Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016 Ran by SYSTEM on MININT-MPN84MT (19-09-2016 10:52:02) Running from e:\ Platform: Windows 10 Home Version 1607 (X64) Language: English (United Kingdom) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [415128 2015-10-14] () HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation) HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI] <==== ATTENTION HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe HKU\Administrator\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\User\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2016-08-15] () HKU\User\...\Run: [EPSON Stylus Office BX300F] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE [221696 2008-01-21] (SEIKO EPSON CORPORATION) HKU\User\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-06-27] (Acer) HKU\User\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries) HKU\User\...\RunOnce: [Uninstall C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\User\...\RunOnce: [Uninstall C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6390.0509" HKU\User\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-14] (Acer Incorporated) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) S2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-25] (ELAN Microelectronics Corp.) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: ) S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries) S2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-10-26] (SurfRight B.V.) S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-10-14] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) S2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) S2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation) S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-07-11] (IBM Corp.) S3 TrustedInstaller; X:\Windows\servicing\TrustedInstaller.exe [98816 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) S2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2015-08-02] () S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-15] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S1 RapportCerberus_1609042; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys [1157960 2016-07-28] (IBM Corp.) S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-07-11] (IBM Corp.) S0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-07-11] () S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [347624 2016-07-28] (IBM Corp.) S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-07-11] () S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-07-11] (IBM Corp.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-19 10:40 - 2016-09-19 10:41 - 00000000 ____D C:\FRST 2016-09-15 09:29 - 2016-09-15 09:29 - 00483824 _____ (IBM Corp.) C:\Users\User\Downloads\RapportSetup(5).exe 2016-09-14 23:20 - 2016-09-14 23:20 - 00003340 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task 2016-09-14 23:19 - 2016-09-14 23:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2016-09-14 23:15 - 2016-09-14 23:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-09-14 23:11 - 2016-09-14 23:13 - 00000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform 2016-09-14 23:11 - 2016-09-14 23:11 - 00000020 ___SH C:\Users\User\ntuser.ini 2016-09-14 20:03 - 2016-09-14 19:41 - 00000000 ___DC C:\Windows\Panther 2016-09-14 20:00 - 2016-09-14 20:00 - 00000000 ____D C:\Windows.old 2016-09-14 19:59 - 2016-09-14 19:59 - 23682560 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 22571008 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 22218808 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 20965240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 19423232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 19418624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 17187328 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 13867520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 13433856 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 13080576 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 12174336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 09260032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 09260032 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 09128448 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 08124416 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 07814488 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 07624192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 07219672 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 06285312 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 06044672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 05722312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 05622600 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 05511680 _____ (Microsoft Corporation) C:\Windows\System32\aclui.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 05398016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 04749312 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_nt.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 04612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 04130944 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 03893376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 03617792 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 03299328 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 03245056 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 03116032 _____ (Microsoft Corporation) C:\Windows\System32\MSAJApi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 03105792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 02999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 02913104 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02846208 _____ (Microsoft Corporation) C:\Windows\System32\storagewmi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-09-14 19:59 - 2016-09-14 19:59 - 02755584 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2016-09-14 19:59 - 2016-09-14 19:59 - 02745224 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02711040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02680832 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Logon.