I was having difficulty installing Norton Security and eventually they told me my pc was very badly infected with Alureon and it needed to be removed very quickly! I have, in the last 10 days had a new hard drive and am amazed that all the problems they found were there. I have only a day left on my Norton security so need to do something in a hurry - any help very, very welcome. I am pasting FRST and Additions as requested Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018 Ran by VIV (administrator) on DESKTOP-1FFI7T5 (13-02-2018 19:35:05) Running from C:\Users\VIV\Desktop Loaded Profiles: VIV (Available Profiles: VIV & VL) Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= I will continue on page 2
==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Mirics Semiconductor Ltd) C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxAccounts.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.) HKLM-x32\...\Run: [ReminderApp] => C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe [185664 2007-08-25] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-08] (Dropbox, Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-02] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2018-02-02] ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\Broderbund\PrintMaster\PMremind.exe (TLC Multimedia Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{73e83076-693c-4d47-89f6-b6f4414bcadc}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869 SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869 BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation) FireFox: ======== FF ProfilePath: C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default [2018-01-29] FF Extension: (Dashlane) - C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default\Extensions\jetpack-extension@dashlane.com.xpi [2017-12-13] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default [2018-02-13] CHR Extension: (Norton Security Toolbar) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-02-04] CHR Extension: (Norton Identity Safe) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-30] CHR Extension: (Chrome Media Router) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found> CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "chrome://startpage/" OPR Session Restore: -> is enabled. OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2018-01-29] OPR Extension: (Dashlane - Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2018-02-05] OPR Extension: (LastPass: Free Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2018-01-29] OPR Extension: (Install Chrome Extensions) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-01-29] OPR Extension: (F.B.(FluffBusting)Purity) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppldhdmhmdcedddamaddkbbakkfhgeeo [2018-02-05] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-08] (Dropbox, Inc.) R2 hcwD3bda_dvbt; C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2641920 2010-12-16] (Mirics Semiconductor Ltd) R2 NortonWiFiPrivacy; C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe [1363064 2017-08-29] () R2 NS; C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-30] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\BASHDefs\20180210.001\BHDrvx64.sys [1879632 2018-02-10] (Symantec Corporation) R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-02-13] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-02-13] (Symantec Corporation) R3 hcwD3bda; C:\WINDOWS\system32\DRIVERS\hcwD3bda64.sys [116352 2010-06-29] (Mirics) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\IPSDefs\20180212.001\IDSvia64.sys [1056920 2018-02-12] (Symantec Corporation) R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek ) R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2018-02-13] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-01-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-01-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) ===================
If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-02-13 19:35 - 2018-02-13 19:35 - 000017272 _____ C:\Users\VIV\Desktop\FRST.txt 2018-02-13 19:34 - 2018-02-13 19:35 - 000000000 ____D C:\FRST 2018-02-13 19:31 - 2018-02-13 19:31 - 002405376 _____ (Farbar) C:\Users\VIV\Desktop\FRST64.exe 2018-02-13 19:25 - 2018-02-13 19:26 - 000244472 _____ C:\TDSSKiller.3.1.0.16_13.02.2018_19.25.22_log.txt 2018-02-13 19:24 - 2018-02-13 19:25 - 004944584 _____ (AO Kaspersky Lab) C:\Users\VIV\Downloads\tdsskiller.exe 2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoToAssist Remote Support Customer 2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoTo Opener 2018-02-13 16:48 - 2018-02-13 16:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2018-02-13 16:24 - 2018-02-13 16:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2018-02-13 16:24 - 2018-02-13 16:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2018-02-13 16:10 - 2018-02-13 16:10 - 000602568 _____ C:\Users\VIV\Downloads\Reference #129557736_ Your order of Creativemark's products.mbs 2018-02-13 15:32 - 2018-02-13 15:32 - 000004354 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for VIV 2018-02-13 15:32 - 2018-02-13 15:32 - 000001541 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK 2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64 2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan 2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan 2018-02-13 15:25 - 2018-02-13 15:25 - 000047254 _____ C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software.html 2018-02-13 15:25 - 2018-02-13 15:25 - 000000000 ____D C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software_files 2018-02-13 14:49 - 2018-02-13 14:49 - 000001331 _____ C:\Users\VIV\Desktop\Norton WiFi Privacy.lnk 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton WiFi Privacy 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Local\Norton WiFi Privacy 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.QtWebEngineProcess 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.Norton WiFi Privacy 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\NWPService 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\Norton WiFi Privacy 2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Program Files (x86)\Norton WiFi Privacy 2018-02-13 14:43 - 2018-02-13 16:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2018-02-13 14:41 - 2018-02-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-02-13 14:39 - 2018-02-13 16:24 - 000002315 _____ C:\Users\Public\Desktop\Norton Security.lnk 2018-02-13 14:39 - 2018-02-13 16:22 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2018-02-13 14:39 - 2018-02-13 16:22 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2018-02-13 14:39 - 2018-02-13 14:39 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO1d56.tmp 2018-02-13 14:39 - 2018-02-13 14:39 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2018-02-13 14:37 - 2018-02-13 16:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64 2018-02-13 14:37 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\NortonInstaller 2018-02-13 14:37 - 2018-02-13 14:38 - 000000000 ____D C:\Program Files\Norton Security 2018-02-13 14:25 - 2018-02-13 16:25 - 000001336 _____ C:\Users\VIV\Desktop\Norton Installation Files.lnk 2018-02-13 14:25 - 2018-02-13 14:26 - 077776528 _____ C:\Users\VIV\Downloads\NortonWiFiPrivacy 2018.exe 2018-02-13 14:25 - 2018-02-13 14:25 - 001101088 _____ (Symantec Corporation) C:\Users\VIV\Downloads\NSDeluxeDownloader 2018.exe 2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ C:\Users\VIV\AppData\Roaming\signature.txt 2018-02-11 15:29 - 2018-02-11 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\tovi80alpha@gmail.com 2018-02-11 14:52 - 2018-02-11 14:52 - 000000000 ____D C:\Users\VIV\AppData\Local\enchant 2018-02-11 14:45 - 2018-02-11 14:45 - 000000000 ____D C:\Users\VIV\VCF 2018-02-11 14:26 - 2018-02-11 16:58 - 000000000 ____D C:\Users\VIV\AppData\Roaming\&tovil 2018-02-11 14:21 - 2018-02-11 17:13 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Claws-mail 2018-02-11 14:17 - 2018-02-11 14:18 - 025124405 _____ (claws-mail.org) C:\Users\VIV\Downloads\claws-mail-3.16.0-1-32bit.exe 2018-02-10 15:45 - 2018-02-10 15:45 - 000000000 ____D C:\Users\VIV\Desktop\New folder 2018-02-10 15:30 - 2018-02-10 15:41 - 000012418 _____ C:\Users\VIV\Desktop\Book1.xlsx 2018-02-10 15:17 - 2018-02-10 17:16 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Mozilla 2018-02-10 15:16 - 2018-02-10 15:23 - 000000000 ____D C:\Users\VIV\AppData\Local\Thunderbird 2018-02-10 15:15 - 2018-02-10 15:15 - 040314920 _____ (Mozilla) C:\Users\VIV\Downloads\Thunderbird Setup 52.6.0.exe 2018-02-10 14:46 - 2018-02-10 14:46 