Thank you for your time - appreciated ....
_
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-04-2016
Ran by Owner (administrator) on ERICS (18-04-2016 16:00:43)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(Symantec Corporation) C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\nsbu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 06 C:\WINDOWS\system32\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation) ATTENTION: LibraryPath should be "C:\WINDOWS)\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{716b4b2a-b29f-4072-b368-9fd1f5ad4fe4}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-16] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon [2016-04-15]
Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-16]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-16]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-16]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-04-16]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-16]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx [2016-02-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 NSBU; C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\NSBU.exe [289080 2016-02-26] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx86; C:\Program Files\Norton Security with Backup\NortonData\22.5.2.15\Definitions\BASHDefs\20160414.001\BHDrvx86.sys [1269488 2016-04-14] (Symantec Corporation)
R1 ccSet_NSBU; C:\WINDOWS\system32\drivers\NSBU\1606000.08E\ccSetx86.sys [137456 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2016-04-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2016-04-14] (Symantec Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-04-17] ()
R1 IDSVix86; C:\Program Files\Norton Security with Backup\NortonData\22.5.2.15\Definitions\IPSDefs\20160415.001\IDSvix86.sys [580344 2016-04-13] (Symantec Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-16] (Malwarebytes)
R3 NAVENG; C:\Program Files\Norton Security with Backup\NortonData\22.5.2.15\Definitions\VirusDefs\20160416.005\NAVENG.SYS [104440 2016-04-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Security with Backup\NortonData\22.5.2.15\Definitions\VirusDefs\20160416.005\NAVEX15.SYS [1647216 2016-04-14] (Symantec Corporation)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSBU\1606000.08E\SRTSP.SYS [713968 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSBU\1606000.08E\SRTSPX.SYS [44792 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSBU\1606000.08E\SYMEFASI.SYS [1287408 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSBU\1606000.08E\SYMELAM.SYS [22144 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [103152 2016-04-15] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSBU\1606000.08E\Ironx86.SYS [234736 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSBU\1606000.08E\SYMNETS.SYS [431328 2016-02-24] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 dot4usb; \SystemRoot\System32\drivers\dot4usb.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-18 16:00 - 2016-04-18 16:01 - 00009877 _____ C:\Users\Owner\Desktop\FRST.txt
2016-04-18 15:57 - 2016-04-18 15:57 - 02375680 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2016-04-18 15:56 - 2016-04-18 16:00 - 01726464 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2016-04-18 12:05 - 2016-04-18 12:05 - 00002100 _____ C:\Users\Owner\Documents\cc_20160418_120522.reg
2016-04-17 21:44 - 2016-04-17 21:44 - 00010914 _____ C:\Users\Owner\Documents\cc_20160417_214447.reg
2016-04-17 20:23 - 2016-04-17 20:23 - 00000042 _____ C:\Users\Owner\Documents\Dism.txt
2016-04-17 18:29 - 2016-04-17 18:29 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-04-17 17:24 - 2016-04-17 17:24 - 00033026 _____ C:\Users\Owner\Documents\cc_20160417_172433.reg
2016-04-17 12:01 - 2016-04-17 12:01 - 00001110 _____ C:\Users\Owner\Documents\cc_20160417_120137.reg
2016-04-17 10:06 - 2016-04-17 10:06 - 00001110 _____ C:\Users\Owner\Documents\cc_20160417_100615.reg
2016-04-16 20:59 - 2016-04-16 20:59 - 00007612 _____ C:\Users\Owner\Documents\cc_20160416_205941.reg
2016-04-16 20:33 - 2016-04-17 17:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-04-16 19:05 - 2016-04-17 17:23 - 00000000 ____D C:\Program Files\MpcStar
2016-04-16 19:05 - 2016-04-16 20:36 - 00000000 ____D C:\Users\Owner\AppData\Roaming\tigerplayer
2016-04-16 19:05 - 2016-04-16 19:05 - 00000000 ____D C:\Users\Owner\AppData\Roaming\CometPlayer
2016-04-16 19:01 - 2016-04-17 13:38 - 00000000 ____D C:\Users\Owner\AppData\Roaming\BitComet
2016-04-16 18:49 - 2016-04-16 18:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-16 18:03 - 2016-04-16 18:03 - 00000000 ____D C:\Users\Owner\AppData\Local\ESET
2016-04-16 17:53 - 2016-04-16 17:53 - 00007546 _____ C:\Users\Owner\Desktop\Apps removed while refreshing your PC.txt
2016-04-16 15:26 - 2016-04-16 15:26 - 00118958 _____ C:\Users\Owner\Documents\cc_20160416_152638.reg
2016-04-16 15:10 - 2016-04-16 15:10 - 00001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-16 15:10 - 2016-04-16 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-16 15:10 - 2016-04-16 15:10 - 00000000 ____D C:\Program Files\CCleaner
2016-04-16 14:16 - 2016-04-16 14:16 - 00000017 _____ C:\Users\Owner\AppData\Local\resmon.resmoncfg
2016-04-16 14:04 - 2016-04-16 14:04 - 00000000 ___HD C:\OneDriveTemp
2016-04-16 06:33 - 2016-04-16 06:33 - 00000000 ____D C:\Users\Owner\Documents\WinDlg_v1_29
2016-04-16 06:32 - 2016-04-16 06:32 - 00001493 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2016-04-16 06:32 - 2016-04-16 06:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2016-04-16 06:32 - 2016-04-16 06:32 - 00000000 ____D C:\Program Files\Western Digital Corporation
2016-04-16 06:30 - 2016-04-16 06:30 - 00974733 _____ C:\Users\Owner\Downloads\WinDlg_v1_29.zip
2016-04-16 05:05 - 2016-04-16 05:05 - 00002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-16 05:05 - 2016-04-16 05:05 - 00002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-16 05:03 - 2016-04-18 15:48 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 05:03 - 2016-04-18 02:15 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 05:03 - 2016-04-16 05:05 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2016-04-16 05:03 - 2016-04-16 05:05 - 00000000 ____D C:\Program Files\Google
2016-04-16 04:46 - 2016-04-16 04:49 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 04:45 - 2016-04-16 04:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-16 04:23 - 2016-04-16 04:23 - 00000000 ____D C:\ProgramData\Emsisoft
2016-04-16 03:58 - 2016-04-16 04:37 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-04-15 20:06 - 2016-04-18 02:31 - 00000000 ____D C:\Windows.old
2016-04-15 20:06 - 2016-04-16 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-15 20:06 - 2016-04-15 20:06 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-04-15 20:05 - 2016-04-15 20:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-15 20:02 - 2016-04-15 20:02 - 00000000 ____D C:\WINDOWS\Setup
2016-04-15 19:57 - 2016-04-15 19:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-15 19:57 - 2016-04-15 19:57 - 00000000 ____D C:\Program Files\MSBuild
2016-04-15 19:57 - 2016-04-15 04:59 - 00000000 ____D C:\WINDOWS\OCR
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\0409
2016-04-15 19:55 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-15 19:50 - 2016-04-15 19:40 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-15 19:50 - 2016-04-15 19:40 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-15 19:48 - 2016-04-15 20:06 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-15 19:48 - 2016-04-15 19:42 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-04-15 19:48 - 2016-04-15 19:42 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-04-15 19:48 - 2016-04-15 19:42 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-04-15 19:48 - 2016-04-15 19:42 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-04-15 19:48 - 2016-04-15 19:42 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-04-15 19:48 - 2016-04-15 19:42 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-04-15 19:48 - 2016-04-15 19:42 - 00002577 _____ C:\WINDOWS\system32\config.nt
2016-04-15 19:48 - 2016-04-15 19:42 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-04-15 19:48 - 2016-04-15 19:42 - 00001688 _____ C:\WINDOWS\system32\autoexec.nt
