Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017 Ran by Arekcipa (administrator) on DESKTOP-JPALGE4 (30-04-2017 14:59:35) Running from C:\Users\Arekcipa\Downloads Loaded Profiles: Arekcipa (Available Profiles: Arekcipa) Platform: Windows 10 Enterprise 2015 LTSB Evaluation (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) D:\programy\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Valve Corporation) D:\Steam\Steam.exe (Gaijin Entertainment) C:\Users\Arekcipa\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2017-02-07] (Synaptics Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => D:\programy\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.) HKU\S-1-5-21-252974029-621322211-1437129156-1001\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-252974029-621322211-1437129156-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Arekcipa\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-04-24] (Gaijin Entertainment) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-04-10] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{c436fe57-f727-48b9-8c4f-4fd0a3fd055c}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-252974029-621322211-1437129156-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp Chrome: ======= CHR Profile: C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default [2017-04-30] CHR Extension: (Prezentacje Google) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-25] CHR Extension: (Dokumenty Google) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-25] CHR Extension: (Dysk Google) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-25] CHR Extension: (YouTube) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-25] CHR Extension: (uBlock Origin) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-25] CHR Extension: (Arkusze Google) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-25] CHR Extension: (Dokumenty Google offline) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-25] CHR Extension: (Gmail) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Arekcipa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2278152 2017-02-07] (Broadcom Corporation.) S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2017-02-07] (Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation) S3 Origin Client Service; D:\origin\OriginClientService.exe [2122248 2017-02-15] (Electronic Arts) S2 Origin Web Helper Service; D:\origin\OriginWebHelperService.exe [2184208 2017-02-15] (Electronic Arts) R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2017-02-07] (Synaptics Incorporated) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation) R2 WLMS; C:\Windows\system32\wlms\wlms.exe [23552 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2017-02-07] (Broadcom Corporation.) R3 NETwNe64; C:\Windows\System32\drivers\NETwew00.sys [3349984 2015-07-10] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2017-02-07] (Synaptics Incorporated) R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS) S3 sshid; C:\Windows\System32\drivers\sshid.sys [45928 2017-03-29] (SteelSeries ApS) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-30 14:57 - 2017-04-30 14:57 - 00001841 _____ C:\Users\Arekcipa\Desktop\AdwCleaner[C3].txt 2017-04-30 14:56 - 2017-04-30 14:56 - 00016148 _____ C:\Windows\system32\DESKTOP-JPALGE4_Arekcipa_HistoryPrediction.bin 2017-04-30 14:51 - 2017-04-30 14:52 - 04102600 _____ C:\Users\Arekcipa\Downloads\adwcleaner_6.046 (1).exe 2017-04-30 14:49 - 2017-04-30 14:49 - 00007548 _____ C:\Users\Arekcipa\Downloads\SearchReg.txt 2017-04-30 14:33 - 2017-04-30 14:34 - 00008412 _____ C:\Users\Arekcipa\Downloads\Fixlog.txt 2017-04-26 21:01 - 2017-04-26 21:01 - 00015568 _____ C:\Users\Arekcipa\Documents\gmer.txt 2017-04-26 20:04 - 2017-04-26 20:04 - 00380928 _____ C:\Users\Arekcipa\Downloads\e7wk9d19.exe 2017-04-26 19:50 - 2017-04-26 19:50 - 00032044 _____ C:\Users\Arekcipa\Downloads\Shortcut.txt 2017-04-26 19:47 - 2017-04-30 14:31 - 00000000 ____D C:\Users\Arekcipa\Downloads\FRST-OlderVersion 2017-04-25 14:37 - 2017-04-26 19:50 - 00037414 _____ C:\Users\Arekcipa\Downloads\Addition.txt 2017-04-25 14:36 - 2017-04-30 14:59 - 00010405 _____ C:\Users\Arekcipa\Downloads\FRST.txt 2017-04-25 14:16 - 2017-04-25 14:16 - 00003566 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-25 14:16 - 2017-04-25 14:16 - 00003442 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-25 13:44 - 2017-04-25 13:44 - 04102600 _____ C:\Users\Arekcipa\Downloads\adwcleaner_6.046.exe 2017-04-25 13:43 - 2017-04-30 14:54 - 00000000 ____D C:\AdwCleaner 2017-04-25 13:30 - 2017-04-30 14:59 - 00000000 ____D C:\FRST 2017-04-25 13:30 - 2017-04-30 14:31 - 02427392 _____ (Farbar) C:\Users\Arekcipa\Downloads\FRST64.exe 2017-04-25 13:11 - 2017-04-25 13:52 - 00000000 ____D C:\Windows\system32\log 2017-04-25 13:10 - 2017-04-26 19:13 