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (2).adr 2018-02-10 14:42 - 2018-02-10 14:42 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (1).adr 2018-02-10 14:34 - 2018-02-10 14:34 - 000005935 _____ C:\Users\VIV\Desktop\contacts saturday.csv 2018-02-10 13:55 - 2018-02-10 13:55 - 000036864 _____ C:\Users\VIV\Desktop\Agenda feb 2018-1.dot 2018-02-10 08:48 - 2018-02-10 08:48 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2018-02-10 08:48 - 2018-02-10 08:48 - 000002207 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2018-02-10 08:48 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files\Google 2018-02-10 08:47 - 2018-02-10 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-02-09 17:16 - 2018-02-09 17:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\LibreOffice 2018-02-09 17:07 - 2018-02-09 17:07 - 000001179 _____ C:\Users\Public\Desktop\LibreOffice 6.0.lnk 2018-02-09 17:07 - 2018-02-09 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0 2018-02-09 17:05 - 2018-02-09 17:06 - 000000000 ____D C:\Program Files\LibreOffice 2018-02-09 16:51 - 2018-02-09 16:57 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64 (1).msi 2018-02-09 16:49 - 2018-02-09 16:54 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64.msi 2018-02-09 16:43 - 2018-02-09 16:47 - 273948672 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.1_Win_x64.msi 2018-02-09 15:56 - 2018-02-09 15:56 - 000112644 _____ C:\Users\VIV\Desktop\Valuation Day Poster.pdf 2018-02-08 20:10 - 2018-02-08 20:10 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2018-02-08 20:10 - 2018-02-08 20:10 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2018-02-08 16:33 - 2018-02-09 11:10 - 000118272 _____ C:\Users\VIV\Desktop\Group Meeting A4.pub 2018-02-05 17:04 - 2018-02-05 17:04 - 000001444 _____ C:\Users\VIV\Desktop\Candy Crush Saga (3).lnk 2018-02-05 15:22 - 2018-02-05 15:22 - 000000000 ____D C:\Users\VIV\AppData\Local\HP 2018-02-05 15:09 - 2018-02-08 16:33 - 000128512 _____ C:\Users\VIV\Desktop\santa with Scroll.pub 2018-02-04 17:21 - 2018-02-04 17:21 - 003511808 _____ C:\Users\VIV\Desktop\3 Valleys Silver.pub 2018-02-04 16:52 - 2018-02-04 16:52 - 000000000 ____D C:\Users\VIV\AppData\Local\Apple 2018-02-04 16:50 - 2018-02-04 17:26 - 003503104 _____ C:\Users\VIV\Desktop\A5.pub 2018-02-04 11:03 - 2018-02-04 11:03 - 000000000 ____D C:\Users\VIV\AppData\Local\Nova Development 2018-02-04 11:00 - 2018-02-04 11:00 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Jasc Software Inc 2018-02-03 16:15 - 2018-02-11 16:33 - 000000000 ____D C:\Users\VIV\AppData\Local\CrashDumps 2018-02-03 16:15 - 2018-02-03 16:15 - 000000000 ____D C:\Users\VIV\AppData\Local\DBG 2018-02-03 12:12 - 2018-02-03 12:12 - 000003463 _____ C:\Users\VIV\Downloads\importedcontacts.adr 2018-02-03 12:01 - 2018-02-10 14:31 - 000001726 _____ C:\Users\VIV\Desktop\contacts 1.csv 2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Mail 2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Mail 2018-02-02 20:40 - 2018-02-02 20:40 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0 (2).lnk 2018-02-02 20:22 - 2018-02-02 20:22 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Software 2018-02-02 20:19 - 2018-02-02 20:19 - 000002748 _____ C:\Users\VIV\Desktop\Microsoft Publisher 2010.lnk 2018-02-02 20:19 - 2018-02-02 20:19 - 000001244 _____ C:\Users\VIV\Desktop\Adobe Photoshop 7.0.lnk 2018-02-02 20:15 - 2018-02-02 20:15 - 000000000 ____D C:\Users\VIV\AppData\Local\Dropbox 2018-02-02 16:36 - 2018-02-02 16:51 - 000000000 ___RD C:\Users\VL\Dropbox 2018-02-02 16:35 - 2018-02-02 16:35 - 000001335 _____ C:\Users\VIV\Dropbox.lnk 2018-02-02 16:28 - 2018-02-02 16:28 - 000000000 ____D C:\Users\VL\AppData\Roaming\Dropbox 2018-02-02 16:27 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-02-02 16:27 - 2018-02-02 18:14 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2018-02-02 16:27 - 2018-02-02 18:14 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2018-02-02 16:27 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL\AppData\Local\Dropbox 2018-02-02 16:27 - 2018-02-02 16:27 - 000003992 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2018-02-02 16:27 - 2018-02-02 16:27 - 000003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2018-02-02 16:27 - 2018-02-02 16:27 - 000000000 ____D C:\ProgramData\Dropbox 2018-02-02 16:26 - 2018-02-02 16:26 - 000690080 _____ (Dropbox, Inc.) C:\Users\VL\Downloads\DropboxInstaller (1).exe 2018-02-02 16:14 - 2018-02-02 16:14 - 000002097 _____ C:\Users\VIV\Windows Restore.lnk 2018-02-02 16:08 - 2018-02-02 16:08 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0.lnk 2018-02-02 15:03 - 2018-02-02 15:03 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2018-02-02 14:58 - 2018-02-02 14:58 - 000007227 _____ C:\Users\VL\Downloads\importedcontacts (4).adr 2018-02-02 14:53 - 2018-02-02 14:56 - 137329840 _____ (Microsoft Corporation) C:\Users\VL\Downloads\wlsetup-all.exe 2018-02-02 14:52 - 2018-02-02 14:52 - 000002793 _____ C:\Users\Public\Desktop\Greeting Card Factory Deluxe.lnk 2018-02-02 14:52 - 2018-02-02 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development 2018-02-02 14:44 - 2018-02-02 14:44 - 000000000 ____D C:\Program Files (x86)\Nova Development 2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Web Publish 2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 _____ C:\WINDOWS\wplog.txt 2018-02-02 14:28 - 2001-02-26 18:58 - 000237568 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlUp.dll 2018-02-02 14:28 - 2001-02-23 09:56 - 000184320 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlDn.dll 2018-02-02 14:26 - 2018-02-02 14:26 - 000001844 _____ C:\Users\Public\Desktop\PrintMaster 11.lnk 2018-02-02 14:26 - 2018-02-02 14:26 - 000000175 _____ C:\Users\Public\Desktop\ExpressIt.com.url 2018-02-02 14:26 - 2018-02-02 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMaster 2018-02-02 14:25 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Broderbund 2018-02-02 14:25 - 2018-02-02 14:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-02-02 14:25 - 2001-02-27 17:08 - 000745472 ____N () C:\WINDOWS\SysWOW64\PMAppBuilder.dll 2018-02-02 14:25 - 2001-02-27 17:07 - 000090112 ____N () C:\WINDOWS\SysWOW64\PMovieServer.dll 2018-02-02 14:25 - 2001-02-27 17:07 - 000045056 ____N (The Learning Company, Inc.) C:\WINDOWS\SysWOW64\ImportClient.dll 2018-02-02 14:25 - 2001-02-27 16:53 - 000081920 ____N C:\WINDOWS\SysWOW64\CONNMGR.OCX 2018-02-02 14:25 - 2000-11-07 17:08 - 000073728 _____ (Mattel Interactive, Inc.) C:\WINDOWS\SysWOW64\ImageServerMI.dll 2018-02-02 14:25 - 2000-06-20 01:33 - 000045936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltvdd11w.drv 2018-02-02 14:25 - 2000-06-20 01:32 - 000392192 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltkrn11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000285184 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP11n.DLL 2018-02-02 14:25 - 2000-06-20 01:32 - 000262656 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000172032 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpng11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000152064 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lftif11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000127488 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltimg11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000118784 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltfil11n.DLL 2018-02-02 14:25 - 2000-06-20 01:32 - 000081408 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lffax11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000059392 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwmf11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpsd11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000041472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfgif11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfbmp11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcx11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfeps11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwpg11n.dll 2018-02-02 14:25 - 2000-06-20 01:32 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcd11n.dll 2018-02-02 14:25 - 2000-01-19 11:30 - 000053248 _____ () C:\WINDOWS\SysWOW64\PretzelSpellCheck.dll 2018-02-02 14:25 - 2000-01-19 10:21 - 000114176 _____ (Wintertree Software Inc.) C:\WINDOWS\SysWOW64\SSCE4132.DLL 2018-02-02 14:25 - 1999-04-21 05:08 - 000029184 ____N (Blue Sky Software) C:\WINDOWS\SysWOW64\Popup.ocx 2018-02-02 14:17 - 2018-02-04 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software 2018-02-02 14:17 - 2018-02-02 14:17 - 000002711 _____ C:\Users\Public\Desktop\Jasc Paint Shop Pro 8.lnk 