2016-04-15 19:48 - 2016-04-15 19:42 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-04-15 19:48 - 2016-04-15 19:42 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-04-15 19:48 - 2016-04-15 19:42 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-04-15 19:48 - 2016-04-15 19:42 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-04-15 19:48 - 2016-04-15 19:42 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-04-15 19:47 - 2016-04-17 16:57 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-15 19:47 - 2016-04-17 02:53 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-15 19:47 - 2016-04-16 18:34 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-15 19:47 - 2016-04-16 14:11 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-15 19:47 - 2016-04-16 14:11 - 00000000 ____D C:\WINDOWS\Registration
2016-04-15 19:47 - 2016-04-16 03:45 - 00000000 ____D C:\WINDOWS\AppCompat
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\setup
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\system32\Com
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\IME
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\Help
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-15 19:47 - 2016-04-15 19:55 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\ias
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\System
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-15 19:47 - 2016-04-15 19:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 __RSD C:\WINDOWS\Media
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Web
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Vss
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\tracing
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\TAPI
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\SystemResources
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\ras
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\SKB
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\security
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\schemas
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\SchCache
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Resources
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\PLA
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Performance
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Globalization
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Cursors
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\Branding
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\addins
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\ProgramData\Comms
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\Program Files\Windows NT
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-15 19:47 - 2016-04-15 19:47 - 00000000 ____D C:\Program Files\Common Files\Services
2016-04-15 19:47 - 2016-04-15 19:42 - 00000219 _____ C:\WINDOWS\system.ini
2016-04-15 19:47 - 2016-04-15 19:42 - 00000092 _____ C:\WINDOWS\win.ini
2016-04-15 19:47 - 2016-04-15 05:14 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-15 19:47 - 2016-04-15 05:04 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-15 19:47 - 2016-04-15 04:45 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-15 19:47 - 2016-04-15 04:45 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-15 19:47 - 2016-04-15 04:45 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-15 19:47 - 2016-04-15 04:43 - 00000000 ____D C:\WINDOWS\rescache
2016-04-15 19:47 - 2016-04-15 04:34 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-15 19:47 - 2016-04-15 04:34 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-15 19:47 - 2016-04-15 04:31 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-15 19:47 - 2016-04-15 04:31 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-15 19:47 - 2016-04-15 04:21 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-15 19:47 - 2016-04-15 04:16 - 00000000 ____D C:\ProgramData\USOPrivate
2016-04-15 19:45 - 2016-04-17 21:45 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 19:28 - 2016-04-17 20:27 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-15 19:23 - 2016-04-17 21:37 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 19:23 - 2016-04-15 19:55 - 00000000 ____D C:\WINDOWS\servicing
2016-04-15 19:23 - 2016-04-15 19:47 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-04-15 19:23 - 2016-04-15 08:50 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-15 19:23 - 2015-10-30 13:18 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-04-15 18:15 - 2016-04-15 18:44 - 00000000 ____D C:\Program Files\DriverToolkit
2016-04-15 18:15 - 2016-04-15 18:15 - 00000000 ____D C:\Users\Owner\AppData\Local\DriverToolkit
2016-04-15 18:06 - 2016-04-15 18:06 - 00000326 _____ C:\Users\Owner\Desktop\Programs - Shortcut.lnk
2016-04-15 16:55 - 2016-04-15 16:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-15 14:44 - 2016-04-17 12:01 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2016-04-15 14:27 - 2016-04-16 15:05 - 00000000 ____D C:\Users\Owner\Desktop\All Pictures etc
2016-04-15 14:26 - 2016-04-15 14:26 - 00000000 ___HD C:\ProgramData\CanonIJQuickMenu
2016-04-15 14:26 - 2016-04-15 14:26 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Canon
2016-04-15 10:25 - 2016-04-16 05:52 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-04-15 10:24 - 2016-04-15 10:24 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-04-15 10:23 - 2016-04-15 10:23 - 00002040 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2016-04-15 10:23 - 2016-04-15 10:23 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2016-04-15 10:18 - 2016-04-15 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-04-15 10:17 - 2016-04-15 10:17 - 00002381 _____ C:\Users\Public\Desktop\Canon MG2500 series On-screen Manual.lnk
2016-04-15 10:17 - 2016-04-15 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2500 series Manual
2016-04-15 10:16 - 2016-04-15 10:16 - 00000000 ___HD C:\Program Files\CanonBJ
2016-04-15 10:06 - 2016-04-15 10:23 - 00000000 ____D C:\Program Files\Canon
2016-04-15 10:04 - 2016-04-15 10:05 - 49446448 _____ C:\Users\Owner\Downloads\win-mg2500-1_1-mcd.exe
2016-04-15 10:00 - 2016-04-16 14:20 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2016-04-15 08:28 - 2016-04-16 17:24 - 00000000 ____D C:\Users\Owner\AppData\Local\NPE
2016-04-15 08:27 - 2016-04-15 08:51 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-15 08:27 - 2016-04-15 08:27 - 00103152 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2016-04-15 08:27 - 2016-04-15 08:27 - 00008178 _____ C:\WINDOWS\system32\Drivers\SYMEVENT.CAT
2016-04-15 08:26 - 2016-04-15 16:53 - 00002482 _____ C:\Users\Public\Desktop\Norton Security with Backup.LNK
2016-04-15 08:24 - 2016-04-15 16:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2016-04-15 08:24 - 2016-04-15 16:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSBU
2016-04-15 08:24 - 2016-04-15 08:29 - 00000000 ____D C:\ProgramData\Norton
2016-04-15 08:24 - 2016-04-15 08:24 - 00000000 ____D C:\Program Files\Norton Security with Backup
2016-04-15 08:23 - 2016-04-15 08:23 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-15 08:23 - 2016-04-15 08:23 - 00000000 ____D C:\Program Files\NortonInstaller
2016-04-15 07:47 - 2016-04-15 07:47 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Macromedia
2016-04-15 05:48 - 2016-04-15 05:48 - 00000037 _____ C:\Users\Owner\Documents\facebook.txt
2016-04-15 05:35 - 2016-04-17 12:56 - 00000000 ____D C:\Users\Owner\Desktop\Phil
2016-04-15 05:21 - 2016-04-18 12:04 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-15 05:06 - 2016-04-15 05:08 - 00000000 ____D C:\Users\Owner\AppData\Local\PackageStaging
2016-04-15 05:04 - 2016-04-15 05:04 - 00000000 ____D C:\Users\Owner\AppData\Local\Publishers
2016-04-15 04:58 - 2016-04-15 04:58 - 00001047 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-04-15 04:54 - 2016-04-15 04:54 - 00000000 ____D C:\Users\Owner\AppData\Local\MicrosoftEdge
2016-04-15 04:51 - 2016-04-15 04:52 - 00002363 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-15 04:49 - 2016-04-15 04:49 - 00019234 _____ C:\Users\Owner\Desktop\Removed Apps.html
2016-04-15 04:49 - 2016-04-15 04:49 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-04-15 04:48 - 2016-04-15 04:48 - 00000000 ____D C:\Users\Owner\AppData\Local\Comms
2016-04-15 04:47 - 2016-04-15 04:47 - 00000000 ____D C:\Users\Owner\AppData\Local\ActiveSync