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02537824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 02510848 _____ (Microsoft Corporation) C:\Windows\System32\NetworkMobileSettings.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02422784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02370048 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02315264 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02289664 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02264064 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02257248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 02251432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02190688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 02166232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02143232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 02095616 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2016-09-14 19:59 - 2016-09-14 19:59 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-09-14 19:59 - 2016-09-14 19:59 - 01992704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01908224 _____ (Microsoft Corporation) C:\Windows\System32\AzureSettingSyncProvider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01906176 _____ (Microsoft Corporation) C:\Windows\System32\wsp_fs.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01883784 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01875456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01859264 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01847048 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01812480 _____ (Microsoft Corporation) C:\Windows\System32\ResetEngine.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01780736 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01708544 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01694200 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01690112 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01656320 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01643008 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Speech.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01631232 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.Resources.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01595904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01570680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01557296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\wsp_health.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01508864 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 01491456 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01469120 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01461200 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01453992 _____ (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01430200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01418312 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01403392 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Editing.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01377008 _____ (Microsoft Corporation) C:\Windows\System32\ClipUp.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01349120 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi 2016-09-14 19:59 - 2016-09-14 19:59 - 01343928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01282048 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01279328 _____ (Microsoft Corporation) C:\Windows\System32\LicenseManager.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01267512 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01264912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01231872 _____ (Microsoft Corporation) C:\Windows\System32\dosvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Audio.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01176664 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01163696 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 01106944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01099608 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 01082368 _____ (Microsoft Corporation) C:\Windows\System32\reseteng.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01081856 _____ (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01071728 _____ (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01066328 _____ (Microsoft Corporation) C:\Windows\System32\pidgenx.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01066096 _____ (Microsoft Corporation) C:\Windows\System32\mfsvr.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01062400 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01052672 _____ (Microsoft Corporation) C:\Windows\System32\qmgr.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01046976 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi 2016-09-14 19:59 - 2016-09-14 19:59 - 01014784 _____ (Microsoft Corporation) C:\Windows\System32\XblAuthManager.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 01006080 _____ (Microsoft Corporation) C:\Windows\System32\D3D12.