Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017 Ran by SYSTEM on MININT-UUD9SCM (02-06-2017 12:59:55) Running from g:\ Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-12] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => D:\Jackson604\Programs\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508144 2012-08-31] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-04] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1868800 2016-04-04] () HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-06-30] (Autodesk, Inc.) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-06-30] (Autodesk Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-14] (NVIDIA Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-24] (McAfee, Inc.) S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation) S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-14] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation) S3 Origin Client Service; D:\Jackson604\Games\EAOrigin\Origin\OriginClientService.exe [2099720 2015-11-17] (Electronic Arts) S2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [90624 2015-07-12] (PostgreSQL Global Development Group) S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] () S2 SmartBackup; C:\Program Files (x86)\SmartBackup\XSrvSetup.exe [69632 2008-09-09] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) S3 WsDrvInst; E:\Programs\MobileTrans\DriverInstall.exe [115856 2016-04-26] (Wondershare) S2 gzserv; "E:\Programs\Bitdefender\Antivirus Free Edition\gzserv.exe" /service [X] S2 TomTomHOMEService; "E:\Programs\TomTom\TomTom HOME 2\TomTomHOMEService.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender) S5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-06-08] (BitDefender) S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender) S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2014-08-17] (DT Soft Ltd) S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-05-09] () S1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC) S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-30] (Malwarebytes) S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-02] (Malwarebytes) S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-06-02] (Malwarebytes) S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [0 2017-06-02] () <==== ATTENTION (zero byte File/Folder) S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-06-02] (Malwarebytes) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation) S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc) S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.) S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-07] (Razer, Inc.) S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.) S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [56560 2015-08-15] (Shaul Eizikovich) S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [24064 2010-12-13] (Windows (R) Codename Longhorn DDK provider) S1 bdfwfpf; \??\E:\Programs\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-02 12:59 - 2017-06-02 12:59 - 00000000 ____D C:\FRST 2017-06-02 11:23 - 2017-06-02 11:23 - 00000030 _____ C:\Users\Brandon\Desktop\geth command.txt 2017-06-02 10:30 - 2017-06-02 10:30 - 00000000 _____ C:\Windows\System32\Drivers\172832FE.sys 2017-06-01 20:15 - 2017-06-02 09:14 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\Ethereum Wallet 2017-06-01 16:25 - 2017-06-01 16:25 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2017-06-01 15:00 - 2017-06-02 11:23 - 00518243 _____ C:\Users\Brandon\Downloads\Managing Partner Scenarios.xlsx 2017-06-01 14:55 - 2017-06-01 14:55 - 00316647 _____ C:\Users\Brandon\Downloads\Managing Partner FSA Map - Ver 2 - Feb 2017.pdf 2017-06-01 14:46 - 2017-06-01 14:46 - 00424516 _____ C:\Users\Brandon\Documents\First physiotherapist report.pdf 2017-06-01 14:44 - 2017-06-01 14:44 - 00548873 _____ C:\Users\Brandon\Documents\Post MRI report from surgeon.pdf 2017-06-01 14:42 - 2017-06-01 14:43 - 00731524 _____ C:\Users\Brandon\Documents\Pre MRI report from surgeon.pdf 2017-06-01 14:39 - 2017-06-01 14:40 - 00641387 _____ C:\Users\Brandon\Documents\MRI.pdf 2017-06-01 14:34 - 2017-06-01 14:36 - 01471444 _____ C:\Users\Brandon\Documents\Doctors Encounters and Notes.pdf 2017-05-31 19:28 - 2017-05-31 19:28 - 00000000 ____D C:\Users\Brandon\AppData\LocalLow\Dodge Roll 2017-05-30 22:55 - 2017-05-30 22:55 - 00000000 _____ C:\Windows\System32\Drivers\483A02C8.sys 