2016-04-15 04:44 - 2016-04-16 04:31 - 00000000 ____D C:\Users\Owner\AppData\Local\Packages
2016-04-15 04:44 - 2016-04-15 04:44 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Adobe
2016-04-15 04:43 - 2016-04-15 04:43 - 00000000 ____D C:\Users\Owner\AppData\Local\TileDataLayer
2016-04-15 04:42 - 2016-04-15 04:42 - 00000000 ____D C:\Users\Owner\AppData\Local\VirtualStore
2016-04-15 04:41 - 2016-04-15 04:41 - 00000020 ___SH C:\Users\Owner\ntuser.ini
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default\My Documents
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\Default User
2016-04-15 04:38 - 2016-04-15 04:38 - 00000000 _SHDL C:\Users\All Users
2016-04-15 04:35 - 2016-04-16 14:16 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-15 04:32 - 2016-04-18 15:48 - 00000000 ____D C:\Users\Owner
2016-04-15 04:32 - 2016-04-16 04:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\Owner\My Documents
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\Owner\Documents\My Videos
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\Owner\Documents\My Pictures
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\Owner\Documents\My Music
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2016-04-15 04:32 - 2016-04-15 04:32 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2016-04-15 04:17 - 2016-04-15 04:17 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-15 04:17 - 2016-04-15 04:17 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-04-15 04:16 - 2016-04-15 04:16 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-04-15 04:16 - 2016-04-15 04:16 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-04-15 04:16 - 2016-04-15 04:16 - 00000000 ____D C:\ProgramData\USOShared
2016-04-15 04:16 - 2016-04-15 04:16 - 00000000 ____D C:\Program Files\Realtek
2016-04-15 04:12 - 2016-04-18 15:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 04:10 - 2016-04-15 04:10 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-15 04:09 - 2016-04-15 04:28 - 00187952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-15 03:14 - 2016-04-15 10:15 - 00000000 ___HD C:\$SysReset
2016-04-15 02:47 - 2016-04-15 03:08 - 00000803 _____ C:\Users\Owner\Documents\Passwords.txt
2016-04-14 20:36 - 2016-04-14 20:36 - 00000047 _____ C:\Users\Owner\Documents\norton.txt
2016-04-13 14:55 - 2016-04-15 19:41 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 14:55 - 2016-04-15 19:39 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 14:55 - 2016-04-15 19:37 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 14:54 - 2016-04-15 19:38 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 14:53 - 2016-04-15 19:40 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 14:53 - 2016-04-15 19:39 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 14:53 - 2016-04-15 19:38 - 00200032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 14:53 - 2016-04-15 19:37 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 14:53 - 2016-04-15 19:36 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 14:53 - 2016-04-15 19:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 14:53 - 2016-04-15 19:36 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 14:53 - 2016-04-15 19:35 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 14:53 - 2016-04-15 19:35 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 14:53 - 2016-04-15 19:34 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 14:53 - 2016-04-15 19:32 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 14:53 - 2016-04-15 19:32 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 14:53 - 2016-04-15 19:32 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 14:53 - 2016-04-15 19:32 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 14:52 - 2016-04-15 19:39 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 14:52 - 2016-04-15 19:38 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 14:52 - 2016-04-15 19:37 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 14:52 - 2016-04-15 19:35 - 00062496 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 14:52 - 2016-04-15 19:34 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 14:52 - 2016-04-15 19:32 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 14:52 - 2016-04-15 19:32 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 14:52 - 2016-04-15 19:32 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 14:52 - 2016-04-15 19:32 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 14:51 - 2016-04-15 19:39 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 14:51 - 2016-04-15 19:38 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 14:51 - 2016-04-15 19:38 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 14:51 - 2016-04-15 19:35 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 14:51 - 2016-04-15 19:34 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 14:51 - 2016-04-15 19:34 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 14:51 - 2016-04-15 19:34 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 14:51 - 2016-04-15 19:33 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 14:51 - 2016-04-15 19:33 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 14:50 - 2016-04-15 19:41 - 02869760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 14:50 - 2016-04-15 19:41 - 00305304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 14:50 - 2016-04-15 19:40 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 14:50 - 2016-04-15 19:40 - 00423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 14:50 - 2016-04-15 19:39 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 14:50 - 2016-04-15 19:39 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 14:50 - 2016-04-15 19:38 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 14:50 - 2016-04-15 19:38 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 14:50 - 2016-04-15 19:38 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 14:50 - 2016-04-15 19:38 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 14:50 - 2016-04-15 19:37 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 14:50 - 2016-04-15 19:37 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 14:50 - 2016-04-15 19:37 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 14:50 - 2016-04-15 19:36 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 14:50 - 2016-04-15 19:36 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 14:50 - 2016-04-15 19:35 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 14:50 - 2016-04-15 19:35 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 14:50 - 2016-04-15 19:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 14:50 - 2016-04-15 19:34 - 00069224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 14:50 - 2016-04-15 19:32 - 00922464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 14:49 - 2016-04-15 19:40 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 14:49 - 2016-04-15 19:37 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 14:49 - 2016-04-15 19:34 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 14:49 - 2016-04-15 19:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 14:48 - 2016-04-15 19:36 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 14:48 - 2016-04-15 19:34 - 00252064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 14:48 - 2016-04-15 19:34 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 14:48 - 2016-04-15 19:33 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 14:48 - 2016-04-15 19:32 - 03679232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 14:47 - 2016-04-15 19:41 - 02723840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 14:47 - 2016-04-15 19:38 - 00535088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 14:47 - 2016-04-15 19:38 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 14:47 - 2016-04-15 19:33 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 14:46 - 2016-04-15 19:40 - 00084728 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 14:46 - 2016-04-15 19:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 14:46 - 2016-04-15 19:37 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 14:46 - 2016-04-15 19:37 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 14:46 - 2016-04-15 19:35 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 14:46 - 2016-04-15 19:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 14:46 - 2016-04-15 19:33 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 14:46 - 2016-04-15 19:33 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 14:46 - 2016-04-15 19:33 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 14:46 - 2016-04-15 19:33 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 14:45 - 2016-04-15 19:41 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 14:45 - 2016-04-15 19:38 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 14:45 - 2016-04-15 19:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 14:45 - 2016-04-15 19:35 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 14:44 - 2016-04-15 19:36 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 05:14 - 2016-03-29 18:07 - 00400302 __RSH C:\bootmgr