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00987992 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00965120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00956416 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00955008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00944640 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00942424 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.efi 2016-09-14 19:59 - 2016-09-14 19:59 - 00939872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00936960 _____ (Microsoft Corporation) C:\Windows\System32\MCRecvSrc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00909312 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Search.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00885832 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00884224 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00860672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00857440 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00852824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00846552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00807776 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00804864 _____ (Microsoft Corporation) C:\Windows\System32\FrameServer.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00782176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\System32\GamePanel.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00770048 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00758784 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\StoreAgent.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00726016 _____ (Microsoft Corporation) C:\Windows\System32\fveapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00715264 _____ (Microsoft Corporation) C:\Windows\System32\clusapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00681312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00665768 _____ (Microsoft Corporation) C:\Windows\System32\GenValObj.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00658776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00642048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.InkControls.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\uReFS.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00619368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00605184 _____ (Microsoft Corporation) C:\Windows\System32\bcastdvr.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00595488 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00590952 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00587968 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00584032 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00568832 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Speech.UXRes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00558080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00539136 _____ (Microsoft Corporation) C:\Windows\System32\usocore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00538112 _____ (Microsoft Corporation) C:\Windows\System32\sppcext.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00529928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00526848 _____ (Microsoft Corporation) C:\Windows\System32\OneDriveSettingSyncProvider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00521728 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00520192 _____ (Microsoft Corporation) C:\Windows\System32\w32time.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00509952 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_Bluetooth.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00509784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00495104 _____ (Microsoft Corporation) C:\Windows\System32\DataSenseHandlers.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00491520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00476672 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00471552 _____ (Microsoft Corporation) C:\Windows\System32\DscCore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00462336 _____ (Microsoft Corporation) C:\Windows\System32\wlansec.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\CredProvDataModel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00450400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00447488 _____ (Microsoft Corporation) C:\Windows\System32\das.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00435040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00431616 _____ (Microsoft Corporation) C:\Windows\System32\WpAXHolder.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00412160 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00410624 _____ (Microsoft Corporation) C:\Windows\System32\facecredentialprovider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00408600 _____ (Microsoft Corporation) C:\Windows\System32\tsmf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00402272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00396800 _____ (Microsoft Corporation) C:\Windows\System32\StorSvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00396168 _____ (Microsoft Corporation) C:\Windows\System32\wlanapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\wuuhext.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00389000 _____ (Microsoft Corporation) C:\Windows\System32\wevtapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00387584 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00381760 _____ (Microsoft Corporation) C:\Windows\System32\LockAppHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00380928 _____ (Microsoft Corporation) C:\Windows\System32\wincorlib.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00361096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00354264 _____ (Microsoft Corporation) C:\Windows\System32\systemreset.