2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Users\VL\AppData\Roaming\Jasc Software Inc 2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Program Files (x86)\Jasc Software Inc 2018-02-02 14:13 - 2018-02-02 14:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Macromedia 2018-02-02 14:12 - 2018-02-02 14:12 - 000001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk 2018-02-02 14:12 - 2018-02-02 14:12 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk 2018-02-02 14:02 - 2018-02-02 14:02 - 000001331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2.0.lnk 2018-02-02 14:02 - 2018-02-02 14:02 - 000001319 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 2.0.lnk 2018-02-02 14:01 - 2002-07-17 02:18 - 000087392 ____N (Twain Working Group) C:\WINDOWS\twain.dll 2018-02-02 14:00 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe 2018-02-01 20:26 - 2018-02-01 20:26 - 000007239 _____ C:\Users\VL\Downloads\importedcontacts (3).adr 2018-02-01 20:17 - 2018-02-01 20:17 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (2).adr 2018-02-01 20:04 - 2018-02-01 20:04 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (1).adr 2018-02-01 19:59 - 2018-02-01 19:59 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts.adr 2018-02-01 19:52 - 2018-02-01 20:10 - 000005190 _____ C:\Users\VL\Desktop\contacts.csv 2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\DBG 2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\CrashDumps 2018-02-01 19:13 - 2018-02-02 20:40 - 000002186 _____ C:\Users\VIV\Opera Mail.lnk 2018-02-01 19:13 - 2018-02-01 19:13 - 012218880 _____ (Opera Software ASA) C:\Users\VL\Downloads\Opera-Mail-1.0-1044.i386.exe 2018-02-01 19:13 - 2018-02-01 19:13 - 000002037 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Mail.lnk 2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Mail 2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Mail 2018-02-01 18:49 - 2018-02-01 18:49 - 000003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517510963 2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\Users\Public\Desktop\Opera browser.lnk 2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk 2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Software 2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Software 2018-02-01 18:48 - 2018-02-01 18:49 - 000000000 ____D C:\Program Files\Opera 2018-02-01 18:47 - 2018-02-01 18:47 - 001269744 _____ (Opera Software) C:\Users\VL\Downloads\OperaSetup.exe 2018-02-01 18:40 - 2018-02-01 18:40 - 000000000 ____D C:\Users\VL\AppData\Local\NetworkTiles 2018-02-01 18:31 - 2018-02-01 18:31 - 000002752 _____ C:\Users\VIV\Microsoft Word 2010.lnk 2018-02-01 18:30 - 2018-02-01 18:30 - 000002748 _____ C:\Users\VIV\Microsoft Publisher 2010.lnk 2018-02-01 18:30 - 2018-02-01 18:30 - 000002714 _____ C:\Users\VIV\Microsoft Excel 2010.lnk 2018-02-01 18:22 - 2018-02-02 15:03 - 000000000 ____D C:\Users\VL\AppData\Local\Windows Live 2018-02-01 17:04 - 2018-02-01 17:04 - 000000000 ____D C:\Program Files\Common Files\AV 2018-02-01 16:34 - 2018-02-13 16:24 - 000000000 ____D C:\ProgramData\NortonInstaller 2018-02-01 16:32 - 2018-02-13 16:25 - 000000000 ____D C:\ProgramData\Norton 2018-02-01 16:32 - 2018-02-13 14:25 - 000000000 ____D C:\Users\Public\Downloads\Norton 2018-02-01 16:32 - 2018-02-01 16:32 - 000001336 _____ C:\Users\VL\Desktop\Norton Installation Files.lnk 2018-02-01 09:49 - 2018-02-01 09:49 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Apple Computer 2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Apple Computer 2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iTunes 2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iPod 2018-02-01 09:48 - 2018-02-01 09:48 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\pss 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Users\VL\AppData\Local\Apple 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Common Files\Apple 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Bonjour 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Bonjour 2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2018-02-01 09:47 - 2018-02-01 09:48 - 000000000 ____D C:\ProgramData\Apple 2018-02-01 09:46 - 2018-02-01 09:46 - 000001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.5.lnk 2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5 2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2018-02-01 09:44 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Skype 2018-02-01 09:43 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Package Cache 2018-02-01 09:41 - 2018-02-01 09:41 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files\VideoLAN 2018-02-01 09:40 - 2018-02-01 09:40 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk 2018-02-01 09:40 - 2018-02-01 09:40 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk 2018-02-01 09:40 - 2018-02-01 09:40 - 000000000 ____D C:\Users\VL\AppData\Roaming\TeamViewer 2018-02-01 09:39 - 2018-02-11 17:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-02-01 09:39 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-02-01 09:39 - 2018-02-01 09:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-02-01 09:39 - 2018-02-01 09:39 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-02-01 09:38 - 2018-02-01 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-02-01 09:37 - 2018-02-01 09:37 - 000425304 _____ (Secure By Design Inc.) C:\Users\VL\Downloads\Ninite Firefox Google Earth OpenOffice Skype Installer.exe 2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2018-01-30 17:30 - 2018-02-01 15:54 - 000003280 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003 2018-01-30 17:28 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\CEF 2018-01-30 17:27 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\Adobe 2018-01-30 17:27 - 2018-01-30 17:27 - 000000000 ____D C:\Users\VL\AppData\LocalLow\Adobe 2018-01-30 17:25 - 2018-01-30 17:25 - 000001358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2018-01-30 17:25 - 2018-01-30 17:25 - 000000000 ____D C:\Program Files\Windows Live 2018-01-30 17:24 - 2018-02-02 15:03 - 000000000 ____D C:\Program Files (x86)\Windows Live 2018-01-30 17:24 - 2018-01-29 20:10 - 000001895 _____ C:\Users\VIV\Documents\ProduKey.txt 2018-01-30 17:24 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll 2018-01-30 17:24 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2018-01-30 17:24 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2018-01-30 17:24 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2018-01-30 17:24 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2018-01-30 17:24 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2018-01-30 17:24 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2018-01-30 17:24 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll 2018-01-30 17:23 - 2018-02-05 14:16 - 000000000 ____D C:\Users\VIV\AppData\Local\Windows Live 2018-01-30 17:23 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll 2018-01-30 17:23 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2018-01-30 17:23 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2018-01-30 17:23 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2018-01-30 17:20 - 2018-01-30 17:20 - 000002714 _____ C:\Users\VIV\Desktop\Microsoft Excel 2010.lnk 2018-01-30 17:19 - 2018-01-30 17:19 - 000002752 _____ C:\Users\VIV\Desktop\Microsoft Word 2010.lnk 2018-01-30 17:12 - 2018-02-06 02:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-01-30 17:12 - 2018-02-06 02:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\MSBuild 2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-01-30 17:04 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\WINDOWS\PCHEALTH 2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework 2018-01-30 17:00 - 2018-01-30 17:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2018-01-30 16:59 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 __RHD C:\MSOCache 2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files\Microsoft Office 2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2018-01-30 16:42 - 2018-01-30 16:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform 2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Temp 2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\Local\Microsoft Help 2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Adobe 2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\CEF 2018-01-30 16:17 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Google 2018-01-30 16:17 - 2018-02-07 13:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-30 16:17 - 2018-02-07 13:38 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-01-30 16:17 - 2018-01-30 17:27 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-01-30 16:17 - 2018-01-30 17:27 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-01-30 16:17 - 2018-01-30 16:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