2016-04-13 05:14 - 2015-10-30 13:45 - 00000001 ___SH C:\BOOTNXT
2016-04-12 17:58 - 2016-04-12 17:58 - 00000000 ____D C:\Users\Owner\Documents\Norton Identity Safe Backups
2016-04-12 11:25 - 2016-04-12 11:25 - 00003766 _____ C:\Users\Owner\Documents\cc_20160412_112541.reg
2016-04-12 06:56 - 2016-04-12 06:56 - 00000000 _____ C:\Recovery.txt
2016-04-12 01:53 - 2016-04-12 01:53 - 00195004 _____ C:\Users\Owner\Documents\ROBO.htm
2016-04-12 01:53 - 2016-04-12 01:53 - 00000000 ____D C:\Users\Owner\Documents\ROBO_files
2016-04-12 01:18 - 2016-04-12 01:21 - 144954128 _____ (Symantec Corporation) C:\Users\Owner\Desktop\NSP_5D_22.5.2_SYMTB_PROMO_4_MRFTT_13683-EN-AU.exe
2016-04-05 21:44 - 2016-04-08 11:21 - 00000952 _____ C:\Users\Owner\Documents\Smilies for facebook.txt
2016-03-26 09:39 - 2016-03-26 09:40 - 03088296 _____ (Symantec Corporation) C:\Users\Owner\Desktop\NPE.exe
2016-03-24 10:11 - 2016-03-24 10:11 - 00000685 _____ C:\Users\Owner\Documents\paypal payment to telstra ... paid.txt
2016-03-24 09:54 - 2016-03-24 09:54 - 00000658 _____ C:\Users\Owner\Documents\rainbow on the river - lyrics.txt
2016-03-19 06:30 - 2016-04-15 18:39 - 00000127 _____ C:\Users\Owner\Documents\Tagalog - English.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-18 16:00 - 2015-07-07 19:45 - 00000000 ____D C:\FRST
2016-04-16 17:20 - 2015-07-09 04:10 - 00000000 ____D C:\NPE
2016-04-16 15:18 - 2015-01-10 00:16 - 00000000 ___RD C:\Users\Owner\OneDrive
2016-04-15 20:06 - 2010-02-02 03:38 - 00008192 __RSH C:\BOOTSECT.BAK
2016-04-15 19:41 - 2016-03-11 18:49 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-15 19:41 - 2016-03-11 18:46 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-15 19:41 - 2016-03-11 18:46 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-15 19:41 - 2016-03-11 18:46 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-15 19:41 - 2016-03-11 18:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-15 19:41 - 2016-03-11 18:44 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-15 19:41 - 2016-03-11 18:38 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-15 19:41 - 2016-03-11 18:37 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-15 19:41 - 2016-03-11 18:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-15 19:41 - 2016-02-11 19:43 - 00278864 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-15 19:41 - 2016-02-11 19:42 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-04-15 19:41 - 2016-02-04 10:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-15 19:41 - 2016-02-04 10:06 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-04-15 19:41 - 2016-02-04 10:01 - 00770912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-15 19:41 - 2016-02-04 09:57 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-15 19:41 - 2016-01-19 15:36 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-04-15 19:41 - 2015-12-22 13:33 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-15 19:41 - 2015-12-22 13:33 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-04-15 19:41 - 2015-12-22 13:29 - 00983976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-15 19:41 - 2015-12-22 13:27 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-15 19:41 - 2015-12-17 14:14 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-15 19:41 - 2015-12-17 14:14 - 00076128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-04-15 19:41 - 2015-12-17 14:04 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-15 19:41 - 2015-12-17 14:00 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-04-15 19:40 - 2016-03-11 18:49 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-15 19:40 - 2016-03-11 18:47 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-15 19:40 - 2016-03-11 18:46 - 01798144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-15 19:40 - 2016-03-11 18:46 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-15 19:40 - 2016-03-11 18:45 - 06734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-15 19:40 - 2016-03-11 18:44 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-15 19:40 - 2016-03-11 18:37 - 00525288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-15 19:40 - 2016-03-11 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-15 19:40 - 2016-02-11 19:42 - 01560848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-15 19:40 - 2016-02-11 19:41 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-04-15 19:40 - 2016-02-04 10:07 - 01553920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-04-15 19:40 - 2016-02-04 10:06 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-04-15 19:40 - 2016-02-04 10:05 - 00157696 _____ C:\WINDOWS\system32\MTF.dll
2016-04-15 19:40 - 2016-02-04 10:02 - 05237336 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-15 19:40 - 2016-02-04 10:02 - 01713504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-15 19:40 - 2016-02-04 10:02 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-15 19:40 - 2015-12-22 13:32 - 02796544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-15 19:40 - 2015-12-22 13:29 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-04-15 19:40 - 2015-12-22 13:29 - 00289760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-04-15 19:40 - 2015-12-17 14:14 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-04-15 19:40 - 2015-12-17 14:12 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-15 19:40 - 2015-12-17 14:12 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-04-15 19:40 - 2015-12-17 14:10 - 05797728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-15 19:40 - 2015-12-17 14:08 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-04-15 19:40 - 2015-12-17 14:07 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-04-15 19:40 - 2015-12-17 14:06 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-15 19:40 - 2015-12-17 14:04 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-15 19:40 - 2015-12-17 14:02 - 01859584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-04-15 19:40 - 2015-12-17 13:59 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-04-15 19:39 - 2016-03-11 18:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-15 19:39 - 2016-03-11 18:48 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-15 19:39 - 2016-03-11 18:48 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-15 19:39 - 2016-03-11 18:48 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-15 19:39 - 2016-03-11 18:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-15 19:39 - 2016-03-11 18:48 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-15 19:39 - 2016-03-11 18:44 - 00381272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-15 19:39 - 2016-03-11 18:40 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-15 19:39 - 2016-03-11 18:37 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-15 19:39 - 2016-03-11 18:37 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-15 19:39 - 2016-03-11 18:36 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-15 19:39 - 2016-03-11 18:35 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-15 19:39 - 2016-02-11 19:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-04-15 19:39 - 2016-02-04 10:06 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-15 19:39 - 2016-02-04 10:06 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-04-15 19:39 - 2016-01-19 15:38 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-04-15 19:39 - 2015-12-22 13:28 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-15 19:39 - 2015-12-17 14:13 - 00946176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-15 19:39 - 2015-12-17 14:13 