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS 2017-04-25 13:10 - 2017-04-25 13:10 - 00000000 _____ C:\Windows\SysWOW64\44 2017-04-25 13:10 - 2017-04-25 13:10 - 00000000 _____ C:\Windows\SysWOW64\11 2017-04-24 23:08 - 2017-04-25 14:16 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-24 23:08 - 2017-04-24 23:08 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\Google 2017-04-20 23:54 - 2017-04-26 19:14 - 00000000 ____D C:\Users\Arekcipa\AppData\LocalLow\Mozilla 2017-04-20 19:31 - 2017-04-20 19:31 - 00000000 ____D C:\Program Files (x86)\58F8F058_jumpeasy 2017-04-20 19:30 - 2017-04-20 19:31 - 00000000 ____D C:\Program Files (x86)\58F8F04B_jumpeasy 2017-04-20 19:24 - 2017-04-20 19:24 - 00000007 _____ C:\Windows\SysWOW64\BCFB.tmp 2017-04-20 19:09 - 2017-04-26 19:13 - 00000000 ____D C:\Program Files (x86)\BiaoJi 2017-04-14 16:48 - 2017-04-14 16:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-04-14 16:48 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll 2017-04-14 16:48 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-04-14 16:48 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe 2017-04-14 16:48 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-04-14 16:45 - 2017-04-03 16:49 - 00048696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2017-04-14 16:45 - 2017-04-01 05:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 24712080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 20827640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 16895552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 13687472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00492768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00196152 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00172736 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00168640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00143920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2017-04-14 16:45 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-04-14 16:45 - 2017-04-01 05:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-04-14 16:34 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-04-14 16:34 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-04-13 14:05 - 2017-04-13 14:05 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\SSMgre 2017-04-12 12:40 - 2017-03-28 12:21 - 01315008 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-04-12 12:40 - 2017-03-28 12:21 - 01023208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-04-12 12:40 - 2017-03-28 12:21 - 00862024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-04-12 12:40 - 2017-03-28 12:21 - 00201448 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2017-04-12 12:40 - 2017-03-28 12:20 - 00605472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-04-12 12:40 - 2017-03-28 12:19 - 03467784 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2017-04-12 12:40 - 2017-03-28 12:18 - 01538176 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2017-04-12 12:40 - 2017-03-28 12:18 - 00652864 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2017-04-12 12:40 - 2017-03-28 12:17 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-04-12 12:40 - 2017-03-28 12:16 - 08014176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-04-12 12:40 - 2017-03-28 12:16 - 02816024 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2017-04-12 12:40 - 2017-03-28 12:16 - 00786624 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2017-04-12 12:40 - 2017-03-28 12:16 - 00552288 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2017-04-12 12:40 - 2017-03-28 12:15 - 02495768 _____ C:\Windows\system32\CoreUIComponents.dll 2017-04-12 12:40 - 2017-03-28 12:11 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-04-12 12:40 - 2017-03-28 12:10 - 00388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2017-04-12 12:40 - 2017-03-28 12:09 - 01980256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-04-12 12:40 - 2017-03-28 12:09 - 00807832 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2017-04-12 12:40 - 2017-03-28 12:08 - 01589224 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-04-12 12:40 - 2017-03-28 12:03 - 08666400 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2017-04-12 12:40 - 2017-03-28 11:37 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2017-04-12 12:40 - 2017-03-28 11:36 - 03651232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-04-12 12:40 - 2017-03-28 11:35 - 22327264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-04-12 12:40 - 2017-03-28 11:33 - 06525424 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2017-04-12 12:40 - 2017-03-28 11:32 - 01134792 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2017-04-12 12:40 - 2017-03-28 11:32 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2017-04-12 12:40 - 2017-03-28 11:29 - 00256728 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe 2017-04-12 12:40 - 2017-03-28 11:06 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-04-12 12:40 - 2017-03-28 11:05 - 01781416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2017-04-12 12:40 - 2017-03-28 11:05 - 00613112 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2017-04-12 12:40 - 2017-03-28 10:39 - 00953992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-04-12 12:40 - 2017-03-28 10:39 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2017-04-12 12:40 - 2017-03-28 10:38 - 01364040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-04-12 12:40 - 2017-03-28 10:34 - 01531880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-04-12 12:40 - 2017-03-28 10:34 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-04-12 12:40 - 2017-03-28 10:34 - 00439648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2017-04-12 12:40 - 2017-03-28 10:32 - 01766496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2017-04-12 12:40 - 2017-03-28 10:21 - 06913360 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-12 12:40 - 2017-03-28 10:10 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll 2017-04-12 12:40 - 2017-03-28 09:58 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2017-04-12 12:40 - 2017-03-28 09:54 - 02904328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-12 12:40 - 2017-03-28 09:54 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2017-04-12 12:40 - 2017-03-28 09:52 - 20863000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-04-12 12:40 - 2017-03-28 09:48 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-04-12 12:40 - 2017-03-28 09:44 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-04-12 12:40 - 2017-03-28 09:38 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-04-12 12:40 - 2017-03-28 09:28 - 01517480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2017-04-12 12:40 - 2017-03-28 09:28 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2017-04-12 12:40 - 2017-03-28 09:28 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-04-12 12:40 - 2017-03-28 09:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2017-04-12 12:40 - 2017-03-28 09:22 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll 2017-04-12 12:40 - 2017-03-28 09:21 - 24591360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-04-12 12:40 - 2017-03-28 09:20 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-04-12 12:40 - 2017-03-28 09:13 - 12516352 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-04-12 12:40 - 2017-03-28 09:11 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 03494400 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-04-12 12:40 - 2017-03-28 09:09 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-04-12 12:40 - 2017-03-28 09:08 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-04-12 12:40 - 2017-03-28 09:07 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-04-12 12:40 - 2017-03-28 09:07 - 00775680 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-04-12 12:40 - 2017-03-28 09:07 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-04-12 12:40 - 2017-03-28 09:06 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2017-04-12 12:40 - 2017-03-28 09:06 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-04-12 12:40 - 2017-03-28 08:58 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2017-04-12 12:40 - 2017-03-28 08:52 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-04-12 12:40 - 2017-03-28 08:47 - 00819712 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe 2017-04-12 12:40 - 2017-03-28 08:45 - 00952320 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-04-12 12:40 - 2017-03-28 08:45 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll 2017-04-12 12:40 - 2017-03-28 08:38 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2017-04-12 12:40 - 2017-03-28 08:38 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2017-04-12 12:40 - 2017-03-28 08:38 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll 2017-04-12 12:40 - 2017-03-28 08:37 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2017-04-12 12:40 - 2017-03-28 08:36 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2017-04-12 12:40 - 2017-03-28 08:36 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2017-04-12 12:40 - 2017-03-28 08:30 - 04168704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2017-04-12 12:40 - 2017-03-28 08:29 - 03580928 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2017-04-12 12:40 - 2017-03-28 08:29 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2017-04-12 12:40 - 2017-03-28 08:29 - 00338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-04-12 12:40 - 2017-03-28 08:29 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys 2017-04-12 12:40 - 2017-03-28 08:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2017-04-12 