 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-16 14:16 - 2016-06-02 19:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-16 14:14 - 2016-06-02 19:13 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-13 14:21 - 2016-08-12 01:10 - 00000000 ____D C:\Users\Kam\AppData\Local\CrashDumps
2017-01-11 23:52 - 2016-11-03 15:28 - 00002223 _____ C:\Users\Kam\Desktop\Discord.lnk
2017-01-11 23:52 - 2016-11-03 15:28 - 00000000 ____D C:\Users\Kam\AppData\Roaming\discord
2017-01-11 23:51 - 2016-11-03 15:28 - 00000000 ____D C:\Users\Kam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-01-11 23:51 - 2016-11-03 15:28 - 00000000 ____D C:\Users\Kam\AppData\Local\Discord
2017-01-07 03:28 - 2016-06-19 17:33 - 00000000 ____D C:\Users\Kam\AppData\Roaming\Curse Client
2017-01-05 15:28 - 2016-06-04 00:39 - 00000000 ____D C:\Users\Kam\Documents\My Games
2017-01-05 14:24 - 2016-06-24 12:00 - 00001274 _____ C:\Users\Kam\Desktop\Uplay.lnk
2016-12-29 17:27 - 2016-05-23 16:00 - 00000000 ____D C:\Users\Kam\AppData\Local\Diagnostics
2016-12-27 21:22 - 2016-06-03 22:17 - 00000000 ____D C:\Users\Kam\AppData\Roaming\.minecraft
2016-12-22 19:53 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-22 19:52 - 2016-06-03 14:01 - 00002357 _____ C:\Users\Kam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-22 19:52 - 2016-06-03 14:01 - 00000000 ___RD C:\Users\Kam\OneDrive
2016-12-22 17:13 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-22 17:13 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 03:03 - 2016-09-16 16:16 - 00524288 ___SH C:\Users\Kam\NTUSER.DAT{adc0290a-7c62-11e6-abe1-f2a04345056b}.TMContainer00000000000000000002.regtrans-ms
==================== Files in the root of some directories =======
2016-08-03 23:07 - 2016-08-04 23:07 - 0000075 _____ () C:\Users\Kam\AppData\Roaming\WB.CFG
2016-08-17 23:49 - 2016-08-17 23:49 - 0000480 ____H () C:\Users\Kam\AppData\Roaming\½Ó
2016-08-18 01:56 - 2016-08-18 01:56 - 0007605 _____ () C:\Users\Kam\AppData\Local\Resmon.ResmonCfg
2016-08-17 23:49 - 2016-08-17 23:49 - 0000008 ____H () C:\ProgramData\@000001.dat
2016-08-17 23:50 - 2016-08-17 23:50 - 0000000 ____H () C:\ProgramData\@system.temp
2016-08-17 23:49 - 2016-08-17 23:49 - 0000656 ____H () C:\ProgramData\@system3.att
2016-12-16 00:40 - 2017-01-19 23:21 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-16 00:40 - 2017-01-19 23:13 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-08-14 00:53 - 2016-08-14 00:53 - 0005116 _____ () C:\ProgramData\rxsmznjf.zcp
Files to move or delete:
====================
C:\ProgramData\@000001.dat
Some files in TEMP:
====================
C:\Users\Kam\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Kam\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Kam\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Kam\AppData\Local\Temp\nvStInst.exe
C:\Users\Kam\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Kam\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Kam\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Kam\AppData\Local\Temp\SpotifyUninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-15 13:57
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2017
Ran by Kam (19-01-2017 23:33:26)
Running from C:\Users\Kam\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-16 22:33:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2727943125-610961202-1791343237-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2727943125-610961202-1791343237-503 - Limited - Disabled)
Guest (S-1-5-21-2727943125-610961202-1791343237-501 - Limited - Disabled)
Kam (S-1-5-21-2727943125-610961202-1791343237-1001 - Administrator - Enabled) => C:\Users\Kam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
ASTRONEER (HKLM\...\Steam App 361420) (Version: - System Era Softworks)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty: Black Ops - Multiplayer (HKLM\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM\...\Steam App 42700) (Version: - Treyarch)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dying Light (HKLM\...\Steam App 239140) (Version: - Techland)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version: - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Heroes & Generals (HKLM\...\Steam App 227940) (Version: - Reto-Moto)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.5.5 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.30 - NETGEAR)
NETGEAR A6100 Genie (x32 Version: 1.0.0.30 - NETGEAR) Hidden
NETGEAR WNDA3100v3 (x32 Version: 1.0.0.10 - NETGEAR) Hidden
NETGEAR WNDA3100v3 (x32 Version: 1.0.0.8 - NETGEAR) Hidden
NETGEAR WNDA3100v3 Genie (HKLM-x32\...\InstallShield_{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}) (Version: 1.0.0.10 - NETGEAR)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64935 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
Rustangelo (HKLM\...\Steam App 527440) (Version: - JaviteSoft)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2727943125-610961202-1791343237-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14A4E532-3821-4F34-AD6B-31F9F63BBA8C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Kam\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {183B400B-CE4C-4613-A4E8-656F3073A9FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-23] (Google Inc.)