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00349184 _____ (Microsoft Corporation) C:\Windows\System32\provengine.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00327680 _____ (Microsoft Corporation) C:\Windows\System32\container.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00323584 _____ (Microsoft Corporation) C:\Windows\System32\domgmt.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00321280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00320000 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\FSClient.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00313560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00298496 _____ (Microsoft Corporation) C:\Windows\System32\wifiprofilessettinghandler.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\provhandlers.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\CloudBackupSettings.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00294912 _____ (Microsoft Corporation) C:\Windows\System32\mfsensorgroup.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00280064 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_WorkAccess.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00268800 _____ (Microsoft Corporation) C:\Windows\System32\mfksproxy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00268800 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00266240 _____ (Microsoft Corporation) C:\Windows\System32\ConsoleLogon.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00261120 _____ (Microsoft Corporation) C:\Windows\System32\indexeddbserver.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthLEEnum.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00244816 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\WinBioDataModel.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00239104 _____ (Microsoft Corporation) C:\Windows\System32\dafpos.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00237568 _____ (Microsoft Corporation) C:\Windows\System32\offlinesam.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\KnobsCore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00234496 _____ (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00231424 _____ (Microsoft Corporation) C:\Windows\System32\shutdownux.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00227840 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00227840 _____ (Microsoft Corporation) C:\Windows\System32\C_G18030.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_G18030.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00224096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00223744 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\System32\provops.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\fveapibase.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00211456 _____ (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\Windows\System32\DscCoreConfProv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00203776 _____ (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00200704 _____ (Microsoft Corporation) C:\Windows\System32\provisioningcsp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00200704 _____ (Microsoft Corporation) C:\Windows\System32\ClipboardServer.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\MusNotification.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00178528 _____ (Microsoft Corporation) C:\Windows\System32\CloudExperienceHostUser.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00168800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00162850 _____ C:\Windows\System32\C_932.NLS 2016-09-14 19:59 - 2016-09-14 19:59 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00156672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00151224 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\Chakrathunk.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00138240 _____ (Microsoft Corporation) C:\Windows\System32\sppc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00135168 _____ (Microsoft Corporation) C:\Windows\System32\slc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00128352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00121368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\System32\KnobsCsp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\offlinelsa.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00114176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00108384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\System32\CastLaunch.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\wpninprc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\System32\NFCProvisioningPlugin.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00094720 _____ (Microsoft Corporation) C:\Windows\System32\dasHost.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\updatepolicy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\provdatastore.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\BarcodeProvisioningPlugin.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS 2016-09-14 19:59 - 2016-09-14 19:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncPolicy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\ProvPluginEng.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00077664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00073568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\provtool.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00062816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\RemovableMediaProvisioningPlugin.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\WinBioDataModelOOBE.