Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-07-2016 02 Ran by JLyn (administrator) on DARTHMAUL (22-07-2016 17:42:17) Running from C:\Users\JLyn\Desktop Loaded Profiles: JLyn (Available Profiles: JLyn) Platform: Microsoft Windows 8.1 with Bing (Update) (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Valve Corporation) C:\Program Files\Steam\Steam.exe (Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [73216 2014-06-25] (Intel Corporation) HKU\S-1-5-21-3520924193-2044853642-1748884499-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.) HKU\S-1-5-21-3520924193-2044853642-1748884499-1001\...\Run: [Chromium] => "c:\users\jlyn\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-3520924193-2044853642-1748884499-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2 Tcpip\..\Interfaces\{B8F5FFB3-8C12-405F-BAC4-66CA6892A65D}: [DhcpNameServer] 75.114.81.1 75.114.81.2 ManualProxies: Internet Explorer: ================== HKU\S-1-5-21-3520924193-2044853642-1748884499-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U330&ocid=U330DHP&osmkt=en-us HKU\S-1-5-21-3520924193-2044853642-1748884499-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-20] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-20] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-20] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-20] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-07-20] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-26] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.yahoo.com/ CHR StartupUrls: Default -> "hxxp://www.yahoo.com/" CHR Profile: C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-26] CHR Extension: (iEquals) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicingidcbcdgpcgdjblcgdggfnjpmfc [2016-05-26] CHR Extension: (Google Docs) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-26] CHR Extension: (Google Drive) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26] CHR Extension: (YouTube) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-26] CHR Extension: (Classic Games) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc [2016-05-26] CHR Extension: (Adblock Plus) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-28] CHR Extension: (Useful Periodic Table (lite)) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\chachkegffmilnmdlonllkhkfkakghie [2016-05-26] CHR Extension: (Daum Equation Editor) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2016-05-26] CHR Extension: (MondoVeto - Become a veterinary) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecepiacjoadflhimmedofhplofenngif [2016-05-26] CHR Extension: (MondoZoo - Zoo game) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejafdpedefplpgoacblaboikebhhjlib [2016-05-26] CHR Extension: (Google Sheets) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-26] CHR Extension: (Chem Q&A) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdojbpliioapmohgdkogdnkmdmobbip [2016-05-26] CHR Extension: (Lucidchart for Education) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbabpaggdgcakhjllleobffeghmhjme [2016-07-22] CHR Extension: (Google Docs Offline) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-26] CHR Extension: (Planetarium) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2016-05-26] CHR Extension: (iTunes launcher) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfopkhiknkcncicabicdolgfgfbbleen [2016-05-26] CHR Extension: (DNA Mapping) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jedimjkkalmfpabbcojjnpmhgpomlcfp [2016-05-26] CHR Extension: (MondoZooPark) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmpkmeghlkkggopeiplfmbigjhnodnij [2016-05-26] CHR Extension: (Little Alchemy) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-05-26] CHR Extension: (Poppit!) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2016-05-26] CHR Extension: (Mahjong) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimcabmfjaeoldnchodmelflfjmgaojh [2016-05-26] CHR Extension: (ChemReference: Periodic Table) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpnebljmdbglkmlnijcaplhfhkhdnib [2016-05-26] CHR Extension: (LEGO Bricks for Kids - Duckie Deck) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbganapjeophmimeokdffcajbbphfedb [2016-05-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-26] CHR Extension: (k-12 Mathematical Simulations) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\phibhpccfjfcchdcmkjlfflancpppomn [2016-05-26] CHR Extension: (Gmail) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-26] CHR Extension: (Chemystery) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmobfjfncmkcpoenhmlfnckpniemignj [2016-05-26] CHR Extension: (Spot The Differences!) - C:\Users\JLyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pniinickecbjegedmgagmgikbolfgaij [2016-05-26] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2118848 2016-07-04] (Microsoft Corporation) S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [279000 2014-06-13] (Intel Corporation) R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [75264 2014-06-25] (Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [89088 2014-06-25] (Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [82432 2014-06-25] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [277976 2014-06-13] (Intel Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-21] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ACC_SensorDriver; C:\WINDOWS\System32\drivers\ACC_SensorDriver.sys [19968 2014-06-27] () R3 BthMini; C:\WINDOWS\System32\Drivers\BTHMINI.sys [23552 2014-11-20] (Microsoft Corporation) R3 camera; C:\WINDOWS\system32\DRIVERS\camera.sys [462336 2014-07-22] (Intel Corporation) S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [36352 2014-06-25] (Intel Corporation) R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [17408 2014-06-25] (Intel Corporation) R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [19968 2014-06-25] (Intel Corporation) R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [28160 2014-06-25] (Intel Corporation) R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [72704 2014-06-25] (Intel Corporation) R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [174080 2014-06-25] (Intel Corporation) S3 gc2235; C:\WINDOWS\System32\drivers\gc2235.sys [43520 2014-08-01] (Intel Corporation) [File not signed] S3 gc310; C:\WINDOWS\System32\drivers\gc310.sys [39936 2014-08-01] (Intel Corporation) S3 GoodixTouchDriver; C:\WINDOWS\System32\drivers\GoodixTouchDriver.sys [37888 2014-07-21] (Windows (R) Win 7 DDK provider) R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [23552 2014-05-16] (Intel Corporation) R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation) S3 GYRO_SensorDriver; C:\WINDOWS\System32\drivers\GYRO_SensorDriver.sys [18944 2014-06-27] () R3 hm2056; C:\WINDOWS\System32\drivers\hm2056.sys [43008 2014-07-25] (Intel Corporation) R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [62464 2014-05-16] (Intel Corporation) R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [87552 2014-03-21] (Intel Corporation) S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [32152 2014-05-06] (Intel Corporation) R3 IntelBatteryManagement; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [38400 2014-08-01] () R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [263168 2014-09-25] (Intel(R) Corporation) R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [23448 2014-05-06] (Intel Corporation) R3 kxspb; C:\WINDOWS\System32\drivers\kxspb.sys [46928 2014-07-03] (Kionix, Inc.) S0 Lm3554; C:\WINDOWS\System32\drivers\lm3554.sys [25088 2013-12-31] (Intel Corporation) S3 MAG_SensorDriver; C:\WINDOWS\System32\drivers\MAG_SensorDriver.sys [20480 2014-06-27] () R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [21968 2014-03-15] (Intel Corporation) R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [66560 2014-08-06] (Intel Corporation) R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [185560 2014-06-17] (Realtek Semiconductor Corp.) R3 RtkUart; C:\WINDOWS\System32\drivers\RtkUart.sys [508120 2014-07-08] (Realtek Semiconductor Corporation) R3 RtlWlans; C:\WINDOWS\system32\DRIVERS\rtwlans.sys [2862296 2014-11-19] (Realtek Semiconductor Corporation ) S3 SensorFusion; C:\WINDOWS\System32\drivers\HIDFusion.sys [59240 2014-07-21] (Intel Corporation) R3 SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [190976 2014-11-20] (Microsoft Corporation) R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [75792 2014-01-09] (Intel Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [29688 2014-09-21] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [219968 2014-09-21] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84800 2014-09-21] (Microsoft Corporation) R3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [190976 2014-11-20] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-22 17:42 - 2016-07-22 17:42 - 00015478 ____C C:\Users\JLyn\Desktop\FRST.txt 2016-07-22 17:41 - 2016-07-22 17:41 - 01744384 ____C (Farbar) C:\Users\JLyn\Desktop\FRST.exe 2016-07-22 17:41 - 2016-07-22 17:41 - 00000000 ___DC C:\Users\JLyn\Desktop\FRST-OlderVersion 2016-07-22 15:56 - 2016-07-22 15:56 - 00000000 ___DC C:\Users\JLyn\AppData\Local\ESET 2016-07-22 14:55 - 2016-07-22 15:37 - 00170200 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-07-22 14:55 - 2016-07-22 15:35 - 00001083 ____C C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-07-22 14:55 - 2016-07-22 15:35 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-07-22 14:55 - 2016-07-22 