Task: {19AD5AB6-55ED-459C-AFD9-55C486955FB7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1C5E383F-C4F5-4419-8396-78E9C9BD2367} - \WPD\SqmUpload_S-1-5-21-2727943125-610961202-1791343237-1001 -> No File <==== ATTENTION
Task: {22823796-CFC3-4BF3-B84B-32FE14D48C84} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {26763A23-7A2B-4A51-B2E8-D53AA9ED59B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-23] (Google Inc.)
Task: {26C605BB-797B-4BF0-81BD-63510BA31707} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4DD96B72-3D25-4879-B3E7-954C76DC4FA4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {668ACF40-0B58-4DA2-A811-1B556AD80380} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {76C4FC9F-8761-4DD5-822E-E3A93DBAC10C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation)
Task: {91324D01-60A2-4162-A283-ECA5756933F2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9C20EC00-C237-4FAC-8D8C-7E1EC9AE4B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation)
Task: {B9F5224D-6298-4B8B-8A5E-683991661464} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BAEEDC17-9E9A-40C4-A21F-7A8DD1B989D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {CE757299-8E3A-4640-86E4-2A9052BAAD5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D408F633-4FC9-443F-9E51-1F1DA6D443C2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation)
Task: {D706B512-55AC-4ADA-871C-5C13FC5B5FBD} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E4FA08EB-E064-4D02-B3C6-51247CDFBE65} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Kam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 17:05 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-07 12:05 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-12-13 17:05 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-22 19:52 - 2016-12-22 19:52 - 01678560 _____ () C:\Users\Kam\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-12-14 23:17 - 2016-12-14 23:18 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 23:17 - 2016-12-14 23:18 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 23:17 - 2016-12-14 23:18 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 23:17 - 2016-12-14 23:18 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-24 15:57 - 2016-12-12 17:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-24 15:57 - 2016-12-12 17:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-16 19:05 - 2016-09-16 19:05 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-13 14:08 - 2016-12-21 01:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-13 14:08 - 2016-12-21 00:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-13 14:08 - 2016-12-21 00:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-13 14:08 - 2016-12-21 00:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-13 14:08 - 2016-12-21 00:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-13 14:08 - 2016-12-21 00:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-13 14:08 - 2016-12-21 00:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-07 12:05 - 2017-01-19 23:21 - 00032552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-12-07 12:05 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-11-09 18:51 - 2016-11-24 15:08 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-11-24 15:57 - 2016-12-12 17:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-24 15:57 - 2016-12-12 17:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-24 15:57 - 2016-12-12 17:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-15 00:25 - 2016-12-08 01:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 00:25 - 2016-12-08 01:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Kam:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2727943125-610961202-1791343237-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{53D87F37-7EC3-469B-B116-1DE68E9314BA}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{162B119E-1945-4C12-909C-794E62756ECD}] => C:\WINDOWS\explorer.exe
FirewallRules: [{B2E93D6B-DC79-4830-B764-B65471132137}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{3693112B-B489-4EE7-84FD-BA32A33D9966}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F5E3FFB6-B654-4FEA-BF9C-1DBB8053FA0F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{7DDF5DD8-6894-403F-A45D-306C685404E2}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{E5269123-F5FB-4EAD-A84B-D980F9400CC1}] => C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{5607C394-EFCA-4802-93B2-E5C1E4988CE9}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{F64B91F8-C66C-4676-B580-20061146EE83}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7706383E-578D-4EE1-A53F-FFDD34669E18}C:\program files (x86)\firewatch\firewatch.exe] => C:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [TCP Query User{49C8C8BF-D3BA-4D88-A6E4-F2B9E61158DD}C:\program files (x86)\firewatch\firewatch.exe] => C:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [UDP Query