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00050880 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00049664 _____ (Microsoft Corporation) C:\Windows\System32\StorageUsage.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\deviceassociation.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\wfdprov.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00044472 _____ (Microsoft Corporation) C:\Windows\System32\mfpmp.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\xinputhid.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00041824 _____ (Microsoft Corporation) C:\Windows\System32\SysResetErr.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00040960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2016-09-14 19:59 - 2016-09-14 19:59 - 00036168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\netiougc.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Management.Provisioning.ProxyStub.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\WiFiConfigSP.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00027136 _____ (Microsoft Corporation) C:\Windows\System32\encapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00026408 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\wlansvcpal.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\LicenseManagerSvc.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\delegatorprovider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\storagewmi_passthru.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\smphost.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\encapi.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\slcext.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smphost.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\delegatorprovider.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi_passthru.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00020320 _____ (Microsoft Corporation) C:\Windows\System32\kdhvcom.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\C_IS2022.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00014848 _____ (Microsoft Corporation) C:\Windows\System32\c_GSM7.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_IS2022.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\c_GSM7.DLL 2016-09-14 19:59 - 2016-09-14 19:59 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\ResetEngine.exe 2016-09-14 19:59 - 2016-09-14 19:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx 2016-09-14 19:59 - 2016-09-14 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll 2016-09-14 19:59 - 2016-09-14 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-09-14 19:59 - 2016-09-14 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-09-14 19:55 - 2016-09-14 19:55 - 00008192 _____ C:\Windows\System32\config\userdiff 2016-09-14 19:53 - 2016-09-14 19:53 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-09-14 19:53 - 2016-09-14 19:53 - 00000000 ____D C:\Program Files\MSBuild 2016-09-14 19:53 - 2016-09-14 19:53 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-09-14 19:53 - 2016-09-14 19:53 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-09-14 19:52 - 2016-09-14 19:52 - 00199008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wof.sys 2016-09-14 19:52 - 2016-05-25 06:31 - 01166520 _____ (Microsoft Corporation) C:\Windows\System32\PresentationNative_v0300.dll 2016-09-14 19:52 - 2016-05-25 06:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2016-09-14 19:52 - 2016-05-25 06:31 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe 2016-09-14 19:52 - 2016-05-25 03:03 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2016-09-14 19:52 - 2016-05-25 03:03 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-09-14 19:52 - 2016-05-25 03:03 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-09-14 19:41 - 2016-09-14 19:41 - 00000000 ____D C:\ProgramData\USOShared 2016-09-14 19:37 - 2016-09-14 19:40 - 00011433 _____ C:\Windows\diagwrn.xml 2016-09-14 19:37 - 2016-09-14 19:40 - 00011433 _____ C:\Windows\diagerr.xml 2016-09-14 19:29 - 2016-09-14 19:29 - 00003582 _____ C:\Windows\System32\Tasks\ALUAgent 2016-09-14 19:29 - 2016-09-14 19:29 - 00003434 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-09-14 19:29 - 2016-09-14 19:29 - 00003210 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-09-14 19:29 - 2016-09-14 19:29 - 00003044 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-09-14 19:29 - 2016-09-14 19:29 - 00002940 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1173900561-1387527417-1516351372-1001 2016-09-14 19:29 - 2016-09-14 19:29 - 00002762 _____ C:\Windows\System32\Tasks\BacKGroundAgent 2016-09-14 19:29 - 2016-09-14 19:29 - 00002750 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1173900561-1387527417-1516351372-500 2016-09-14 19:29 - 2016-09-14 19:29 - 00002702 _____ C:\Windows\System32\Tasks\GarminUpdaterTask 2016-09-14 19:29 - 2016-09-14 19:29 - 00002612 _____ C:\Windows\System32\Tasks\ALU 2016-09-14 19:29 - 2016-09-14 19:29 - 00002550 _____ C:\Windows\System32\Tasks\abDocsDllLoader 2016-09-14 19:29 - 2016-09-14 19:29 - 00002534 _____ C:\Windows\System32\Tasks\AcerCloud 2016-09-14 19:29 - 2016-09-14 19:29 - 00002526 _____ C:\Windows\System32\Tasks\Norton Online Backup ARA 2016-09-14 19:29 - 2016-09-14 19:29 - 00002232 _____ C:\Windows\System32\Tasks\{0588D82B-5DC5-4205-9565-6D4EE8FDABD9} 2016-09-14 19:29 - 2016-09-14 19:29 - 00002080 _____ C:\Windows\System32\Tasks\Power Management 2016-09-14 19:29 - 2016-09-14 19:29 - 00002070 _____ C:\Windows\System32\Tasks\Launch Manager 2016-09-14 19:29 - 2016-09-14 19:29 - 00002062 _____ C:\Windows\System32\Tasks\Quick Access 2016-09-14 19:29 - 2016-09-14 19:29 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-14 19:29 - 2016-09-14 19:29 