12:40 - 2017-03-28 08:16 - 21856256 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2017-04-12 12:40 - 2017-03-28 08:16 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2017-04-12 12:40 - 2017-03-28 08:15 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll 2017-04-12 12:40 - 2017-03-28 08:09 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-04-12 12:40 - 2017-03-28 08:08 - 19331072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-12 12:40 - 2017-03-28 08:07 - 07526400 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2017-04-12 12:40 - 2017-03-28 08:07 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-04-12 12:40 - 2017-03-28 08:06 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-04-12 12:40 - 2017-03-28 08:00 - 04398080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2017-04-12 12:40 - 2017-03-28 07:59 - 02962432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-12 12:40 - 2017-03-28 07:59 - 01492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-12 12:40 - 2017-03-28 07:59 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-12 12:40 - 2017-03-28 07:59 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-04-12 12:40 - 2017-03-28 07:59 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-04-12 12:40 - 2017-03-28 07:58 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-12 12:40 - 2017-03-28 07:58 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-12 12:40 - 2017-03-28 07:58 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2017-04-12 12:40 - 2017-03-28 07:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-12 12:40 - 2017-03-28 07:57 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2017-04-12 12:40 - 2017-03-28 07:57 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-12 12:40 - 2017-03-28 07:43 - 00768512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-04-12 12:40 - 2017-03-28 07:38 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2017-04-12 12:40 - 2017-03-28 07:37 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll 2017-04-12 12:40 - 2017-03-28 07:36 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2017-04-12 12:40 - 2017-03-28 07:31 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2017-04-12 12:40 - 2017-03-28 07:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2017-04-12 12:40 - 2017-03-28 07:17 - 03579904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-04-12 12:40 - 2017-03-28 07:15 - 11272192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-12 12:40 - 2017-03-28 07:15 - 05459456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2017-04-12 12:40 - 2017-03-28 07:14 - 18798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2017-04-12 12:40 - 2017-03-28 07:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2017-04-12 12:40 - 2017-03-28 07:11 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-04-12 12:40 - 2017-03-18 22:00 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-04-12 12:40 - 2017-03-18 20:21 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-04-12 12:39 - 2017-03-28 10:14 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2017-04-12 12:39 - 2017-03-28 10:14 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2017-04-12 12:39 - 2017-03-28 09:51 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2017-04-12 12:39 - 2017-03-28 09:50 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2017-04-12 12:39 - 2017-03-28 09:44 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2017-04-12 12:39 - 2017-03-28 09:43 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-04-12 12:39 - 2017-03-28 09:43 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2017-04-12 12:39 - 2017-03-28 09:42 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2017-04-12 12:39 - 2017-03-28 09:36 - 04847616 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2017-04-12 12:39 - 2017-03-28 09:28 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2017-04-12 12:39 - 2017-03-28 09:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-04-12 12:39 - 2017-03-28 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-04-12 12:39 - 2017-03-28 09:07 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-04-12 12:39 - 2017-03-28 08:54 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll 2017-04-12 12:39 - 2017-03-28 08:50 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2017-04-12 12:39 - 2017-03-28 08:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2017-04-12 12:39 - 2017-03-28 08:47 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2017-04-12 12:39 - 2017-03-28 08:45 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2017-04-12 12:39 - 2017-03-28 08:33 - 04453888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2017-04-12 12:39 - 2017-03-28 08:31 - 02599424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2017-04-12 