15:35 - 00000000 ___DC C:\Program Files\Malwarebytes Anti-Malware 2016-07-22 14:55 - 2016-07-22 14:55 - 00000000 ___DC C:\ProgramData\Malwarebytes 2016-07-22 14:55 - 2016-03-10 14:09 - 00053120 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-07-22 14:55 - 2016-03-10 14:08 - 00126336 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-07-22 14:55 - 2016-03-10 14:08 - 00024448 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-07-22 14:54 - 2016-07-23 14:01 - 22851472 ____C (Malwarebytes ) C:\Users\JLyn\Desktop\mbam-setup-2.2.1.1043.exe 2016-07-22 11:31 - 2016-07-22 11:32 - 00000000 ___DC C:\Users\JLyn\Desktop\TXT (1) 2016-07-22 10:32 - 2016-07-22 11:07 - 00000000 ___DC C:\AdwCleaner 2016-07-22 10:24 - 2016-07-23 09:15 - 03712064 ____C C:\Users\JLyn\Desktop\TXT (2).exe 2016-07-22 10:22 - 2016-07-23 09:12 - 01610560 ____C (Malwarebytes) C:\Users\JLyn\Desktop\TXT (3).exe 2016-07-21 21:38 - 2016-07-22 17:42 - 00000000 ___DC C:\FRST 2016-07-21 21:24 - 2016-07-20 17:29 - 01743872 ____C (Farbar) C:\Users\JLyn\Desktop\TXT (1).exe 2016-07-20 09:45 - 2016-07-20 09:42 - 00001006 ____C C:\WINDOWS\system32\Drivers\etc\hp.bak 2016-07-18 14:45 - 2016-07-18 14:45 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\GamesFaction 2016-07-18 14:45 - 2016-07-18 14:45 - 00000000 ___DC C:\ProgramData\TEMP 2016-07-15 16:07 - 2016-07-15 16:07 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\The Creative Assembly 2016-07-15 09:50 - 2016-06-25 14:40 - 00045760 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-07-15 09:50 - 2016-06-22 09:42 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 01288192 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 01004544 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 00468992 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 00461312 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 00251392 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-07-15 09:50 - 2016-06-21 09:40 - 00179712 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-07-15 09:49 - 2016-06-21 09:40 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-07-13 14:44 - 2016-05-25 09:22 - 00875712 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2016-07-13 14:44 - 2016-05-25 09:22 - 00536768 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2016-07-13 12:38 - 2016-06-21 10:12 - 00129536 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2016-07-13 12:38 - 2016-06-11 12:31 - 00692736 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-07-13 12:38 - 2016-06-11 11:56 - 01315840 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-07-13 12:37 - 2016-06-11 13:22 - 00497664 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-07-13 12:37 - 2016-06-11 13:21 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2016-07-13 12:37 - 2016-06-11 13:13 - 02287104 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-07-13 12:37 - 2016-06-11 13:12 - 20348928 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-07-13 12:37 - 2016-06-11 13:07 - 00663552 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-07-13 12:37 - 2016-06-11 12:44 - 00128000 ____C (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-07-13 12:37 - 2016-06-11 12:43 - 00279040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-07-13 12:37 - 2016-06-11 12:38 - 00880128 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-07-13 12:37 - 2016-06-11 12:33 - 00230400 ____C (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-07-13 12:37 - 2016-06-11 12:31 - 04608000 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-07-13 12:37 - 2016-06-11 12:31 - 00689152 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-07-13 12:37 - 2016-06-11 12:31 - 00330752 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-07-13 12:37 - 2016-06-11 12:29 - 02055680 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-07-13 12:37 - 2016-06-11 12:15 - 13806080 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-07-13 12:37 - 2016-06-11 11:59 - 02392576 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-07-13 12:37 - 2016-06-11 11:56 - 00710144 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-07-13 12:36 - 2016-06-25 13:15 - 00134144 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2016-07-13 12:36 - 2016-06-25 12:47 - 00367104 ____C (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2016-07-13 12:36 - 2016-06-25 12:05 - 00306176 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2016-07-13 12:36 - 2016-06-25 12:03 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2016-07-13 12:36 - 2016-06-25 11:59 - 00878080 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-07-13 12:36 - 2016-06-25 11:59 - 00603136 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-07-13 12:36 - 2016-06-25 11:51 - 00203776 ____C (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2016-07-13 12:36 - 2016-06-10 15:06 - 03485184 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-07-13 12:35 - 2016-06-11 14:27 - 05761888 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-07-12 16:13 - 2016-07-13 06:55 - 00000000 ___DC C:\Users\JLyn\Documents\ArmA 2 OA Demo 2016-07-12 16:13 - 2016-07-12 16:13 - 00000000 ___DC C:\Users\JLyn\AppData\Local\ArmA 2 OA DEMO 2016-07-12 10:07 - 2016-07-12 11:59 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Origin 2016-07-12 10:03 - 2016-07-18 18:04 - 00000000 ___DC C:\ProgramData\Package Cache 2016-07-12 10:03 - 2016-07-13 16:02 - 00000000 ___DC C:\ProgramData\Origin 2016-07-12 10:02 - 2016-07-12 10:02 - 31395368 ____C (Electronic Arts, Inc.) C:\Users\JLyn\Downloads\OriginThinSetup.exe 2016-07-08 17:39 - 2016-07-08 17:40 - 00000000 ___DC C:\Users\JLyn\AppData\Local\PAYDAY 2 2016-07-08 17:39 - 2016-07-08 17:39 - 00000000 ___DC C:\Program Files\NVIDIA Corporation 2016-07-08 17:39 - 2016-07-08 17:39 - 00000000 ___DC C:\Program Files\AGEIA Technologies 2016-07-06 09:31 - 2016-07-12 13:53 - 00000000 ___DC C:\Users\JLyn\Documents\my games 2016-07-06 09:31 - 2010-06-02 04:55 - 00527192 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2016-07-06 09:31 - 2010-06-02 04:55 - 00239960 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2016-07-06 09:31 - 2010-06-02 04:55 - 00074072 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2016-07-06 09:31 - 2010-05-26 11:41 - 02106216 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2016-07-06 09:31 - 2010-05-26 11:41 - 01998168 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2016-07-06 09:31 - 2010-05-26 11:41 - 01868128 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2016-07-06 09:31 - 2010-05-26 11:41 - 00470880 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2016-07-06 09:31 - 2010-05-26 11:41 - 00248672 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2016-07-06 09:31 - 2010-02-04 10:01 - 00528216 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2016-07-06 09:31 - 2010-02-04 10:01 - 00238936 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2016-07-06 09:31 - 2010-02-04 10:01 - 00074072 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2016-07-06 09:31 - 2010-02-04 10:01 - 00022360 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2016-07-06 09:31 - 2009-09-04 17:44 - 00515416 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2016-07-06 09:31 - 2009-09-04 17:44 - 00238936 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2016-07-06 09:31 - 2009-09-04 17:44 - 00069464 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2016-07-06 09:31 - 2009-09-04 17:29 - 05501792 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2016-07-06 09:31 - 2009-09-04 17:29 - 01974616 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2016-07-06 09:31 - 2009-09-04 17:29 - 01892184 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2016-07-06 09:31 - 2009-09-04 17:29 - 00453456 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2016-07-06 09:31 - 2009-09-04 17:29 - 00235344 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2016-07-06 09:31 - 2009-03-16 14:18 - 00517448 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2016-07-06 09:31 - 2009-03-16 14:18 - 00235352 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2016-07-06 09:31 - 2009-03-16 14:18 - 00022360 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2016-07-06 09:31 - 2009-03-09 15:27 - 04178264 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2016-07-06 09:31 - 2009-03-09 15:27 - 01846632 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2016-07-06 09:31 - 2009-03-09 15:27 - 00453456 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2016-07-06 09:31 - 2008-10-27 10:04 - 00514384 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2016-07-06 09:31 - 2008-10-27 10:04 - 00235856 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2016-07-06 09:31 - 2008-10-27 10:04 - 00070992 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2016-07-06 09:31 - 2008-10-27 10:04 - 00023376 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2016-07-06 09:31 - 2008-10-15 06:22 - 04379984 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-07-06 09:31 - 2008-10-15 06:22 - 02036576 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-07-06 09:31 - 2008-10-15 06:22 - 00452440 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-07-06 09:31 - 2008-07-31 10:41 - 00238088 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2016-07-06 09:31 - 2008-07-31 10:41 - 00068616 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2016-07-06 09:31 - 2008-07-31 10:40 - 00509448 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2016-07-06 09:31 - 