User{E0BF6BD1-4D81-49CE-ADAB-8BBA0AA415CC}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{EFC0DA06-8FD2-4718-AB7B-E468EB4744CF}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{DB2171F0-2340-4446-9729-170A6ADC0AD5}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{206F54FF-FB04-419E-A582-B25B25921BA4}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CF06B9D1-7214-4B8E-A818-0F056BA4A246}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B786F233-BBEC-4DFD-B015-F503A5EB89CB}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{06B9D9B2-8F1E-41C0-871F-9672AA7E256E}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{846EB277-E3DF-48B9-AA9B-EBE72405CE5C}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{AB8DB09E-54BD-4700-8C5C-A4501F36BB39}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{DFE0584A-80FA-4B39-A8D0-671E8F12E52D}] => C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3725BA3E-F7CD-4DE1-9A74-8F1354BF3F5E}] => C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{DEF63881-3079-4B42-908A-D576E5B824A9}] => C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{BC552C53-FF59-4A1F-A973-3A67F5A3AF65}] => C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0929D009-E4FD-4D54-92FD-488F533C661D}] => C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CD0E1149-8F32-424D-8A50-482D7BCC5A56}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{C31566A9-444A-4187-8E71-BE0F077034A2}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6EF6DC99-71C2-4C30-9CEB-26E2FB26ABA0}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{89BF12FD-E995-4A38-B62B-A785695E6E1A}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{9129C98F-F7E2-4F22-8CB8-FBD1C764BBA6}] => C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{8773F0AF-F804-4A3F-B266-4F6B5FC51914}] => C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{E2D99EA8-F2C8-4B8B-9F79-A8A2B4EE1814}] => C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{DB1CC5AD-E9CA-4303-982F-FBD4E5A0B829}] => C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [UDP Query User{4C3D8086-3283-445F-B7FF-8BCDA9925B91}C:\program files (x86)\strogino cs portal\garrys mod\hl2.exe] => C:\program files (x86)\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [TCP Query User{06E644E5-1C46-4B3B-8077-D8982B72F33A}C:\program files (x86)\strogino cs portal\garrys mod\hl2.exe] => C:\program files (x86)\strogino cs portal\garrys mod\hl2.exe
FirewallRules: [{6A865B22-4ABD-4F88-A3BF-243C511E7400}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{FF6939F3-06CE-4284-8276-4854655C7AC3}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{5C745959-8095-4F9F-864B-C719097E1C1D}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{D910BCC7-AEC6-4409-8E8B-EFFDAB46C546}] => C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [UDP Query User{5CB8E84F-4B8A-44A4-91F3-64629AD89088}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{9FEC69EA-0273-487B-80D0-A4C0995B7A8C}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{0FCA28B3-AB32-4F4E-A751-920DEC0AF227}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{FD85E27C-4CB2-482E-B5B2-C502A028A927}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [UDP Query User{832A84A9-3529-4979-8949-488C58DD7610}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{F17F8DC7-CE36-4491-9C80-E456953AE16D}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{520CCCDE-828C-411B-985F-0DC56F92C294}] => C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{62F16B2B-21F8-42C0-AC3E-782E9BFF3DBE}] => C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{FD04D235-4052-4C99-A969-C020F15A1E1E}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C82278C-6A4F-44FD-B7D6-ADC532D71CF9}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{BA5C4EDF-B4EA-48D5-B258-9CBA5C9D9AAC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{203A7DEA-E8E8-4501-A4C8-77A45F248459}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3EB2C2E1-E825-4F38-BC96-663493D5A3AA}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA6BABAB-C97D-4013-85B9-8485C6F7E8FC}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3BBD2632-8E64-44FA-A074-45E443473809}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{555DB6C6-1086-411C-93A8-7BD4EAF8A755}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE824DF7-926D-4455-8E83-C58B00021B65}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{99AF0615-DA58-4D31-A642-F11347A00246}] => C:\Users\Kam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{458B6AC0-9F06-4A64-ABC0-9CE6FB12F988}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3046347B-0E2C-4426-98FF-FEEC6F35D917}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C477D1DD-8EB9-415C-A65D-39193509DC7D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2846D508-405A-44CB-8362-CA136CA1F8FC}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{181F7F18-5355-4659-9B1A-B0D2D010FDB5}] => C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{D23C710A-572D-4536-8C40-9D2997EA0C2D}] => C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{CCA404F0-72F1-4F57-9F42-39F0544470E6}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{1AD1959D-554A-4176-83FF-BFA8DFFE6F69}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{AC74159E-CF7F-4B3E-8AD0-9FBCB38A05D8}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [UDP Query User{143E9DEA-831A-45AE-8B5A-E150ECB80B9B}C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe] => C:\program files (x86)\steam\steamapps\common\aftermath\amlauncher.exe.new.exe
FirewallRules: [TCP Query User{EF859144-A879-4B38-B84A-D7652D1A9214}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe] => C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe
FirewallRules: [UDP Query User{E6F41E6D-86DC-45AE-AE19-720C1EAB9520}C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe] => C:\program files (x86)\steam\steamapps\common\aftermath\aftermath.exe