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-04-15 19:39 - 2015-12-17 14:13 - 00443744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-04-15 19:39 - 2015-12-17 14:13 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-15 19:39 - 2015-12-17 14:13 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-15 19:39 - 2015-12-17 14:13 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-04-15 19:39 - 2015-12-17 14:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-15 19:39 - 2015-12-17 14:12 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-15 19:39 - 2015-12-17 14:12 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-15 19:39 - 2015-12-17 14:12 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-15 19:39 - 2015-12-17 14:12 - 00043376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-04-15 19:39 - 2015-12-17 14:11 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-15 19:39 - 2015-12-17 14:11 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-04-15 19:39 - 2015-12-17 14:11 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-04-15 19:39 - 2015-12-17 14:11 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-04-15 19:39 - 2015-12-17 14:09 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-04-15 19:39 - 2015-12-17 14:09 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-15 19:39 - 2015-12-17 14:08 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-15 19:39 - 2015-12-17 14:07 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-15 19:39 - 2015-12-17 14:07 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-04-15 19:39 - 2015-12-17 14:03 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-04-15 19:39 - 2015-12-17 14:00 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-04-15 19:39 - 2015-12-17 14:00 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-04-15 19:39 - 2015-12-17 13:59 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-15 19:38 - 2016-03-11 18:49 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-15 19:38 - 2016-03-11 18:49 - 00429920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-15 19:38 - 2016-03-11 18:46 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-15 19:38 - 2016-03-11 18:44 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-15 19:38 - 2016-03-11 18:44 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 19:38 - 2016-03-11 18:44 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-15 19:38 - 2016-03-11 18:44 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-15 19:38 - 2016-03-11 18:42 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-04-15 19:38 - 2016-03-11 18:37 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-15 19:38 - 2016-03-11 18:37 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-15 19:38 - 2016-03-11 18:37 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-15 19:38 - 2016-03-11 18:36 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-15 19:38 - 2016-02-04 10:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-04-15 19:38 - 2016-02-04 10:07 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-04-15 19:38 - 2016-02-04 10:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-04-15 19:38 - 2016-02-04 10:05 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-04-15 19:38 - 2016-02-04 10:05 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-04-15 19:38 - 2016-02-04 10:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-04-15 19:38 - 2016-02-04 10:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-04-15 19:38 - 2016-02-04 09:13 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-15 19:38 - 2016-01-19 15:38 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-04-15 19:38 - 2016-01-19 15:35 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-04-15 19:38 - 2015-12-22 13:27 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-04-15 19:38 - 2015-12-22 13:27 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-04-15 19:38 - 2015-12-17 14:14 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-15 19:38 - 2015-12-17 14:13 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-15 19:38 - 2015-12-17 14:12 - 00974680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-15 19:38 - 2015-12-17 14:12 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-04-15 19:38 - 2015-12-17 14:10 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-04-15 19:38 - 2015-12-17 14:10 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-04-15 19:38 - 2015-12-17 14:06 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-15 19:38 - 2015-12-17 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-04-15 19:38 - 2015-12-17 14:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-04-15 19:38 - 2015-12-17 14:05 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-15 19:38 - 2015-12-17 14:05 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-15 19:38 - 2015-12-17 14:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-15 19:38 - 2015-12-17 14:04 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-15 19:38 - 2015-12-17 14:00 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00454048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-15 19:38 - 2015-12-17 14:00 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00113624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-04-15 19:38 - 2015-12-17 14:00 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-04-15 19:38 - 2015-12-17 13:58 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-04-15 19:38 - 2015-12-17 13:58 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-04-15 19:38 - 2015-12-17 13:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-04-15 19:38 - 2015-12-17 13:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-04-15 19:37 - 2016-03-11 18:47 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-15 19:37 - 2016-03-11 18:46 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-15 19:37 - 2016-03-11 18:46 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-15 19:37 - 2016-03-11 18:45 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-15 19:37 - 2016-03-11 18:44 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-15 19:37 - 2016-03-11 18:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-15 19:37 - 2016-03-11 18:44 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-15 19:37 - 2016-03-11 18:44 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-15 19:37 - 2016-03-11 18:43 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-15 19:37 - 2016-03-11 18:38 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-15 19:37 - 2016-03-11 18:35 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-15 19:37 - 2016-02-11 19:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-15 19:37 - 2016-02-04 10:07 - 06974280 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-15 19:37 - 2016-02-04 10:06 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-04-15 19:37 - 2016-02-04 10:05 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-04-15 19:37 - 2016-01-19 15:39 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-04-15 19:37 - 2016-01-19 15:39 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-04-15 19:37 - 2016-01-19 15:38 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-15 19:37 - 2016-01-19 15:37 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-04-15 19:37 - 2016-01-19 15:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-04-15 19:37 - 2015-12-22 13:32 - 00500576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-15 19:37 - 2015-12-22 13:32 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-15 19:37 - 2015-12-22 13:32 - 00084312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-15 19:37 - 2015-12-22 13:31 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-04-15 19:37 - 2015-12-22 13:29 - 00926120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-04-15 19:37 - 2015-12-22 13:28 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-15 19:37 - 2015-12-17 14:13 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-04-15 19:37 - 2015-12-17 14:12 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-15 19:37 - 2015-12-17 14:09 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-04-15 19:37 - 2015-12-17 14:08 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-04-15 19:37 - 2015-12-17 14:08 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-04-15 19:37 - 2015-12-17 14:06 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-15 