2017-05-30 22:15 - 2017-05-30 22:15 - 00000000 _____ C:\Windows\System32\Drivers\29EB642B.sys 2017-05-30 21:08 - 2017-05-30 21:08 - 00000000 ____D C:\Program Files\Geth 2017-05-30 21:07 - 2017-05-30 21:08 - 23688973 _____ C:\Users\Brandon\Downloads\geth-windows-amd64-1.6.1-021c3c28.exe 2017-05-30 18:58 - 2017-06-02 11:05 - 00084256 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys 2017-05-30 18:58 - 2017-06-02 11:05 - 00043968 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys 2017-05-30 18:58 - 2017-06-02 11:05 - 00000000 _____ C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2017-05-30 18:58 - 2017-06-02 10:30 - 00113592 _____ (Malwarebytes) C:\Windows\System32\Drivers\farflt.sys 2017-05-30 18:58 - 2017-05-30 18:58 - 00187320 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys 2017-05-30 18:58 - 2017-05-30 18:58 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-30 18:58 - 2017-05-30 18:58 - 00000000 ____D C:\Program Files\Malwarebytes 2017-05-30 18:58 - 2017-05-09 15:37 - 00077440 _____ C:\Windows\System32\Drivers\mbae64.sys 2017-05-30 14:56 - 2017-05-30 14:56 - 00000000 ____D C:\Users\Brandon\AppData\Local\GolfIt 2017-05-24 11:31 - 2017-05-24 11:31 - 00410872 _____ C:\Windows\Minidump\052417-35786-01.dmp 2017-05-23 18:20 - 2017-05-23 18:20 - 00410880 _____ C:\Windows\Minidump\052317-50232-01.dmp 2017-05-23 09:38 - 2017-05-23 09:38 - 00200412 _____ C:\Users\Brandon\Downloads\Job Costs.2017.Vancouver market.pdf 2017-05-21 11:43 - 2017-05-21 11:43 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-05-20 09:35 - 2017-05-20 09:35 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\Google 2017-05-19 11:27 - 2017-05-19 11:27 - 00758307 _____ C:\Users\Brandon\Downloads\Gorilla Franchise Disclosure Document.2017 (1).pdf 2017-05-19 10:49 - 2017-05-19 11:20 - 00014582 _____ C:\Users\Brandon\Documents\IMG_20170519_0001.pdf 2017-05-18 11:34 - 2017-05-18 11:35 - 01728597 _____ C:\Users\Brandon\Documents\Disability Claim Form.pdf 2017-05-18 09:08 - 2017-05-18 09:09 - 00440826 _____ C:\Users\Brandon\Documents\Signed Reciept.pdf 2017-05-18 09:02 - 2017-05-18 09:02 - 00758307 _____ C:\Users\Brandon\Downloads\Gorilla Franchise Disclosure Document.2017.pdf 2017-05-18 09:02 - 2017-05-18 09:02 - 00267232 _____ C:\Users\Brandon\Downloads\FDD Receipt.pdf 2017-05-13 14:50 - 2016-10-07 22:56 - 00137840 _____ (Razer, Inc.) C:\Windows\System32\Drivers\rzpnk.sys 2017-05-13 14:50 - 2016-09-16 16:12 - 00044144 _____ (Razer, Inc.) C:\Windows\System32\Drivers\rzpmgrk.sys 2017-05-13 14:49 - 2017-05-13 14:49 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_rzudd_01009.Wdf 2017-05-13 14:49 - 2017-05-13 14:49 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_rzendpt_01009.Wdf 2017-05-13 14:47 - 2017-05-13 14:50 - 00000000 ____D C:\ProgramData\Razer 2017-05-13 14:47 - 2017-05-13 14:50 - 00000000 ____D C:\Program Files (x86)\Razer 2017-05-13 14:47 - 2017-05-13 14:47 - 00000000 ____D C:\Users\Brandon\AppData\Local\Razer 2017-05-13 14:42 - 2017-05-13 14:42 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2017-05-13 14:41 - 2017-05-13 14:41 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2017-05-13 14:41 - 2017-05-13 14:41 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2017-05-13 14:41 - 2017-05-13 14:41 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2017-05-13 14:41 - 2017-05-13 14:41 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2017-05-13 14:15 - 2017-05-13 14:16 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\GameLoaderSteam 2017-05-13 14:15 - 2017-05-13 14:15 - 00000219 _____ C:\Users\Brandon\Desktop\Crusaders of the Lost Idols.url 2017-05-10 00:14 - 2017-04-27 17:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2017-05-10 00:14 - 2017-04-27 17:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi 2017-05-10 00:14 - 2017-04-27 17:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi 2017-05-10 00:14 - 2017-04-27 17:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2017-05-10 00:14 - 2017-04-27 17:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2017-05-10 00:14 - 2017-04-27 17:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll 2017-05-10 00:14 - 2017-04-27 17:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 17:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-05-10 00:14 - 2017-04-27 16:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-05-10 00:14 - 2017-04-27 16:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe 2017-05-10 00:14 - 2017-04-27 16:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys 2017-05-10 00:14 - 2017-04-27 16:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe 2017-05-10 00:14 - 2017-04-27 16:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe 2017-05-10 00:14 - 2017-04-27 16:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe 2017-05-10 00:14 - 2017-04-27 16:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe 2017-05-10 00:14 - 2017-04-27 16:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys 2017-05-10 00:14 - 2017-04-27 16:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys 2017-05-10 00:14 - 2017-04-27 16:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys 2017-05-10 00:14 - 2017-04-27 16:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-05-10 00:14 - 2017-04-27 16:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe 2017-05-10 00:14 - 2017-04-27 16:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe 2017-05-10 00:14 - 2017-04-27 16:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-05-10 00:14 - 2017-04-27 16:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-05-10 00:14 - 2017-04-27 16:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-05-10 00:14 - 2017-04-27 16:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-05-10 00:14 - 2017-04-27 16:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-05-10 00:14 - 2017-04-27 16:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-05-10 00:14 - 2017-04-27 16:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-05-10 00:14 - 2017-04-26 06:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2017-05-10 00:14 - 2017-04-21 07:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2017-05-10 00:14 - 2017-04-21 07:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2017-05-10 00:14 - 2017-04-19 16:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2017-05-10 00:14 - 2017-04-19 15:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-05-10 00:14 - 2017-04-17 07:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll 2017-05-10 00:14 - 2017-04-17 07:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll 2017-05-10 00:14 - 2017-04-17 07:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\System32\rpcss.dll 2017-05-10 00:14 - 2017-04-17 07:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\oleres.dll 2017-05-10 00:14 - 2017-04-17 07:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\System32\comcat.dll 2017-05-10 00:14 - 2017-04-17 07:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-05-10 00:14 - 2017-04-17 07:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-05-10 00:14 - 2017-04-17 07:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2017-05-10 00:14 - 2017-04-17 06:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2017-05-10 00:14 - 2017-04-16 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2017-05-10 00:14 - 2017-04-16 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2017-05-10 00:14 - 2017-04-16 00:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2017-05-10 00:14 - 2017-04-16 00:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec 2017-05-10 00:14 - 2017-04-16 00:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2017-05-10 00:14 - 2017-04-16 00:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2017-05-10 00:14 - 2017-04-16 00:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2017-05-10 00:14 - 2017-04-16 00:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2017-05-10 00:14 - 2017-04-16 00:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2017-05-10 00:14 - 2017-04-16 00:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2017-05-10 00:14 - 2017-04-16 00:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2017-05-10 00:14 - 2017-04-16 00:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2017-05-10 00:14 - 2017-04-16 00:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2017-05-10 00:14 - 2017-04-16 00:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2017-05-10 00:14 - 2017-04-16 00:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2017-05-10 00:14 - 2017-04-16 00:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2017-05-10 00:14 - 2017-04-16 00:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2017-05-10 00:14 - 2017-04-16 00:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2017-05-10 00:14 - 2017-04-16 00:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-05-10 00:14 - 2017-04-16 00:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2017-05-10 00:14 - 2017-04-16 00:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2017-05-10 00:14 - 2017-04-16 00:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2017-05-10 00:14 - 2017-04-16 00:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll 2017-05-10 00:14 - 2017-04-16 00:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2017-05-10 00:14 - 2017-04-16 00:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2017-05-10 00:14 - 2017-04-16 00:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-05-10 00:14 - 2017-04-16 00:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-05-10 00:14 - 2017-04-16 00:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-05-10 00:14 - 2017-04-16 00:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-05-10 00:14 - 2017-04-16 00:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2017-05-10 00:14 - 2017-04-16 00:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-05-10 00:14 - 2017-04-15 23:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll 2017-05-10 00:14 - 2017-04-15 23:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-05-10 00:14 - 2017-04-15 23:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-05-10 00:14 - 2017-04-15 23:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-05-10 00:14 - 2017-04-15 23:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-05-10 00:14 - 2017-04-15 23:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-05-10 00:14 - 2017-04-15 23:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-05-10 00:14 - 2017-04-15 23:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-05-10 00:14 - 2017-04-15 23:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-05-10 00:14 - 2017-04-15 23:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2017-05-10 00:14 - 2017-04-15 23:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2017-05-10 00:14 - 2017-04-15 23:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2017-05-10 00:14 - 2017-04-15 23:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2017-05-10 00:14 - 2017-04-15 23:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2017-05-10 00:14 - 2017-04-15 23:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-05-10 00:14 - 2017-04-15 23:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-05-10 00:14 - 2017-04-15 23:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-05-10 00:14 - 2017-04-15 23:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-05-10 00:14 - 2017-04-15 23:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-05-10 00:14 - 2017-04-15 23:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-05-10 00:14 - 2017-04-15 23:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-05-10 00:14 - 2017-04-15 23:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-05-10 00:14 - 2017-04-15 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-05-10 00:14 - 2017-04-15 23:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2017-05-10 00:14 - 2017-04-15 23:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-05-10 00:14 - 2017-04-15 23:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-05-10 00:14 - 2017-04-15 23:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-05-10 00:14 - 2017-04-15 23:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-05-10 00:14 - 2017-04-15 23:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2017-05-10 00:14 - 2017-04-15 22:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-05-10 00:14 - 2017-04-15 22:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2017-05-10 00:14 - 2017-04-15 22:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2017-05-10 00:14 - 2017-04-15 22:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-05-10 00:14 - 2017-04-15 22:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-05-10 00:14 - 2017-04-15 22:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-05-10 00:14 - 2017-04-12 07:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2017-05-10 00:14 - 2017-04-12 07:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2017-05-10 00:14 - 2017-04-12 07:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2017-05-10 00:14 - 2017-04-12 07:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2017-05-10 00:14 - 2017-04-12 07:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-05-10 00:14 - 