018-01-30 16:16 - 2018-02-02 14:11 - 000000000 ____D C:\Program Files (x86)\Adobe 2018-01-30 16:16 - 2018-01-30 16:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-01-30 16:16 - 2018-01-30 16:24 - 000000000 ____D C:\ProgramData\Adobe 2018-01-30 16:16 - 2018-01-30 16:16 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2018-01-30 16:14 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Adobe 2018-01-30 16:13 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-01-30 16:13 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-01-30 16:13 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-01-30 16:13 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-01-30 16:13 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-01-30 16:13 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-01-30 16:10 - 2018-01-30 16:10 - 000001323 _____ C:\Users\VIV\Desktop\Internet Explorer.lnk 2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\ProgramData\SystemAcCrux 2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\Program Files (x86)\EaseUS 2018-01-30 15:14 - 2018-01-30 15:16 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-01-30 15:14 - 2018-01-30 15:14 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-01-30 15:13 - 2018-01-30 15:13 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-01-30 15:12 - 2018-02-02 20:39 - 000000000 ____D C:\Users\VL\AppData\Local\PlaceholderTileLogoFolder 2018-01-30 15:11 - 2018-02-02 14:23 - 000000000 ____D C:\Users\VL\AppData\Local\Comms 2018-01-30 15:03 - 2018-01-01 17:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2018-01-30 15:03 - 2018-01-01 12:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-01-30 15:03 - 2018-01-01 12:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-01-30 15:03 - 2018-01-01 12:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll 2018-01-30 15:03 - 2018-01-01 12:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-01-30 15:03 - 2018-01-01 12:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-01-30 15:03 - 2018-01-01 12:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-01-30 15:03 - 2018-01-01 12:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2018-01-30 15:03 - 2018-01-01 12:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2018-01-30 15:03 - 2018-01-01 12:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-01-30 15:03 - 2018-01-01 12:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-01-30 15:03 - 2018-01-01 12:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2018-01-30 15:03 - 2018-01-01 12:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-01-30 15:03 - 2018-01-01 12:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-01-30 15:03 - 2018-01-01 12:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-01-30 15:03 - 2018-01-01 12:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-01-30 15:03 - 2018-01-01 12:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2018-01-30 15:03 - 2018-01-01 12:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2018-01-30 15:03 - 2018-01-01 12:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-01-30 15:03 - 2018-01-01 12:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2018-01-30 15:03 - 2018-01-01 12:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-01-30 15:03 - 2018-01-01 12:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2018-01-30 15:03 - 2018-01-01 12:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-01-30 15:03 - 2018-01-01 12:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-01-30 15:03 - 2018-01-01 12:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2018-01-30 15:03 - 2018-01-01 12:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-01-30 15:03 - 2018-01-01 12:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-01-30 15:03 - 2018-01-01 12:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-01-30 15:03 - 2018-01-01 12:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2018-01-30 15:03 - 2018-01-01 12:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-01-30 15:03 - 2018-01-01 12:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-01-30 15:03 - 2018-01-01 12:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2018-01-30 15:03 - 2018-01-01 12:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2018-01-30 15:03 - 2018-01-01 12:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-01-30 15:03 - 2018-01-01 12:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-01-30 15:03 - 2018-01-01 12:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-01-30 15:03 - 2018-01-01 12:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2018-01-30 15:03 - 2018-01-01 12:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-01-30 15:03 - 2018-01-01 12:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-01-30 15:03 - 2018-01-01 12:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2018-01-30 15:03 - 2018-01-01 12:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-01-30 15:03 - 2018-01-01 12:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-01-30 15:03 - 2018-01-01 12:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-01-30 15:03 - 2018-01-01 12:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2018-01-30 15:03 - 2018-01-01 12:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-01-30 15:03 - 2018-01-01 12:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2018-01-30 15:03 - 2018-01-01 12:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-01-30 15:03 - 2018-01-01 12:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-01-30 15:03 - 2018-01-01 12:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2018-01-30 15:03 - 2018-01-01 12:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2018-01-30 15:03 - 2018-01-01 12:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2018-01-30 15:03 - 2018-01-01 12:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-01-30 15:03 - 2018-01-01 12:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2018-01-30 15:03 - 2018-01-01 12:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-01-30 15:03 - 2018-01-01 12:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2018-01-30 15:03 - 2018-01-01 12:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2018-01-30 15:03 - 2018-01-01 12:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2018-01-30 15:03 - 2018-01-01 12:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys 2018-01-30 15:03 - 2018-01-01 12:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-01-30 15:03 - 2018-01-01 12:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2018-01-30 15:03 - 2018-01-01 12:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-01-30 15:03 - 2018-01-01 12:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-01-30 15:03 - 2018-01-01 12:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-01-30 15:03 - 2018-01-01 12:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2018-01-30 15:03 - 2018-01-01 12:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-01-30 15:03 - 2018-01-01 12:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-01-30 15:03 - 2018-01-01 12:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-01-30 15:03 - 2018-01-01 12:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-01-30 15:03 - 2018-01-01 12:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-01-30 15:03 - 2018-01-01 12:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-01-30 15:03 - 2018-01-01 12:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-01-30 15:03 - 2018-01-01 12:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2018-01-30 15:03 - 2018-01-01 12:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-01-30 15:03 - 2018-01-01 12:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2018-01-30 15:03 - 2018-01-01 12:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-01-30 15:03 - 2018-01-01 12:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-01-30 15:03 - 2018-01-01 12:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2018-01-30 15:03 - 2018-01-01 12:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2018-01-30 15:03 - 2018-01-01 12:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-01-30 15:03 - 2018-01-01 12:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2018-01-30 15:03 - 2018-01-01 12:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-01-30 15:03 - 2018-01-01 12:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2018-01-30 15:03 - 2018-01-01 11:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-01-30 15:03 - 2018-01-01 11:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-01-30 15:03 - 2018-01-01 11:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2018-01-30 15:03 - 2018-01-01 11:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-01-30 15:03 - 2018-01-01 11:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-01-30 15:03 - 2018-01-01 11:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-01-30 15:03 - 2018-01-01 11:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-01-30 15:03 - 2018-01-01 11:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-01-30 15:03 - 2018-01-01 11:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2018-01-30 15:03 - 2018-01-01 11:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-01-30 15:03 - 2018-01-01 11:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2018-01-30 15:03 - 2018-01-01 11:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-01-30 15:03 - 2018-01-01 11:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-01-30 15:03 - 2018-01-01 11:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-01-30 15:03 - 2018-01-01 11:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-01-30 15:03 - 2018-01-01 11:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2018-01-30 15:03 - 2018-01-01 11:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-01-30 15:03 - 2018-01-01 11:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2018-01-30 15:03 - 2018-01-01 11:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-01-30 15:03 - 2018-01-01 11:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll 2018-01-30 15:03 - 2018-01-01 11:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2018-01-30 15:03 - 2018-01-01 11:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-01-30 15:03 - 2018-01-01 11:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2018-01-30 15:03 - 2018-01-01 11:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-01-30 15:03 - 2018-01-01 11:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2018-01-30 15:03 - 2018-01-01 11:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-01-30 15:03 - 2018-01-01 11:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2018-01-30 15:03 - 2018-01-01 11:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2018-01-30 15:03 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys 2018-01-30 15:03 - 2018-01-01 11:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2018-01-30 15:03 - 2018-01-01 11:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2018-01-30 15:03 - 2018-01-01 11:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-01-30 15:03 - 2018-01-01 11:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2018-01-30 15:03 - 2018-01-01 11:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-01-30 15:03 - 2018-01-01 11:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2018-01-30 15:03 - 2018-01-01 11:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-01-30 15:03 - 2018-01-01 11:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2018-01-30 15:03 - 2018-01-01 11:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2018-01-30 15:03 - 2018-01-01 11:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2018-01-30 15:03 - 2018-01-01 11:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2018-01-30 15:03 - 2018-01-01 11:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2018-01-30 15:03 - 2018-01-01 11:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2018-01-30 15:03 - 2018-01-01 11:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-01-30 15:03 - 2018-01-01 11:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-01-30 15:03 - 2018-01-01 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-01-30 15:03 - 2018-01-01 11:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2018-01-30 15:03 - 2018-01-01 11:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-01-30 15:03 - 2018-01-01 11:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-01-30 15:03 - 2018-01-01 11:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-01-30 15:03 - 2018-01-01 11:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2018-01-30 15:03 - 2018-01-01 11:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-01-30 15:03 - 2018-01-01 11:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-01-30 15:03 - 2018-01-01 11:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2018-01-30 15:03 - 2018-01-01 11:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll 2018-01-30 15:03 - 2018-01-01 11:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2018-01-30 15:03 - 2018-01-01 11:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2018-01-30 15:03 - 2018-01-01 11:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-01-30 15:03 - 2018-01-01 11:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-01-30 15:03 - 2018-01-01 11:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-01-30 15:03 - 2018-01-01 11:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2018-01-30 15:03 - 2018-01-01 11:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2018-01-30 15:02 - 2018-01-01 11:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-01-30 15:02 - 2018-01-01 11:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2018-01-30 15:02 - 2018-01-01 11:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe 2018-01-30 15:02 - 2018-01-01 11:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-01-30 15:02 - 2018-01-01 11:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2018-01-30 15:02 - 2018-01-01 11:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-01-30 15:02 - 2018-01-01 11:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2018-01-30 15:02 - 2018-01-01 11:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2018-01-30 15:02 - 2018-01-01 11:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll 2018-01-30 15:02 - 2018-01-01 11:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-01-30 15:02 - 2018-01-01 11:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll 2018-01-30 15:02 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2018-01-30 15:02 - 2018-01-01 11:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys 2018-01-30 15:02 - 2018-01-01 11:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-01-30 15:02 - 2018-01-01 11:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2018-01-30 15:02 - 2018-01-01 11:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-01-30 15:02 - 2018-01-01 11:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll 2018-01-30 15:02 - 2018-01-01 11:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-01-30 15:02 - 2018-01-01 11:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2018-01-30 15:02 - 2018-01-01 11:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2018-01-30 15:02 - 2018-01-01 11:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-01-30 15:02 - 2018-01-01 11:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll 2018-01-30 15:02 - 2018-01-01 11:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2018-01-30 15:02 - 2018-01-01 11:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-01-30 15:02 - 2018-01-01 11:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2018-01-30 15:02 - 2018-01-01 11:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll 2018-01-30 15:02 - 2018-01-01 11:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2018-01-30 15:02 - 2018-01-01 11:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll 2018-01-30 15:02 - 2018-01-01 11:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-01-30 14:57 - 2018-01-30 14:57 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1003 2018-01-30 14:56 - 2018-01-30 14:57 - 000002358 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-30 14:56 - 2018-01-30 14:57 - 000000000 ___RD C:\Users\VL\OneDrive 2018-01-30 14:55 - 2018-02-02 20:21 - 000000000 ____D C:\Users\VL\AppData\Local\Packages 2018-01-30 14:55 - 2018-02-02 20:13 - 000000000 ____D C:\Users\VL\AppData\Local\ConnectedDevicesPlatform 2018-01-30 14:55 - 2018-02-02 17:18 - 000000000 ____D C:\Users\VL\AppData\Local\Publishers 2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Roaming\Adobe 2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Local\VirtualStore 2018-01-30 14:55 - 2018-01-30 17:27 - 000000000 ___RD C:\Users\VL\3D Objects 2018-01-30 14:55 - 2018-01-30 14:55 - 000000020 ___SH C:\Users\VL\ntuser.ini 2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ___HD C:\Users\VL\MicrosoftEdgeBackups 2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ____D C:\Users\VL\AppData\Local\MicrosoftEdge 2018-01-30 13:39 - 2018-01-30 13:39 - 000000000 ____D C:\Users\VIV\AppData\Local\NetworkTiles 2018-01-30 11:06 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\PlaceholderTileLogoFolder 2018-01-30 11:05 - 2018-01-30 11:05 - 000000000 ____D C:\Users\VIV\AppData\Local\Comms 2018-01-30 10:51 - 2018-01-30 10:51 