19:37 - 2015-12-17 14:00 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-04-15 19:37 - 2015-12-17 14:00 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-04-15 19:37 - 2015-12-17 14:00 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-04-15 19:37 - 2015-12-17 14:00 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-04-15 19:36 - 2016-03-11 18:46 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-15 19:36 - 2016-03-11 18:44 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-15 19:36 - 2016-03-11 18:36 - 01885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-15 19:36 - 2016-03-11 18:36 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-15 19:36 - 2016-02-11 19:43 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-15 19:36 - 2016-02-11 19:42 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-15 19:36 - 2016-02-04 10:06 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-15 19:36 - 2016-02-04 10:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-15 19:36 - 2016-02-04 09:10 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-04-15 19:36 - 2016-01-19 15:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-15 19:36 - 2016-01-19 15:38 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-04-15 19:36 - 2016-01-19 15:37 - 00701392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-04-15 19:36 - 2016-01-19 15:36 - 01137856 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-15 19:36 - 2015-12-22 13:29 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-15 19:36 - 2015-12-22 13:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-15 19:36 - 2015-12-17 14:14 - 00471392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-04-15 19:36 - 2015-12-17 14:14 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-04-15 19:36 - 2015-12-17 14:14 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-04-15 19:36 - 2015-12-17 14:13 - 01925632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-15 19:36 - 2015-12-17 14:13 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-15 19:36 - 2015-12-17 14:13 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-04-15 19:36 - 2015-12-17 14:13 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-04-15 19:36 - 2015-12-17 14:13 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-04-15 19:36 - 2015-12-17 14:12 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-15 19:36 - 2015-12-17 14:12 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-15 19:36 - 2015-12-17 14:10 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-04-15 19:36 - 2015-12-17 14:08 - 02181160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-15 19:36 - 2015-12-17 14:08 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-04-15 19:36 - 2015-12-17 14:07 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-15 19:36 - 2015-12-17 14:07 - 00504624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-15 19:36 - 2015-12-17 14:07 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-04-15 19:36 - 2015-12-17 14:07 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-15 19:36 - 2015-12-17 14:07 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-04-15 19:36 - 2015-12-17 14:06 - 02918296 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-15 19:36 - 2015-12-17 14:06 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-15 19:36 - 2015-12-17 14:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-15 19:36 - 2015-12-17 14:02 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-04-15 19:36 - 2015-12-17 13:58 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-04-15 19:36 - 2015-12-17 13:56 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-04-15 19:35 - 2016-03-11 18:49 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-15 19:35 - 2016-03-11 18:46 - 01183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-15 19:35 - 2016-03-11 18:46 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-15 19:35 - 2016-03-11 18:45 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-15 19:35 - 2016-03-11 18:45 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-15 19:35 - 2016-03-11 18:45 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-15 19:35 - 2016-03-11 18:44 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-15 19:35 - 2016-03-11 18:44 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-15 19:35 - 2016-03-11 18:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-15 19:35 - 2016-03-11 18:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-15 19:35 - 2016-03-11 18:40 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-15 19:35 - 2016-03-11 18:38 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-15 19:35 - 2016-03-11 18:37 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-15 19:35 - 2016-03-11 18:37 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-15 19:35 - 2016-03-11 18:36 - 00288224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-15 19:35 - 2016-02-11 19:43 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-04-15 19:35 - 2016-02-11 19:41 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-04-15 19:35 - 2016-02-11 19:41 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-04-15 19:35 - 2016-02-04 10:05 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-04-15 19:35 - 2016-02-04 10:05 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-04-15 19:35 - 2016-02-04 10:05 - 00174080 _____ C:\WINDOWS\system32\MTFServer.dll
2016-04-15 19:35 - 2016-02-04 10:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-04-15 19:35 - 2016-02-04 09:56 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-15 19:35 - 2016-01-19 15:38 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-04-15 19:35 - 2016-01-19 15:37 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-04-15 19:35 - 2016-01-19 15:36 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-04-15 19:35 - 2016-01-19 15:34 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-15 19:35 - 2015-12-22 13:29 - 00898704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-15 19:35 - 2015-12-22 13:29 - 00671440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-15 19:35 - 2015-12-17 14:11 - 00364168 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-04-15 19:35 - 2015-12-17 14:07 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-15 19:35 - 2015-12-17 14:06 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-04-15 19:35 - 2015-12-17 14:04 - 00727752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-04-15 19:35 - 2015-12-17 14:02 - 01858424 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-15 19:34 - 2016-03-11 18:46 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-15 19:34 - 2016-03-11 18:43 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-15 19:34 - 2016-03-11 18:42 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-15 19:34 - 2016-03-11 18:42 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-15 19:34 - 2016-03-11 18:42 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-15 19:34 - 2016-03-11 18:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-15 19:34 - 2016-03-11 18:40 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-15 19:34 - 2016-03-11 18:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-15 19:34 - 2016-03-11 18:37 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-15 19:34 - 2016-03-11 18:37 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-15 19:34 - 2016-03-11 18:36 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-15 19:34 - 2016-02-11 19:44 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-04-15 19:34 - 2016-02-11 19:43 - 00296800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-15 19:34 - 2016-02-11 19:43 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-04-15 19:34 - 2016-02-04 10:06 - 00382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-04-15 19:34 - 2016-02-04 10:05 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-04-15 19:34 - 2016-02-04 10:05 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-04-15 19:34 - 2016-02-04 10:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-04-15 19:34 - 2016-02-04 10:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-04-15 19:34 - 2016-02-04 09:57 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-04-15 19:34 - 2016-01-19 15:39 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-04-15 19:34 - 2016-01-19 15:38 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-15 