FirewallRules: [TCP Query User{F5C0BFFF-5395-4592-B17E-30843C4969FA}C:\users\kam\appdata\roaming\spotify\spotify.exe] => C:\users\kam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{513F180D-B0E7-4843-8891-7476C66A0735}C:\users\kam\appdata\roaming\spotify\spotify.exe] => C:\users\kam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{691962A6-D6A4-4604-958B-3A72F64EFF70}] => C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{ADFC1E46-9887-4B48-B07F-7453C9EED981}] => C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{DFD6837B-1F8E-4F5B-A2DE-BE23FBC6D05B}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{420C5D72-89F3-4A34-8976-CAE0C466477B}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{9B601EBE-0F05-4940-A0A0-80F032E71868}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{81BE663F-FA88-46B2-8BDA-7E4FFA09DB9A}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{228EEE1B-9D31-4410-91F5-4BDCB8F42960}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0BAF8D64-4896-4A36-9892-07DB090CF38E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{235712A5-5ED7-4DA9-8BDB-2B9B8D09A52D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CDAA719F-B329-4E58-9CE4-DB1D9EBA8D7A}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BC9A6974-BA8B-41E8-B5B7-7E6212CF1912}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5A25BB50-13C5-4124-B7AD-7C26974B09A4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C0DC8AEC-A2A5-45A5-8B9B-75A644198AF4}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{1728C332-2528-44CF-84C9-1D3967177D63}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{4A22D5E1-3432-4BBC-978A-F96A017E4F80}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{433F52D2-48DC-4C85-98A4-5F9EAD2570B2}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{23C6C254-3180-4C37-A4DC-4587255955A7}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{5892E766-A2A5-4279-A7C2-8C7173A73CB6}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A560C04F-1636-4D97-9029-D3A410E6B505}] => C:\Program Files (x86)\Steam\steamapps\common\Rustangelo\Rustangelo.exe
FirewallRules: [{EB659FE7-F8FE-4C7E-9A2D-0B95AD418637}] => C:\Program Files (x86)\Steam\steamapps\common\Rustangelo\Rustangelo.exe
FirewallRules: [{1F59C8A9-D931-477B-95C6-11F1A914E629}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F064F048-987D-4EFD-8283-8B4432BDA946}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{866602C2-9933-44E6-860C-3250245303FC}] => C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe
FirewallRules: [{54DAA1AE-BE7E-4E0C-A6C0-71F59503CEBE}] => C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe
FirewallRules: [TCP Query User{4E4D82D0-A72D-4A73-89AF-498A8CB18558}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
FirewallRules: [UDP Query User{92BE8DF9-6423-4176-A33A-5EAAA01618E9}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe
==================== Restore Points =========================
30-12-2016 21:48:03 Scheduled Checkpoint
09-01-2017 14:41:24 Scheduled Checkpoint
13-01-2017 14:10:35 Windows Update
16-01-2017 14:13:42 Windows Update
16-01-2017 14:14:20 Windows Update
19-01-2017 23:26:34 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2017 11:26:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (01/19/2017 10:55:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
System errors:
=============
Error: (01/19/2017 11:33:46 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
Error: (01/19/2017 11:30:19 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
Error: (01/19/2017 11:29:02 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
Error: (01/19/2017 11:28:59 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
Error: (01/19/2017 11:27:49 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
Error: (01/19/2017 11:27:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (01/19/2017 11:27:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA NetworkService Container service terminated unexpectedly. It has done this 1 time(s).
Error: (01/19/2017 11:23:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2017 11:21:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/19/2017 11:21:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
CodeIntegrity:
===================================
Date: 2017-01-19 00:20:08.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-17 17:23:59.049
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-17 00:46:12.804
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-17 00:46:10.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-12 13:25:54.315
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-12 13:21:03.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-10 18:28:18.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-10 18:28:18.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 22:02:29.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 21:38:48.247
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 16%
Total physical RAM: 12230.06 MB
Available physical RAM: 10218.25 MB
Total Virtual: 14406.06 MB
Available Virtual: 12250.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.73 GB) (Free:495.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1323F73F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Answered
![StartupCheckLibrary.dll and wincomsrv.dll problem starting [Solved] - last post by JSntgRvr](https://www.geekstogo.com/forum/uploads/av-143426.jpg?_r=0)
Sign In
Create Account