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1002 2018-01-30 10:50 - 2018-01-30 10:51 - 000002361 _____ C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-30 10:50 - 2018-01-30 10:51 - 000000000 ___RD C:\Users\VIV\OneDrive 2018-01-30 10:49 - 2018-02-09 11:31 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Adobe 2018-01-30 10:49 - 2018-02-05 15:17 - 000000000 ____D C:\Users\VIV\AppData\Local\Publishers 2018-01-30 10:49 - 2018-02-04 14:51 - 000000000 ____D C:\Users\VIV\AppData\Local\VirtualStore 2018-01-30 10:49 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\Packages 2018-01-30 10:49 - 2018-01-30 17:12 - 000000000 ___RD C:\Users\VIV\3D Objects 2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ___HD C:\Users\VIV\MicrosoftEdgeBackups 2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\MicrosoftEdge 2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\ConnectedDevicesPlatform 2018-01-30 10:48 - 2018-01-30 10:48 - 000000020 ___SH C:\Users\VIV\ntuser.ini 2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2018-01-30 10:38 - 2018-01-30 10:38 - 000000000 ____D C:\ProgramData\USOShared 2018-01-30 10:35 - 2018-02-13 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-01-30 10:35 - 2018-01-30 10:49 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1001 2018-01-30 10:34 - 2018-01-30 10:34 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagwrn.xml 2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagerr.xml 2018-01-30 10:28 - 2018-01-30 10:28 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2018-01-30 10:25 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV 2018-01-30 10:25 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL 2018-01-30 10:23 - 2017-09-29 13:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2018-01-30 10:21 - 2018-02-13 17:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-01-30 10:21 - 2018-02-10 15:36 - 000634176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-29 21:20 - 2018-01-30 10:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2018-01-29 21:20 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2018-01-29 21:06 - 2018-01-29 21:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2018-01-29 20:24 - 2018-01-30 10:37 - 000000000 ___DC C:\WINDOWS\Panther 2018-01-29 20:20 - 2018-01-29 20:24 - 000000036 _____ C:\WINDOWS\progress.ini 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Updater 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Serif 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Open Show 2015 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\sun 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\AKVIS
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VL\Documents\Fax 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Downloads\Driver Support 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Updater 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\RocketLifeNetwork 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\PassMark 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (3) 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (2) 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\DrawPad 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\AdobeStockPhotos 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\.tmp.drivedownload 2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C} 2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\AppData\Roaming\Skype 2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\Adobe PDF 2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Stroud & Swindon 2018-01-29 19:54 - 2018-02-01 09:45 - 000000000 ____D C:\Users\VL\AppData\Local\Google 2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\RookMilanoInstaller 2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\revouninstaller 2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\PDFXVwer 2018-01-29 19:53 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\John Lewis Your receipt_files 2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\HP Downloads 2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Google_files 2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent (1) 2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent 2018-01-29 19:52 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Adobe Acrobat XI Pro 2018-01-29 19:42 - 2018-01-30 10:37 - 000000000 ___HD C:\$GetCurrent 2018-01-29 19:41 - 2018-01-30 10:38 - 000000000 ____D C:\Windows10Upgrade 2018-01-29 19:41 - 2018-01-29 19:41 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2018-01-29 19:39 - 2018-01-29 19:39 - 000000000 ____D C:\Users\VL\Documents\Whisper 2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\VL-HP 2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Travel Docs 2018-01-29 19:32 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Transfer Files from old pc 2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tools 2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site 2006 2018-01-29 19:31 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\samsung 2018-01-29 19:31 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2011 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2010 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbus images 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2011 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls website 2010 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2009 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Symantec 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Stuart 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Soda PDF Files 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\SelfMV 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Scanned Documents 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\recovered photos 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Problems 2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\plusnet 2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Open Show Schedule 2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\OneNote Notebooks 2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\NatWest 2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Nadder Valley Walks 2018-01-29 19:24 - 2018-02-02 14:18 - 000000000 ____D C:\Users\VL\Documents\My PSP8 Files 2018-01-29 19:24 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\My Scans 2018-01-29 19:24 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Kindle Content 2018-01-29 19:20 - 2018-01-30 10:18 - 000000000 ____D C:\Program Files\UNP 2018-01-29 19:20 - 2018-01-29 19:30 - 000000000 ____D C:\Program Files\rempl 2018-01-29 19:20 - 2018-01-29 19:20 - 000000000 ____D C:\WINDOWS\UpdateAssistant 2018-01-29 18:57 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Documents 2 2018-01-29 16:36 - 2018-01-23 18:58 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Digital Editions 2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Data Sources 2018-01-29 16:13 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Backup 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Medical 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Malwarebites 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Mail 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Legend of the Crystal Skull 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2015 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2014 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2013 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2012 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2011 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2010 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2009 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2008 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2007 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2006 2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Handbooks 2018-01-29 16:12 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Dinton WI 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Coventry Building Society – Savings - Your new account details_files 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Correspondence 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christmas letters 2014 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christine 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Cards 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Competition Masters 2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\bowls alpha web site 2008 2018-01-29 16:11 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2015 2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2014 