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-09-14 19:29 - 2016-09-14 19:29 - 00000000 ____D C:\Windows\System32\Tasks\Recovery Management 2016-09-14 19:29 - 2014-02-04 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4251775185-2864349298-1098036389-500 2016-09-14 19:20 - 2016-09-14 19:20 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer 2016-09-14 19:20 - 2016-09-14 19:20 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki 2016-09-14 19:20 - 2016-09-14 19:20 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer 2016-09-14 19:20 - 2016-09-14 19:20 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki 2016-09-14 19:15 - 2016-09-14 19:22 - 00000000 ____D C:\Windows\System32\config\bbimigrate 2016-09-14 19:12 - 2016-09-14 19:26 - 00000000 ____D C:\users\Administrator 2016-09-14 19:09 - 2016-09-14 19:09 - 00000000 ____D C:\Program Files\Common Files\Atheros 2016-09-14 19:08 - 2016-09-14 23:11 - 00000180 _____ C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-09-14 19:08 - 2016-09-14 19:16 - 00000000 ____D C:\Program Files\Intel 2016-09-14 19:08 - 2016-09-14 19:08 - 00000200 _____ C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-09-14 19:08 - 2016-09-14 19:08 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_ETD_01011.Wdf 2016-09-14 19:08 - 2016-09-14 19:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-09-14 19:08 - 2016-09-14 19:08 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-09-14 19:08 - 2016-09-14 19:08 - 00000000 ____D C:\Program Files\Realtek 2016-09-14 19:08 - 2016-09-14 19:08 - 00000000 ____D C:\Program Files\Elantech 2016-09-14 19:08 - 2015-10-14 02:00 - 00105472 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2016-09-14 19:08 - 2015-10-14 02:00 - 00099856 _____ (Khronos Group) C:\Windows\System32\OpenCL.DLL 2016-09-14 19:07 - 2016-09-14 19:07 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-09-14 19:06 - 2016-09-14 19:16 - 00000000 ____D C:\ProgramData\EPSON 2016-09-14 19:06 - 2016-07-16 03:41 - 02716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2016-09-14 19:05 - 2016-09-14 23:39 - 00000000 ____D C:\Windows\System32\SleepStudy 2016-09-14 19:05 - 2016-09-14 19:05 - 00000000 ____D C:\Windows\ServiceProfiles 2016-09-14 19:04 - 2016-09-14 19:23 - 00194192 _____ C:\Windows\System32\FNTCACHE.DAT 2016-09-12 23:58 - 2016-09-12 23:58 - 00001967 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2016-09-05 23:54 - 2016-09-05 23:54 - 00001179 _____ C:\Users\User\Desktop\Malwarebytes Anti-Malware (2).lnk 2016-09-02 03:49 - 2016-09-02 03:49 - 00725183 _____ C:\Users\User\Downloads\statement_2016-09-01.pdf 2016-09-02 02:49 - 2016-09-04 22:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-30 02:13 - 2016-08-30 02:14 - 00729596 _____ C:\Users\User\Downloads\statement_2016-08-01.pdf 2016-08-25 10:11 - 2016-08-25 10:12 - 00533800 _____ C:\Users\User\Documents\Scan_20160825 (2).pdf 2016-08-25 10:09 - 2016-08-25 10:10 - 00387348 _____ C:\Users\User\Documents\Scan_20160825.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-15 09:37 - 2015-08-02 04:16 - 00000000 ____D C:\Windows\CryptoGuard 2016-09-15 09:05 - 2015-12-06 02:35 - 00192216 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2016-09-14 23:40 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\AppReadiness 2016-09-14 23:34 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-14 23:34 - 2014-12-28 08:38 - 00000000 ____D C:\Users\User\AppData\Local\Packages 2016-09-14 23:29 - 2014-12-28 07:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-09-14 23:20 - 2015-01-07 04:28 - 00000000 __RDO C:\Users\User\SkyDrive 2016-09-14 23:15 - 2015-09-17 14:16 - 00891410 _____ C:\Windows\System32\PerfStringBackup.INI 2016-09-14 23:12 - 2015-09-09 21:42 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-09-14 20:03 - 2016-07-16 03:47 - 00028672 _____ C:\Windows\System32\config\BCD-Template 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ___SD C:\Windows\System32\dsc 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\SysWOW64\en-GB 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\WinBioPlugIns 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\lv-LV 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\lt-LT 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\et-EE 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\es-MX 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\en-GB 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\appraiser 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\ShellExperiences 2016-09-14 20:00 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\Provisioning 2016-09-14 19:43 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\rescache 2016-09-14 19:41 - 2016-07-16 03:47 - 00000000 ____D C:\ProgramData\USOPrivate 2016-09-14 19:40 - 2016-07-15 22:04 - 00032768 _____ C:\Windows\System32\config\ELAM 2016-09-14 19:37 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\Registration 2016-09-14 19:36 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\WinBioDatabase 2016-09-14 19:36 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\System32\Tasks_Migrated 2016-09-14 19:29 - 2015-09-17 14:16 - 00022840 _____ C:\Windows\System32\emptyregdb.dat 2016-09-14 19:28 - 2016-07-16 03:47 - 00000000 __RHD C:\Users\Public\Libraries 2016-09-14 19:26 - 2016-07-16 03:45 - 00000000 ____D C:\Windows\INF 2016-09-14 19:22 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\Help 2016-09-14 19:22 - 2016-07-16 03:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-14 19:22 - 2016-07-15 22:04 - 00524288 _____ C:\Windows\System32\config\BBI 2016-09-14 19:20 - 2015-10-29 22:28 - 00000000 ____D C:\users\Default.migrated 2016-09-14 19:18 - 2016-07-16 14:49 - 00000000 ____D