2017-04-12 07:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-05-10 00:14 - 2017-04-12 07:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2017-05-10 00:14 - 2017-04-12 07:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2017-05-10 00:14 - 2017-04-07 07:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2017-05-10 00:14 - 2017-04-07 07:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2017-05-10 00:14 - 2017-04-07 07:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2017-05-10 00:14 - 2017-04-07 07:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll 2017-05-10 00:14 - 2017-04-07 07:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-05-10 00:14 - 2017-04-05 06:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys 2017-05-10 00:14 - 2017-04-05 06:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys 2017-05-10 00:14 - 2017-04-05 06:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys 2017-05-10 00:14 - 2017-04-04 07:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2017-05-10 00:14 - 2017-04-04 07:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys 2017-05-10 00:14 - 2017-04-04 07:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2017-05-10 00:14 - 2017-04-04 06:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2017-05-10 00:14 - 2017-04-04 06:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys 2017-05-10 00:14 - 2017-03-10 08:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\System32\pla.dll 2017-05-10 00:14 - 2017-03-10 08:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\System32\pdh.dll 2017-05-10 00:14 - 2017-03-10 08:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll 2017-05-10 00:14 - 2017-03-10 08:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2017-05-10 00:14 - 2017-03-10 07:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\System32\plasrv.exe 2017-05-10 00:14 - 2017-03-10 07:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys 2017-05-10 00:14 - 2017-03-10 07:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys 2017-05-10 00:14 - 2017-03-09 08:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll 2017-05-10 00:14 - 2017-03-09 08:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-05-06 08:33 - 2017-05-06 08:33 - 02305597 _____ C:\Users\Brandon\Downloads\mods_dowload_and_open_with_excel_to_have_it_correctly_displayed.xlsx 2017-05-05 19:58 - 2017-05-05 19:58 - 00001020 _____ C:\Users\Brandon\Desktop\Twitch.lnk 2017-05-05 19:58 - 2017-05-05 19:58 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\Twitch 2017-05-05 19:58 - 2017-05-05 19:58 - 00000000 ____D C:\ProgramData\Twitch 2017-05-05 19:37 - 2017-05-05 19:37 - 00000000 ____D C:\Users\Brandon\Documents\Darkest 2017-05-05 19:04 - 2017-05-05 19:04 - 00000219 _____ C:\Users\Brandon\Desktop\Darkest Dungeon.url 2017-05-04 23:32 - 2017-05-04 23:32 - 00000000 ____D C:\Users\Brandon\AppData\LocalLow\Grey Wolf Entertainment 2017-05-03 14:34 - 2017-05-03 14:34 - 00222216 _____ C:\Users\Brandon\Downloads\APRIL 24 2017 (Amendment) A-13 DETAIL (1).pdf 2017-05-03 14:33 - 2017-05-03 14:33 - 00188695 _____ C:\Users\Brandon\Downloads\A-14RECEPTION COUNTER SECTIONS (2) (1).pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-02 10:46 - 2014-06-20 17:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cf1dd22378b.job 2017-06-02 10:40 - 2014-06-08 15:35 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2017-06-01 20:26 - 2009-07-13 20:45 - 00021872 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-01 20:26 - 2009-07-13 20:45 - 00021872 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-01 17:40 - 2009-07-13 21:13 - 00006214 _____ C:\Windows\System32\PerfStringBackup.INI 2017-06-01 16:25 - 2016-10-27 16:43 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2017-06-01 16:25 - 2015-11-12 20:43 - 00000000 ____D C:\Program Files\McAfee Security Scan 2017-06-01 15:40 - 2014-06-08 15:35 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2017-06-01 14:46 - 2014-06-20 17:40 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8cf1da1a36f2.job 2017-06-01 14:36 - 2014-06-16 17:31 - 00000000 ____D C:\ProgramData\CanonIJPLM 2017-06-01 09:05 - 2017-03-25 18:41 - 00000000 ____D C:\ProgramData\KMSAutoS 2017-05-31 09:14 - 2016-07-14 20:23 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\SynciOS Data Transfer 2017-05-31 09:13 - 2016-07-14 20:16 - 00000000 ____D C:\Temp 2017-05-31 09:13 - 2014-06-08 15:16 