2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2013 2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2012 2018-01-29 16:10 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2011 2018-01-29 16:10 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2010 2018-01-29 16:09 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2009 2018-01-29 16:09 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2008 2018-01-29 16:08 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2007 2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bowling Club Rules 2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bosch 2018-01-29 16:07 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bill 2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Barnsley Building Society 2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Autoruns 2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Andy 2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Allotment Accounts 2018-01-29 16:06 - 2018-01-29 19:58 - 000000000 ____D C:\Users\VL\AppData\Roaming\Thunderbird 2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Documents\PDFelement 2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Desktop\OpenOffice 4.1.1 (en-GB) Installation Files 2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\AppData\Roaming\Mozilla 2018-01-29 16:01 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Skype 2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Software 2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Google 2018-01-29 15:36 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Google 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Vivian Longland_files 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\uninstallview-x64 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\SeatingPlanner_Pro2.0EN 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\produkey-x64 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Malwarebites 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\HP Downloads 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Free File Unlocker Portable 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin10 2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin 10.0.1.0 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\DriveManager_v1.0.175_Full 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\chromecacheview (1) 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\caesium-1.7.0-port 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (2) 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (1) 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Barnsley Building Society 2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Andy 2018-01-29 15:27 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Scanned Documents 2018-01-29 15:27 - 2018-01-29 15:27 - 000000000 ____D C:\Users\VIV\Documents\SelfMV 2018-01-29 15:26 - 2018-01-30 17:26 - 000000000 ____D C:\Users\VIV\Documents\Outlook Files 2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\samsung 2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MyHeritage 2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Remote Assistance Logs 2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Photostage Projects 2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\OneNote Notebooks 2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Norton Identity Safe Backups 2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Smilebox Creations 2018-01-29 15:25 - 2018-02-04 14:39 - 000000000 ____D C:\Users\VIV\Documents\My PSP8 Files 2018-01-29 15:25 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Scans 2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Print Creations 2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Filehippo Downloads 2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\My Digital Editions 2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MailStore Home 2018-01-29 15:24 - 2018-01-29 15:41 - 000000000 ____D C:\Users\VIV\Documents\My Data Sources 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Media 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Mail 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\HpReg_Backup 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Hi Slider 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\FixWin10 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Fax 2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\engine1 2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\data1 2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\chromecacheview (1) 2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\Calendar 2018 2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\bOWLS wEB sITE 2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\3 November 2017 2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Thunderbird 2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Mozilla 2018-01-29 14:40 - 2018-01-29 14:40 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Program Files (x86)\Intel 2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Intel 2018-01-29 14:38 - 2018-02-13 14:43 - 000970010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-29 14:38 - 2018-01-30 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\SRSLabs 2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\Program Files\Realtek 2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Hauppauge 2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\Hauppauge 2018-01-29 14:33 - 2018-01-30 17:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-01-18 15:51 - 2018-01-18 15:51 - 000000000 _____ C:\Users\VIV\Documents\Default.rdp 2018-01-16 14:42 - 2018-01-16 14:44 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331 (1).zip 2018-01-16 14:29 - 2018-01-16 14:32 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331.zip 2018-01-16 14:26 - 2018-01-16 14:28 - 111401136 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\wlsetup-all.exe 2018-01-15 20:31 - 2018-01-15 20:32 - 022532127 _____ C:\Users\VIV\Downloads\d876844b-3c15-4269-9ba7-bf46fca0d58a.tmp 2018-01-15 20:21 - 2018-01-15 20:21 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (14).diagcab 2018-01-15 20:15 - 2018-01-15 20:15 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (13).diagcab 2018-01-15 20:10 - 2018-01-15 20:10 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (12).diagcab 2018-01-15 18:50 - 2018-01-15 18:50 - 001239752 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\pair windows.exe 2018-01-15 15:29 - 2018-01-15 15:29 - 002584494 _____ C:\Users\VIV\Downloads\pdf2doc (1).zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-02-13 16:31 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-02-13 16:24 - 2017-09-29 13:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-02-13 16:23 - 2017-09-29 08:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2018-02-13 14:49 - 2017-09-29 13:44 - 000000000 ____D C:\WINDOWS\INF 2018-02-13 14:44 - 2017-09-29 08:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-02-07 09:43 - 2017-09-29 13:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-02-04 18:54 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Help 2018-02-02 11:53 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\rescache 2018-02-01 15:49 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-02-01 10:01 - 2015-10-30 07:24 - 000000167 _____ C:\WINDOWS\win.ini 2018-02-01 09:49 - 2017-09-29 13:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-02-01 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\appcompat 2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\TextInput 2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Provisioning 2018-01-30 17:08 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-01-30 17:04 - 2015-10-30 18:08 - 000000000 ____D C:\WINDOWS\ShellNew 2018-01-30 15:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Web 2018-01-30 15:06 - 2017-09-29 13:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-01-30 15:06 - 2017-09-29 13:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-01-30 15:06 - 2017-09-29 13:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-01-30 10:38 - 2017-09-29 13:46 - 000000000 ____D C:\ProgramData\USOPrivate 2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Registration 2018-01-30 10:33 - 2017-09-29 13:46 - 000000000 __RHD C:\Users\Public\Libraries 2018-01-30 10:25 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\PrintDialog 2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-01-30 10:20 - 2017-09-29 13:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2018-01-30 10:18 - 2017-09-29 13:49 - 000000000 ____D C:\WINDOWS\Setup 2018-01-30 10:18 