12:39 - 2017-03-28 08:30 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2017-04-12 12:39 - 2017-03-28 08:30 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-04-12 12:39 - 2017-03-28 08:28 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2017-04-12 12:39 - 2017-03-28 08:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-04-12 12:39 - 2017-03-28 08:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-04-12 12:39 - 2017-03-28 08:25 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2017-04-12 12:39 - 2017-03-28 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll 2017-04-12 12:39 - 2017-03-28 08:24 - 00806912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2017-04-12 12:39 - 2017-03-28 08:20 - 03873280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2017-04-12 12:39 - 2017-03-28 08:13 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp 2017-04-12 12:39 - 2017-03-28 08:06 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2017-04-12 12:39 - 2017-03-28 08:03 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll 2017-04-12 12:39 - 2017-03-28 07:58 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2017-04-12 12:39 - 2017-03-28 07:58 - 00885248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-04-12 12:39 - 2017-03-28 07:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\dbgcore.dll 2017-04-12 12:39 - 2017-03-28 07:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll 2017-04-12 12:39 - 2017-03-28 07:45 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe 2017-04-12 12:39 - 2017-03-28 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2017-04-12 12:39 - 2017-03-28 07:44 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2017-04-12 12:39 - 2017-03-28 07:44 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2017-04-12 12:39 - 2017-03-28 07:34 - 03692032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2017-04-12 12:39 - 2017-03-28 07:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-04-12 12:39 - 2017-03-28 07:30 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2017-04-12 12:39 - 2017-03-28 07:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-04-12 12:39 - 2017-03-28 07:04 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgcore.dll 2017-04-12 12:39 - 2017-03-28 06:52 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2017-04-12 12:39 - 2017-03-28 04:11 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml 2017-04-12 12:39 - 2017-03-18 21:01 - 00596992 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll 2017-04-12 12:39 - 2017-03-18 19:39 - 00451584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll 2017-04-07 19:25 - 2017-04-07 19:25 - 00000000 ____D C:\Users\Arekcipa\Documents\My Games 2017-04-07 19:24 - 2017-04-07 19:24 - 00000000 ____D C:\Users\Arekcipa\ansel 2017-04-07 19:11 - 2017-04-07 19:11 - 00000000 ____D C:\Users\Arekcipa\AppData\Local\Gaijin 2017-04-07 19:11 - 2017-04-07 19:11 - 00000000 ____D C:\ProgramData\Gaijin 2017-04-07 18:32 - 2017-04-07 18:32 - 00000202 _____ C:\Users\Arekcipa\Desktop\War Thunder.url 2017-04-07 17:58 - 2017-04-20 23:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-04-07 17:58 - 2017-04-07 17:58 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\TeamViewer 2017-04-03 12:26 - 2017-04-18 22:49 - 00000000 ____D C:\Users\Arekcipa\Downloads\VA - Mega Unity Dance Hits March (2017) 2017-04-03 12:26 - 2017-04-03 12:26 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\WinRAR 2017-04-03 12:26 - 2017-04-03 12:26 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-03 12:26 - 2017-04-03 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-03 12:25 - 2017-04-13 14:05 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\ScreenShot 2017-04-03 12:25 - 2017-04-03 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot 2017-04-03 12:25 - 2017-04-03 12:25 - 00000000 ____D C:\Program Files (x86)\ScreenShot 2017-04-02 23:41 - 2017-04-02 23:41 - 00000000 ____D C:\Users\Arekcipa\Desktop\hity 2017-04-02 22:56 - 2017-04-02 23:12 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\Apple Computer 2017-04-02 22:56 - 2017-04-02 22:56 - 00001495 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-04-02 22:56 - 2017-04-02 22:56 - 00000000 ____D C:\Users\Arekcipa\AppData\Local\Apple Computer 2017-04-02 22:56 - 2017-04-02 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-04-02 22:55 - 2017-04-02 22:55 - 00000000 ____D C:\ProgramData\Apple Computer 2017-04-02 22:55 - 2017-04-02 22:55 - 00000000 ____D C:\Program Files\iPod 2017-04-02 22:54 - 2017-04-02 22:54 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-04-02 22:54 - 2017-04-02 22:54 - 00000000 ____D C:\Users\Arekcipa\AppData\Local\Apple 2017-04-02 22:54 - 2017-04-02 22:54 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-04-02 22:53 - 2017-04-02 22:53 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-04-02 