C:\Windows\SysWOW64\slmgr 2016-09-14 19:18 - 2016-07-16 14:49 - 00000000 ____D C:\Windows\System32\slmgr 2016-09-14 19:18 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-09-14 19:18 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\spool 2016-09-14 19:18 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\oobe 2016-09-14 19:18 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\Macromed 2016-09-14 19:18 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\System32\InputMethod 2016-09-14 19:18 - 2014-12-28 07:15 - 00000000 ____D C:\Windows\SysWOW64\sda 2016-09-14 19:18 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\WindowsInternal.Inbox.Shared 2016-09-14 19:18 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\WindowsInternal.Inbox.Media.Shared 2016-09-14 19:16 - 2016-07-16 03:47 - 00000000 ___SD C:\Windows\Downloaded Program Files 2016-09-14 19:16 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\LiveKernelReports 2016-09-14 19:16 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\InputMethod 2016-09-14 19:16 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-14 19:15 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\GroupPolicy 2016-09-14 19:13 - 2014-02-04 15:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2016-09-14 19:11 - 2016-07-15 22:04 - 00000000 ____D C:\Windows\System32\Sysprep 2016-09-14 19:09 - 2016-07-16 03:47 - 00000000 ___RD C:\Windows\PrintDialog 2016-09-14 19:09 - 2016-07-16 03:47 - 00000000 ___RD C:\Windows\MiracastView 2016-09-14 19:09 - 2016-07-16 03:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2016-09-14 18:34 - 2016-07-16 15:34 - 00000000 ___HD C:\$WINDOWS.~BT 2016-09-14 18:34 - 2015-08-03 03:11 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-14 13:20 - 2015-08-04 03:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-14 12:34 - 2015-08-03 03:11 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-14 02:52 - 2015-08-04 03:55 - 144199024 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2016-09-14 02:52 - 2015-08-04 03:55 - 00000000 ____D C:\Windows\System32\MRT 2016-09-13 02:29 - 2015-08-11 09:03 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps 2016-09-12 23:58 - 2015-10-29 11:38 - 00000000 ____D C:\Program Files (x86)\Garmin 2016-09-12 23:58 - 2015-10-29 11:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-12 00:50 - 2015-01-28 09:29 - 00000000 ____D C:\Users\User\Desktop\Old Firefox Data 2016-09-04 22:45 - 2015-08-02 03:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0674304 ____A (Microsoft Corporation) 770DB86BF679CA34FC927F25FBAA350C C:\Windows\System32\wininit.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0304240 ____A (Microsoft Corporation) 99A19C9A74E2F9820E501DCE77F84F70 C:\Windows\explorer.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 4673304 ____A (Microsoft Corporation) 05181A5AC4197D6C5C02ACE6070AF234 C:\Windows\SysWOW64\explorer.exe [2016-07-16 03:43] - [2016-07-16 03:43] - 4312248 ____A (Microsoft Corporation) 8931C71ADDC9B0944332336B9F4A3505 C:\Windows\System32\svchost.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0044496 ____A (Microsoft Corporation) 36F670D89040709013F6A460176767EC C:\Windows\SysWOW64\svchost.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0038792 ____A (Microsoft Corporation) 1F8434DD4907C832E6E90D6298EAB85B C:\Windows\System32\services.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0454600 ____A (Microsoft Corporation) 133390D061D94917125DC666DA67ECD0 C:\Windows\System32\User32.dll [2016-09-14 19:59] - [2016-09-14 19:59] - 1461200 ____A (Microsoft Corporation) 958AD14CDF4EBB6BADDB13F8B39A97CF C:\Windows\SysWOW64\User32.dll [2016-09-14 19:59] - [2016-09-14 19:59] - 1435896 ____A (Microsoft Corporation) 039C8465C730E7E9713819AB859505E9 C:\Windows\System32\userinit.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0033280 ____A (Microsoft Corporation) C1B1FFC800BE2F31EB2CF8CB40629C69 C:\Windows\SysWOW64\userinit.exe [2016-07-16 03:42] - [2016-07-16 03:42] - 0027648 ____A (Microsoft Corporation) FA900E6CCCF0A429D5B720C6F0E2274B C:\Windows\System32\rpcss.dll [2016-07-16 03:42] - [2016-07-16 03:42] - 0888320 ____A (Microsoft Corporation) 7BD259FC59CF9C2AE1B979564B374CC6 C:\Windows\System32\dnsapi.dll [2016-07-16 03:42] - [2016-07-16 03:42] - 0646136 ____A (Microsoft Corporation) 9BA2C83C355EAC4278F17BEF0852823A C:\Windows\SysWOW64\dnsapi.dll [2016-07-16 03:42] - [2016-07-16 03:42] - 0496872 ____A (Microsoft Corporation) 6C1D303C703B27FE40D392899BC22E14 C:\Windows\System32\Drivers\volsnap.sys [2016-07-16 03:42] - [2016-07-16 03:42] - 0391520 ____A (Microsoft Corporation) BF2546583BB75F01DDA60A7921DFB230 ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 3976.27 MB Available physical RAM: 3258.25 MB Total Virtual: 3976.27 MB Available Virtual: 3283.65 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:223.07 GB) (Free:158.51 GB) NTFS Drive d: (DATA) (Fixed) (Total:223.88 GB) (Free:223.65 GB) NTFS Drive e: (KINGSTON16) (Removable) (Total:14.42 GB) (Free:14.37 GB) NTFS Drive f: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:397.76 GB) NTFS Drive h: (RECOVERY) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9D36695) Partition: GPT. ======================================================== Disk: 1 (Size: 14.4 GB) (Disk ID: 73736572) Partition 1: (Not Active) - (Size=866 GB) - (Type=72) Partition 2: (Not Active) - (Size=931.6 GB) - (Type=6C) Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit. Partition 3: (Not Active) - (Size=224 KB) - (Type=00) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 8200A4B6) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) LastRegBack: 2016-09-14 19:04 ==================== End of FRST.txt ============================