19:34 - 2016-01-19 15:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-04-15 19:34 - 2016-01-19 15:38 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-04-15 19:34 - 2016-01-19 15:37 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-04-15 19:34 - 2016-01-19 15:34 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-04-15 19:34 - 2015-12-22 13:29 - 00884768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-15 19:34 - 2015-12-22 13:24 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-04-15 19:34 - 2015-12-17 14:14 - 02976768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-15 19:34 - 2015-12-17 14:14 - 01153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-15 19:34 - 2015-12-17 14:14 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-04-15 19:34 - 2015-12-17 14:14 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-15 19:34 - 2015-12-17 14:14 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-04-15 19:34 - 2015-12-17 14:10 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-04-15 19:34 - 2015-12-17 14:10 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-04-15 19:34 - 2015-12-17 14:10 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-15 19:34 - 2015-12-17 14:09 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-15 19:34 - 2015-12-17 14:07 - 02063872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-15 19:34 - 2015-12-17 14:06 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-15 19:34 - 2015-12-17 14:06 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-15 19:34 - 2015-12-17 14:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-15 19:34 - 2015-12-17 14:06 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-15 19:34 - 2015-12-17 14:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-04-15 19:34 - 2015-12-17 13:58 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-15 19:33 - 2016-03-11 18:47 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-15 19:33 - 2016-03-11 18:46 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-15 19:33 - 2016-03-11 18:46 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-15 19:33 - 2016-03-11 18:45 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-15 19:33 - 2016-03-11 18:44 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-15 19:33 - 2016-03-11 18:44 - 00118296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-15 19:33 - 2016-03-11 18:44 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-15 19:33 - 2016-03-11 18:42 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-15 19:33 - 2016-03-11 18:42 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-15 19:33 - 2016-03-11 18:42 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-15 19:33 - 2016-03-11 18:42 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-15 19:33 - 2016-03-11 18:40 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-15 19:33 - 2016-03-11 18:37 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-15 19:33 - 2016-03-11 18:37 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-15 19:33 - 2016-03-11 18:37 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-15 19:33 - 2016-03-11 18:36 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-15 19:33 - 2016-03-11 18:36 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-15 19:33 - 2016-03-11 18:36 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-15 19:33 - 2016-03-11 18:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-15 19:33 - 2016-02-11 19:43 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-15 19:33 - 2016-02-04 10:07 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-04-15 19:33 - 2016-02-04 10:07 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-04-15 19:33 - 2016-02-04 10:05 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-04-15 19:33 - 2016-02-04 10:05 - 00168360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-04-15 19:33 - 2016-02-04 10:05 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-04-15 19:33 - 2016-02-04 10:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-15 19:33 - 2016-01-19 15:39 - 01696176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-04-15 19:33 - 2016-01-19 15:39 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-04-15 19:33 - 2016-01-19 15:37 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-15 19:33 - 2016-01-19 15:36 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-04-15 19:33 - 2016-01-19 15:35 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-15 19:33 - 2016-01-19 15:35 - 00926560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-15 19:33 - 2016-01-19 15:35 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-15 19:33 - 2016-01-19 15:34 - 01496064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-04-15 19:33 - 2016-01-19 15:34 - 00960352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-15 19:33 - 2016-01-19 15:34 - 00598368 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-15 19:33 - 2016-01-19 15:34 - 00432480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-15 19:33 - 2015-12-22 13:33 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-15 19:33 - 2015-12-22 13:33 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-15 19:33 - 2015-12-22 13:33 - 00309088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-04-15 19:33 - 2015-12-22 13:33 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-15 19:33 - 2015-12-22 13:33 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-04-15 19:33 - 2015-12-22 13:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-04-15 19:33 - 2015-12-22 13:31 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-04-15 19:33 - 2015-12-22 13:28 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-15 19:33 - 2015-12-17 14:14 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-04-15 19:33 - 2015-12-17 14:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-15 19:33 - 2015-12-17 14:12 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-15 19:33 - 2015-12-17 14:12 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-15 19:33 - 2015-12-17 14:12 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-15 19:33 - 2015-12-17 14:09 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00205824 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-04-15 19:33 - 2015-12-17 14:08 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-04-15 19:33 - 2015-12-17 14:07 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-15 19:33 - 2015-12-17 14:06 - 02121728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-15 19:33 - 2015-12-17 14:06 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-15 19:33 - 2015-12-17 14:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-15 19:33 - 2015-12-17 14:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-15 19:33 - 2015-12-17 14:04 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-15 19:33 - 2015-12-17 14:04 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-04-15 19:32 - 2016-03-11 18:49 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-15 19:32 - 2016-03-11 18:49 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-15 19:32 - 2016-03-11 18:42 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-15 19:32 - 2016-03-11 18:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-15 19:32 - 2016-03-11 18:38 - 00354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-04-15 19:32 - 2016-03-11 18:38 - 00354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-04-15 19:32 - 2016-03-11 18:37 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-15 19:32 - 2016-02-11 19:41 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-15 19:32 - 2016-02-04 10:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-04-15 19:32 - 2016-02-04 10:05 - 01306744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-04-15 19:32 - 2016-02-04 10:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-15 19:32 - 2016-01-19 15:39 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-04-15 19:32 - 2016-01-19 15:37 - 00652320 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-04-15 19:32 - 2015-12-22 13:34 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-04-15 19:32 - 2015-12-22 13:34 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-04-15 19:32 - 2015-12-22 13:32 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-04-15 19:32 - 2015-12-22 13:29 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-04-15 19:32 - 2015-12-22 13:29 - 00717952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-15 19:32 - 2015-12-17 14:13 - 01138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-15 19:32 - 2015-12-17 14:13 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-04-15 19:32 - 2015-12-17 14:12 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-15 19:32 - 2015-12-17 14:10 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-04-15 19:32 - 2015-12-17 14:09 - 01821536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-15 19:32 - 2015-12-17 14:05 - 02185832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-15 19:32 - 2015-12-17 14:02 - 00640192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-15 19:32 - 2015-12-17 14:00 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-15 19:32 - 2015-12-17 13:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-15 19:32 - 2015-12-17 13:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-15 19:32 - 2015-12-17 13:58 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-04-15 04:44 - 2015-08-05 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-15 04:34 - 2009-07-14 15:48 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-04-12 04:14 - 2015-09-16 15:10 - 00000000 ___RD C:\Users\Owner\3D Objects
2016-04-12 04:14 - 2015-06-19 14:39 - 00000000 ____D C:\eb3fe3f8d4cd1ec3b5e698b3
2016-04-12 04:14 - 2014-02-11 17:00 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Canon Easy-WebPrint EX
2016-04-12 04:14 - 2013-11-19 09:51 - 00000000 ____D C:\Users\Owner\Documents\default
2016-04-12 02:48 - 2015-08-08 03:26 - 00000000 ____D C:\Users\Owner\Documents\Fax
2016-04-12 02:48 - 2010-02-21 10:33 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Sun
2016-04-12 02:21 - 2011-07-16 16:27 - 00000000 ____D C:\$WINDOWS.~Q
2016-04-12 02:21 - 2011-07-16 16:24 - 00000000 ____D C:\$INPLACE.~TR
==================== Files in the root of some directories =======
2016-04-16 14:16 - 2016-04-16 14:16 - 0000017 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
2016-04-15 04:17 - 2016-04-15 04:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\bitcomet_mpcstar.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-15 04:09
==================== End of FRST.txt ============================
:-
Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-04-2016
Ran by Owner (2016-04-18 16:01:33)
Running from C:\Users\Owner\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-04-14 20:38:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-754179056-1382982999-2036298953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-754179056-1382982999-2036298953-503 - Limited - Disabled)
Guest (S-1-5-21-754179056-1382982999-2036298953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-754179056-1382982999-2036298953-1002 - Limited - Enabled)
Owner (S-1-5-21-754179056-1382982999-2036298953-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security with Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security with Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security with Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.75 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Norton Security with Backup (HKLM\...\NSBU) (Version: 22.6.0.142 - Symantec Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {008116C5-801A-4038-A702-2A770E1262FC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security with Backup\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {2E17D3A6-909C-4871-868A-D7E6B03391C2} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {4EB43DC0-D8BC-44FB-8D0E-9C981D001D17} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-12] (Piriform Ltd)
Task: {60803950-A992-4EDD-8051-90E833530DC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {656FE8A7-5EE8-4A6B-AB5C-612B76C5A022} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {8525133D-2CBE-43CE-95BB-F347A500AAA5} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe [2016-02-11] (Symantec Corporation)
Task: {B2EBB2B4-B469-4338-9505-871339EEE7BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {B73041A5-2FA5-4344-A87F-61051237AC70} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-04-15 10:25 - 2013-05-14 18:50 - 00140936 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-12-17 14:02 - 2016-04-15 19:35 - 01858424 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 14:02 - 2016-04-15 19:35 - 01858424 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-22 13:32 - 2016-04-15 19:39 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-22 13:32 - 2016-04-15 19:39 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 14:01 - 2016-04-15 19:34 - 05352960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 14:01 - 2016-04-15 19:34 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 14:02 - 2016-04-15 19:34 - 02366464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 14:01 - 2016-04-15 19:34 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 13:44 - 2015-10-30 13:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-04-15 19:48 - 2016-04-15 19:42 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "CanonQuickMenu"
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1A41B274-690C-49A7-A32F-9479BC4B6B69}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2016 11:42:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NSBU.exe, version: 13.1.0.74, time stamp: 0x56ba9bae
Faulting module name: atidxx32.dll, version: 8.17.10.436, time stamp: 0x54b54a6c
Exception code: 0xc0000005
Fault offset: 0x00004190
Faulting process id: 0xc10
Faulting application start time: 0xNSBU.exe0
Faulting application path: NSBU.exe1
Faulting module path: NSBU.exe2
Report Id: NSBU.exe3
Faulting package full name: NSBU.exe4
Faulting package-relative application ID: NSBU.exe5
Error: (04/18/2016 01:22:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ERICS)
Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/18/2016 01:22:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ERICS)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/18/2016 01:22:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ERICS)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/17/2016 10:09:30 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (04/17/2016 10:09:30 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (04/17/2016 10:09:30 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (04/17/2016 10:09:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Error: (04/17/2016 10:09:28 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Error: (04/17/2016 10:09:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)
System errors:
=============
Error: (04/18/2016 03:47:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:45:41 AM on 18/04/2016 was unexpected.
Error: (04/18/2016 12:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_2de0e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (04/18/2016 12:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_2de0e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (04/18/2016 12:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_2de0e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (04/18/2016 12:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_2de0e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (04/18/2016 11:45:41 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:07:32 AM on 18/04/2016 was unexpected.
Error: (04/18/2016 01:22:19 AM) (Source: DCOM) (EventID: 10010) (User: ERICS)
Description: WindowsDefaultLockScreen
Error: (04/17/2016 10:10:00 PM) (Source: DCOM) (EventID: 10005) (User: ERICS)
Description: 1053WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (04/17/2016 10:10:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053
Error: (04/17/2016 10:10:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
CodeIntegrity:
===================================
Date: 2016-04-15 05:29:02.641
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-15 04:11:32.946
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E8500 @ 3.16GHz
Percentage of memory in use: 50%
Total physical RAM: 2046.49 MB
Available physical RAM: 1022.8 MB
Total Virtual: 3198.49 MB
Available Virtual: 2085.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.07 GB) (Free:875.78 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 31AF88A9)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================