22:53 - 2017-04-02 22:53 - 00000000 ____D C:\Program Files\Bonjour 2017-04-02 22:53 - 2017-04-02 22:53 - 00000000 ____D C:\Program Files (x86)\Bonjour 2017-04-02 22:52 - 2017-04-02 22:54 - 00000000 ____D C:\ProgramData\Apple ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-30 14:56 - 2017-02-07 23:14 - 00000000 __SHD C:\Users\Arekcipa\IntelGraphicsProfiles 2017-04-30 14:56 - 2017-02-07 23:10 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-30 14:55 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-30 14:54 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-04-30 14:40 - 2017-02-07 23:53 - 00777106 _____ C:\Windows\system32\perfh015.dat 2017-04-30 14:40 - 2017-02-07 23:53 - 00148480 _____ C:\Windows\system32\perfc015.dat 2017-04-30 14:40 - 2017-02-07 21:58 - 01746354 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-30 14:40 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF 2017-04-30 10:47 - 2017-02-07 22:22 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8B9288DD-0DFD-4E07-B242-335967DB3D56} 2017-04-28 23:25 - 2017-02-07 22:23 - 00000000 ____D C:\Users\Arekcipa\AppData\Local\Google 2017-04-27 22:42 - 2017-02-08 00:27 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\TS3Client 2017-04-26 12:00 - 2017-02-12 19:29 - 00000000 ____D C:\Users\Arekcipa\AppData\Local\CrashDumps 2017-04-25 13:54 - 2015-07-10 14:20 - 00194232 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-24 01:06 - 2017-02-07 22:06 - 00000000 ____D C:\Users\Arekcipa 2017-04-21 19:34 - 2017-02-13 01:52 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\vlc 2017-04-21 17:20 - 2017-02-07 22:10 - 00003296 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-21 17:20 - 2017-02-07 22:08 - 00002416 _____ C:\Users\Arekcipa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-21 17:20 - 2017-02-07 22:08 - 00000000 ___RD C:\Users\Arekcipa\OneDrive 2017-04-21 17:15 - 2017-02-11 13:19 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\uTorrent 2017-04-15 23:35 - 2017-03-30 21:58 - 00000134 ____H C:\Users\Arekcipa\Downloads\.picasa.ini 2017-04-14 17:40 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache 2017-04-14 16:47 - 2017-02-07 22:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-14 16:35 - 2017-02-07 22:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-14 16:34 - 2017-02-08 01:07 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:30 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-04-14 16:34 - 2017-02-07 23:27 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:27 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:27 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:27 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:27 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 23:27 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-14 16:34 - 2017-02-07 22:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-04-13 11:01 - 2017-02-07 22:06 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\F12 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\F12 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-13 00:23 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-12 14:04 - 2017-02-07 22:56 - 00000000 ____D C:\Windows\system32\MRT 2017-04-12 14:03 - 2017-02-07 22:56 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-04-12 14:03 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp 2017-04-10 16:53 - 2017-03-06 20:29 - 00000000 ____D C:\Users\Arekcipa\AppData\Roaming\steelseries-engine-3-client 2017-04-08 00:06 - 2017-02-07 22:57 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-04-03 16:49 - 2017-02-07 22:11 - 14841784 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-04-01 20:54 - 2015-07-10 13:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-04-01 20:54 - 2015-07-10 13:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-01 05:27 - 2017-02-08 01:06 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-04-01 05:27 - 2017-02-07 23:24 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-04-01 05:27 - 2017-02-07 23:24 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-04-01 05:27 - 2017-02-07 23:24 - 00607640 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-04-01 05:27 - 2017-02-07 22:11 - 00045061 _____ C:\Windows\system32\nvinfo.pb 2017-04-01 04:10 - 2017-02-07 22:12 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 00146880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-04-01 04:10 - 2017-02-07 22:12 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-04-01 04:09 - 2017-02-07 23:26 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-03-31 12:15 - 2017-02-07 22:12 - 07851747 _____ C:\Windows\system32\nvcoproc.bin ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-04-26 20:21 ==================== End of FRST.txt ============================