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-31 09:13 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-31 01:55 - 2014-06-09 18:19 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\Curse Client 2017-05-30 19:04 - 2014-06-28 01:50 - 00000000 ____D C:\Users\Brandon\AppData\Local\Adobe 2017-05-30 19:02 - 2014-06-08 14:44 - 00000000 ____D C:\users\Brandon 2017-05-30 14:56 - 2016-12-23 11:29 - 00000000 ____D C:\Users\Brandon\AppData\Local\UnrealEngine 2017-05-28 08:00 - 2016-10-01 09:23 - 00000638 _____ C:\Windows\Tasks\TrackerAutoUpdate.job 2017-05-28 03:56 - 2017-03-25 17:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-24 11:50 - 2016-09-20 16:03 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\discord 2017-05-24 11:31 - 2015-02-28 17:35 - 00000000 ____D C:\Windows\Minidump 2017-05-23 18:17 - 2016-08-25 15:08 - 00000000 ____D C:\Users\Brandon\AppData\Local\CrashDumps 2017-05-23 02:37 - 2014-06-10 14:14 - 00000000 ____D C:\Windows\System32\MRT 2017-05-23 02:00 - 2014-06-10 14:14 - 132223576 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2017-05-21 11:59 - 2014-06-18 18:51 - 00000000 ____D C:\Users\Brandon\AppData\Roaming\vlc 2017-05-20 09:34 - 2009-07-13 20:45 - 00515568 _____ C:\Windows\System32\FNTCACHE.DAT 2017-05-13 14:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf 2017-05-13 14:47 - 2014-06-08 15:33 - 00147264 _____ C:\Users\Brandon\AppData\Local\GDIPFONTCACHEV1.DAT 2017-05-10 18:53 - 2014-11-15 12:41 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-10 18:53 - 2014-11-15 12:41 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-10 18:53 - 2014-11-15 12:41 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-10 18:53 - 2014-11-15 12:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-10 18:53 - 2014-11-15 12:41 - 00000000 ____D C:\Windows\System32\Macromed 2017-05-10 03:17 - 2017-04-12 03:22 - 00000000 ____D C:\Windows\rescache 2017-05-10 02:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2017-05-05 14:25 - 2014-09-22 13:14 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-04 15:26 - 2015-05-08 08:53 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task Files to move or delete: ==================== C:\Users\Brandon\AccessibleMarshal.dll C:\Users\Brandon\breakpadinjector.dll C:\Users\Brandon\crashreporter.exe C:\Users\Brandon\D3DCompiler_43.dll C:\Users\Brandon\d3dcompiler_46.dll C:\Users\Brandon\freebl3.dll C:\Users\Brandon\gkmedias.dll C:\Users\Brandon\icudt52.dll C:\Users\Brandon\icuin52.dll C:\Users\Brandon\icuuc52.dll C:\Users\Brandon\libEGL.dll C:\Users\Brandon\libGLESv2.dll C:\Users\Brandon\maintenanceservice.exe C:\Users\Brandon\maintenanceservice_installer.exe C:\Users\Brandon\mozalloc.dll C:\Users\Brandon\mozglue.dll C:\Users\Brandon\mozjs.dll C:\Users\Brandon\msvcp100.dll C:\Users\Brandon\msvcr100.dll C:\Users\Brandon\nss3.dll C:\Users\Brandon\nssckbi.dll C:\Users\Brandon\nssdbm3.dll C:\Users\Brandon\plugin-container.exe C:\Users\Brandon\plugin-hang-ui.exe C:\Users\Brandon\sandboxbroker.dll C:\Users\Brandon\softokn3.dll C:\Users\Brandon\updater.exe C:\Users\Brandon\webapp-uninstaller.exe C:\Users\Brandon\webapprt-stub.exe C:\Users\Brandon\xul.dll Some files in TEMP: ==================== 2013-01-02 17:20 - 2013-01-02 17:20 - 0726016 _____ (Igor Pavlov) C:\Users\Brandon\AppData\Local\Temp\7z.dll 2013-01-02 17:20 - 2013-01-02 17:20 - 0150016 _____ (Igor Pavlov) C:\Users\Brandon\AppData\Local\Temp\7z.exe 2015-05-04 14:53 - 2009-02-03 22:54 - 0180072 _____ (Autodesk, Inc.) C:\Users\Brandon\AppData\Local\Temp\AcDeltree.exe 2014-02-27 14:17 - 2014-02-27 14:17 - 4275176 _____ (Cyanogen Inc.) C:\Users\Brandon\AppData\Local\Temp\CMInstaller.exe 2013-01-02 17:20 - 2013-01-02 17:20 - 0023477 _____ () C:\Users\Brandon\AppData\Local\Temp\dtkill.exe 2016-07-16 08:41 - 2016-07-16 08:41 - 0066048 _____ () C:\Users\Brandon\AppData\Local\Temp\Execute2App.exe 2013-01-02 17:20 - 2013-01-02 17:20 - 0006656 _____ (doubleTwist Corperation) C:\Users\Brandon\AppData\Local\Temp\Executor.exe 2014-08-19 19:33 - 2014-08-19 19:33 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna3331048959227794072.dll 2014-08-06 19:10 - 2014-08-06 19:10 - 0196608 ____N (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna3590783495630147185.dll 2014-08-16 18:40 - 2014-08-16 18:40 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna3861844926393988562.dll 2014-07-02 18:34 - 2014-07-02 18:34 - 0196608 ____N (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna389281791026334889.dll 2014-08-20 18:51 - 2014-08-20 18:51 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna5204569783580989330.dll 2014-08-20 18:30 - 2014-08-20 18:30 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna5289058322037699713.dll 2014-07-15 17:11 - 2014-07-15 17:11 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna6205619707160430971.dll 2014-07-13 14:35 - 2014-07-13 14:35 - 0196608 _____ (Java(TM) Native Access (JNA)) C:\Users\Brandon\AppData\Local\Temp\jna6729741610641391075.dll 2016-07-25 05:58 - 2016-07-25 05:58 - 0741440 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u101-windows-au.exe 2017-01-22 08:41 - 2017-01-22 08:41 - 0739904 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-04-23 07:41 - 2017-04-23 07:41 - 0739904 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u131-windows-au.exe 2014-08-20 21:51 - 2014-08-20 21:51 - 0640424 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u20-windows-au.exe 2015-01-21 22:50 - 2015-01-21 22:50 - 0641448 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u31-windows-au.exe 2015-03-04 22:51 - 2015-03-13 21:51 - 0561576 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u40-windows-au.exe 2015-05-01 21:51 - 2015-05-01 21:51 - 0562272 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u45-windows-au.exe 2015-10-24 13:53 - 2015-10-24 13:53 - 0585824 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u65-windows-au.exe 2016-02-08 06:58 - 2016-02-08 06:58 - 0736352 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u73-windows-au.exe 2016-03-28 05:59 - 2016-03-28 05:59 - 0736320 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u77-windows-au.exe 2016-06-27 05:58 - 2016-06-27 05:58 - 0739904 _____ (Oracle Corporation) C:\Users\Brandon\AppData\Local\Temp\jre-8u91-windows-au.exe 2014-08-12 08:53 - 2012-09-27 09:15 - 0865424 ____N (CANON INC.) C:\Users\Brandon\AppData\Local\Temp\MSETUP4.EXE 2016-07-16 08:41 - 2013-10-17 14:39 - 0568832 _____ (Microsoft Corporation) C:\Users\Brandon\AppData\Local\Temp\msvcp90.dll 2016-07-16 08:41 - 2013-10-17 14:39 - 0655872 _____ (Microsoft Corporation) C:\Users\Brandon\AppData\Local\Temp\msvcr90.dll 2015-05-18 14:16 - 2016-08-11 03:23 - 0745904 _____ (NVIDIA Corporation) C:\Users\Brandon\AppData\Local\Temp\nvSCPAPI.dll 2015-05-18 14:16 - 2015-10-02 18:18 - 0835592 _____ (NVIDIA Corporation) C:\Users\Brandon\AppData\Local\Temp\nvSCPAPI64.dll 2015-10-08 15:46 - 2015-10-02 18:18 - 0478360 _____ (NVIDIA Corporation) C:\Users\Brandon\AppData\Local\Temp\nvStereoApiI64.dll 2015-05-18 14:15 - 2016-08-11 03:22 - 0347192 _____ (NVIDIA Corporation) C:\Users\Brandon\AppData\Local\Temp\nvStInst.exe 2015-03-25 19:40 - 2015-03-25 19:40 - 45209696 _____ (Skype Technologies S.A.) C:\Users\Brandon\AppData\Local\Temp\SkypeSetup.exe 2016-10-14 08:14 - 2016-10-14 08:14 - 0000000 ____D () C:\Users\Brandon\AppData\Local\Temp\SynciosDeviceService.exe 2014-06-16 17:33 - 2012-07-27 00:52 - 0353944 ____R (CANON INC.) C:\Users\Brandon\AppData\Local\Temp\uninstall.exe 2015-07-16 19:55 - 2015-07-16 19:55 - 0065280 _____ () C:\Users\Brandon\AppData\Local\Temp\utils.dll 2013-04-23 14:15 - 2013-04-23 14:15 - 4995416 _____ (Microsoft Corporation) C:\Users\Brandon\AppData\Local\Temp\vcredist_x86-2010.exe 2013-01-02 17:20 - 2013-01-02 17:20 - 6560088 _____ (Microsoft Corporation) C:\Users\Brandon\AppData\Local\Temp\vcredist_x86-2012.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2017-05-10 00:14] - [2017-04-17 07:37] - 0512000 _____ (Microsoft Corporation) 5E9F8D029D9B03110D835CBFC058068B C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 7% Total physical RAM: 16344.71 MB Available physical RAM: 15100.18 MB Total Virtual: 16342.91 MB Available Virtual: 15121.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.57 GB) (Free:18.43 GB) NTFS Drive d: () (Fixed) (Total:372.6 GB) (Free:95.37 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (New Volume) (Fixed) (Total:2794.39 GB) (Free:2264.95 GB) NTFS Drive g: (Seagate Expansion Drive) (Fixed) (Total:3726.02 GB) (Free:1915.04 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 31B15D7C) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: C22383B7) Partition 1: (Active) - (Size=372.6 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. LastRegBack: 2017-05-24 15:04 ==================== End of FRST.txt ============================