2008-07-10 11:01 - 00467984 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2016-07-06 09:31 - 2008-07-10 11:00 - 03851784 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2016-07-06 09:31 - 2008-07-10 11:00 - 01493528 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2016-07-06 09:31 - 2008-05-30 14:19 - 00507400 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2016-07-06 09:31 - 2008-05-30 14:18 - 00238088 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2016-07-06 09:31 - 2008-05-30 14:17 - 00065032 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2016-07-06 09:31 - 2008-05-30 14:17 - 00025608 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2016-07-06 09:31 - 2008-05-30 14:11 - 01491992 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2016-07-06 09:31 - 2008-05-30 14:11 - 00467984 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2016-07-06 09:30 - 2008-05-30 14:11 - 03850760 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2016-07-06 09:30 - 2008-03-05 16:03 - 00479752 ____C (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll 2016-07-06 09:30 - 2008-03-05 16:03 - 00238088 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll 2016-07-06 09:30 - 2008-03-05 16:00 - 00025608 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll 2016-07-06 09:30 - 2008-03-05 15:56 - 03786760 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll 2016-07-06 09:30 - 2008-03-05 15:56 - 01420824 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll 2016-07-06 09:30 - 2008-02-05 23:07 - 00462864 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll 2016-07-06 09:30 - 2007-10-22 03:39 - 00267272 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll 2016-07-06 09:30 - 2007-10-22 03:37 - 00017928 ____C (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll 2016-07-06 09:30 - 2007-10-12 15:14 - 03734536 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll 2016-07-06 09:30 - 2007-10-12 15:14 - 01374232 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll 2016-07-06 09:30 - 2007-10-02 09:56 - 00444776 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll 2016-07-06 09:30 - 2007-07-20 00:57 - 00267112 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll 2016-07-06 09:30 - 2007-07-19 18:14 - 03727720 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll 2016-07-06 09:30 - 2007-07-19 18:14 - 01358192 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll 2016-07-06 09:30 - 2007-07-19 18:14 - 00444776 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll 2016-07-06 09:30 - 2007-06-20 20:46 - 00266088 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll 2016-07-06 09:30 - 2007-05-16 16:45 - 03497832 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll 2016-07-06 09:30 - 2007-05-16 16:45 - 01124720 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll 2016-07-06 09:30 - 2007-05-16 16:45 - 00443752 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll 2016-07-06 09:30 - 2007-04-04 18:55 - 00261480 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll 2016-07-06 09:30 - 2007-04-04 18:53 - 00081768 ____C (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll 2016-07-06 09:30 - 2007-03-15 16:57 - 00443752 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll 2016-07-06 09:30 - 2007-03-12 16:42 - 03495784 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll 2016-07-06 09:30 - 2007-03-12 16:42 - 01123696 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll 2016-07-06 09:30 - 2007-03-05 12:42 - 00015128 ____C (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll 2016-07-06 09:30 - 2007-01-24 15:27 - 00255848 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll 2016-07-06 09:30 - 2006-12-08 12:02 - 00251672 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll 2016-07-06 09:30 - 2006-11-29 13:06 - 03426072 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2016-07-06 09:30 - 2006-11-29 13:06 - 00440080 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll 2016-07-06 09:30 - 2006-09-28 16:05 - 02414360 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2016-07-06 09:30 - 2006-09-28 16:05 - 00237848 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll 2016-07-06 09:30 - 2006-07-28 09:30 - 00236824 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll 2016-07-06 09:30 - 2006-07-28 09:30 - 00062744 ____C (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll 2016-07-06 09:30 - 2006-05-31 07:24 - 00230168 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll 2016-07-06 09:30 - 2006-03-31 12:40 - 02388176 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll 2016-07-06 09:30 - 2006-03-31 12:39 - 00229584 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll 2016-07-06 09:30 - 2006-03-31 12:39 - 00062672 ____C (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll 2016-07-06 09:30 - 2006-02-03 08:43 - 02332368 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll 2016-07-06 09:30 - 2006-02-03 08:42 - 00230096 ____C (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll 2016-07-06 09:30 - 2006-02-03 08:41 - 00014032 ____C (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll 2016-07-06 09:30 - 2005-12-05 18:09 - 02323664 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll 2016-07-06 09:30 - 2005-07-22 19:59 - 02319568 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll 2016-07-06 09:30 - 2005-05-26 15:34 - 02297552 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll 2016-07-06 09:30 - 2005-03-18 17:19 - 02337488 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll 2016-07-06 09:30 - 2005-02-05 19:45 - 02222800 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll 2016-07-06 09:13 - 2016-07-18 18:05 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-07-06 08:53 - 2016-07-06 08:53 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Steam 2016-07-06 08:53 - 2016-07-06 08:53 - 00000000 ___DC C:\Users\JLyn\AppData\Local\CEF 2016-07-05 20:42 - 2016-07-22 17:40 - 00000000 ___DC C:\Program Files\Steam 2016-07-05 20:42 - 2016-07-11 09:21 - 00000000 ___DC C:\Program Files\Common Files\Steam 2016-07-05 20:42 - 2016-07-05 20:42 - 00000944 ____C C:\Users\Public\Desktop\Steam.lnk 2016-07-05 20:42 - 2016-07-05 20:42 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-07-05 20:41 - 2016-07-05 20:41 - 01444992 ____C C:\Users\JLyn\Downloads\SteamSetup.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-07-22 17:40 - 2016-02-23 13:14 - 00000000 __RDC C:\Users\JLyn\OneDrive 2016-07-22 17:06 - 2014-11-20 23:40 - 00818732 ____C C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-22 17:06 - 2013-08-22 02:21 - 00000000 ___DC C:\WINDOWS\inf 2016-07-22 17:02 - 2013-08-22 03:23 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2016-07-22 16:55 - 2013-08-22 02:13 - 02097152 ___SH C:\WINDOWS\system32\config\BBI 2016-07-22 14:50 - 2016-04-17 19:37 - 00000000 ___DC C:\Users\JLyn\AppData\Roaming\Skype 2016-07-22 14:37 - 2013-08-22 04:17 - 00000000 ___DC C:\WINDOWS\AppReadiness 2016-07-22 11:07 - 2016-05-20 19:37 - 00000008 _RSHC C:\ProgramData\ntuser.pol 2016-07-22 10:06 - 2016-05-26 18:45 - 00000914 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-22 10:06 - 2016-05-26 18:45 - 00000910 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-07-22 10:05 - 2016-02-23 13:12 - 00000000 __SDC C:\WINDOWS\system32\GWX 2016-07-21 21:38 - 2016-02-23 13:13 - 00000000 ___DC C:\Users\JLyn\AppData\Local\Packages 2016-07-21 21:38 - 2013-08-22 04:17 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-21 20:41 - 2013-08-22 04:05 - 00000000 ___DC C:\WINDOWS\CbsTemp 2016-07-21 15:01 - 2016-05-26 18:46 - 00002204 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-07-21 15:01 - 2016-05-26 18:46 - 00002186 ____C C:\Users\Public\Desktop\Google Chrome.lnk 2016-07-20 14:37 - 2013-08-22 04:17 - 00000000 ___DC C:\ProgramData\regid.1991-06.com.microsoft 2016-07-20 14:37 - 2013-08-22 04:17 - 00000000 ___DC C:\Program Files\Common Files\microsoft shared 2016-07-20 14:36 - 2015-02-15 07:45 - 00000000 ___DC C:\Program Files\Microsoft Office 2016-07-17 17:02 - 2016-03-28 18:15 - 00000000 ___DC C:\WINDOWS\system32\Appraiser 2016-07-17 10:47 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\rescache 2016-07-17 10:25 - 2016-03-22 20:33 - 00000000 ___DC C:\WINDOWS\system32\MRT 2016-07-17 10:17 - 2016-03-22 20:33 - 141983760 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-07-13 17:00 - 2013-08-22 03:22 - 00472736 ____C C:\WINDOWS\system32\FNTCACHE.DAT 2016-07-13 16:03 - 2013-08-22 04:17 - 00000000 ___RD C:\WINDOWS\ToastData 2016-07-13 11:55 - 2013-08-22 04:17 - 00000000 ___DC C:\WINDOWS\LiveKernelReports 2016-07-12 11:09 - 2016-02-23 13:12 - 00000000 ___DC C:\Users\JLyn 2016-07-11 14:30 - 2016-04-17 19:39 - 00000000 ___DC C:\Users\JLyn\AppData\Local\ElevatedDiagnostics 2016-07-06 20:39 - 2016-03-21 21:54 - 00400552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-07-02 00:29 - 2016-03-25 15:47 - 00828408 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-07-02 00:29 - 2016-03-25 15:47 - 00176632 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2016-05-20 20:38 - 2016-05-21 09:38 - 0000071 ____C () C:\Users\JLyn\AppData\Roaming\WB.CFG 2016-06-07 12:13 - 2016-06-07 12:13 - 0000017 ____C () C:\Users\JLyn\AppData\Local\resmon.resmoncfg Some files in TEMP: ==================== C:\Users\JLyn\AppData\Local\Temp\libeay32.dll C:\Users\JLyn\AppData\Local\Temp\msvcr120.dll C:\Users\JLyn\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-22 05:27 ==================== End of FRST.txt ============================