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\spool 2018-01-30 10:18 - 2015-10-30 07:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2018-01-29 16:07 - 2015-03-24 10:34 - 000004180 _____ C:\Users\VL\Documents\Re_.eml 2018-01-29 16:07 - 2015-03-24 10:31 - 000010617 _____ C:\Users\VL\Documents\Transcript of your chat.eml 2018-01-29 16:07 - 2014-03-04 10:02 - 000002393 _____ C:\Users\VL\Documents\Patient Access Registration Submitted.eml 2018-01-29 16:07 - 2013-10-28 12:52 - 000007330 _____ C:\Users\VL\Documents\Your Serif.com password.eml 2018-01-29 16:07 - 2013-10-28 12:50 - 000077147 _____ C:\Users\VL\Documents\Photo from 10 Aug 2013.eml 2018-01-29 15:19 - 2018-01-12 15:16 - 000037246 _____ C:\Users\VIV\Documents\Order number 124293921 Your service guarantee.eml 2018-01-29 15:19 - 2017-10-13 16:14 - 000089164 _____ C:\Users\VIV\Documents\Saved emails 2.eml 2018-01-29 15:19 - 2017-10-13 16:13 - 000089164 _____ C:\Users\VIV\Documents\Your M&S order acknowledgement.eml 2018-01-29 15:19 - 2017-10-07 16:58 - 000031567 _____ C:\Users\VIV\Documents\Saved emails.eml 2018-01-29 15:19 - 2015-11-10 14:12 - 000002393 _____ C:\Users\VIV\Documents\Patient Access Registration Submitted.eml 2018-01-29 15:19 - 2015-09-07 18:06 - 000010617 _____ C:\Users\VIV\Documents\Transcript of your chat.eml 2018-01-29 15:18 - 2017-06-18 13:20 - 000012689 _____ C:\Users\VIV\Documents\Fw_ Another go at the photos from allotment bbq.eml 2018-01-14 15:45 - 2015-09-07 14:02 - 000000420 _____ C:\Users\VIV\Desktop\Computer.lnk ==================== Files in the root of some directories ======= 2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ () C:\Users\VIV\AppData\Roaming\signature.txt ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-02-09 12:17 ==================== End of FRST.txt ============================ Now I will do additions
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018 Ran by VIV (13-02-2018 19:36:14) Running from C:\Users\VIV\Desktop Windows 10 Home Version 1709 16299.192 (X64) (2018-01-30 10:37:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1150477090-3809027948-3889013003-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1150477090-3809027948-3889013003-503 - Limited - Disabled) Guest (S-1-5-21-1150477090-3809027948-3889013003-501 - Limited - Disabled) VIV (S-1-5-21-1150477090-3809027948-3889013003-1002 - Administrator - Enabled) => C:\Users\VIV VL (S-1-5-21-1150477090-3809027948-3889013003-1003 - Administrator - Enabled) => C:\Users\VL WDAGUtilityAccount (S-1-5-21-1150477090-3809027948-3889013003-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117} FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.) Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.) Greeting Card Factory Deluxe 7.0 (HKLM-x32\...\{55D6B4DA-50E9-47AF-99C1-9A8E3A234763}) (Version: 7.0.0.11 - Nova Development) iTunes (HKLM\...\{7EE6E263-19DA-4A33-BB8C-9BDC12BA1918}) (Version: 12.7.3.46 - Apple Inc.) Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.3000 - Jasc Software Inc) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LibreOffice 6.0.0.3 (HKLM\...\{DD7E9D37-CA78-459A-8BA8-29BBF29CF257}) (Version: 6.0.0.3 - The Document Foundation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - ) Mozilla Firefox 58.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-GB)) (Version: 58.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla) Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation) Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation) Norton WiFi Privacy (HKLM-x32\...\Norton WiFi Privacy) (Version: 1.2.162 - Symantec Corporation) OpenOffice 4.1.5 (HKLM-x32\...\{708F0253-F566-48F3-9B88-06F48F16548B}) (Version: 4.15.9789 - Apache Software Foundation) Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software) PrintMaster (HKLM-x32\...\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {31A7E136-B553-4B42-B295-2AC1EE53B317} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.) Task: {3EEF8687-4121-414A-8F15-DCAD3AB8B0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {606A7CFB-0BF6-4A5E-AC38-CCB37F46886D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-11] (Symantec Corporation) Task: {6DD5F55C-FF5F-4B87-A6B5-44A5767FD09A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.) Task: {782D2CCB-971C-4FD7-96E4-538DC874846A} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {86732E5A-F919-493B-880D-61FAB22A9A1B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.) Task: {8F24CF9F-E307-42BA-9F57-5B8C1F640A6D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003 Task: {A2F48631-9E08-4A66-9029-11B0E58E1DE0} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {A9B4F320-8754-4769-A4BF-476A66CC1F71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.) Task: {BFECE911-950F-4B12-973E-B0FCB25F27ED} - System32\Tasks\Norton Security Scan for VIV => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation) Task: {C9ABD8F3-388B-4EAA-A1B6-9DCC7DF42596} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {E8919733-2BF1-44FD-B923-85D17C3F67B2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation) Task: {E9520C04-EA3F-4ECA-8547-8875667D6C95} - System32\Tasks\Opera scheduled Autoupdate 1517510963 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software) Task: {F01429E1-6241-465D-9773-0FEBFFEBE0AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.) Task: {FD96073D-183A-48B3-8094-DD588B4DAABC} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-11] (Symantec Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 13:41 - 2017-09-29 13:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2009-12-19 00:18 - 2009-12-19 00:18 - 000420864 _____ () C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\cutil64.dll 2017-08-29 16:02 - 2017-08-29 16:02 - 001363064 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-12-14 01:33 - 2017-12-14 01:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-14 01:33 - 2017-12-14 01:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-30 11:20 - 2018-01-30 11:20 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-01-30 11:20 - 2018-01-30 11:20 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-01-30 11:20 - 2018-01-30 11:20 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-01-30 11:20 - 2018-01-30 11:20 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll 2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll 2007-08-25 01:03 - 2007-08-25 01:03 - 000185664 _____ () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe 2018-02-02 08:50 - 2018-02-02 08:50 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-01-30 11:19 - 2018-01-30 11:20 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-01-30 11:19 - 2018-01-30 11:19 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-09-30 14:37 - 2017-09-30 14:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2018-01-30 11:19 - 2018-01-30 11:20 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll 2018-02-06 15:57 - 2018-02-06 16:02 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll 2018-02-07 13:38 - 2018-02-01 06:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll 2018-02-07 13:38 - 2018-02-01 06:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll 2018-02-01 18:49 - 2018-01-22 06:02 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll 2018-02-01 18:49 - 2018-01-22 06:02 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll 2018-02-01 18:49 - 2018-01-22 06:02 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll 2017-08-29 16:02 - 2017-08-29 16:02 - 000085624 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\ZLIB1.dll 2018-02-10 08:47 - 2018-02-08 20:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-02-10 08:47 - 2018-02-08 20:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-02-02 16:30 - 2018-02-08 20:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2018-02-02 16:30 - 2018-02-08 20:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2018-02-02 16:30 - 2018-02-08 20:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2018-02-02 16:30 - 2018-02-08 20:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2018-02-02 16:30 - 2018-02-08 20:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2018-02-02 16:30 - 2018-02-08 20:12 - 000100704 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2018-02-02 16:30 - 2018-02-08 20:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2018-02-02 16:30 - 2018-02-08 20:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-02-10 08:47 - 2018-02-08 20:12 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2018-02-10 08:47 - 2018-02-08 20:10 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-02-02 16:30 - 2018-02-08 20:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-02-10 08:47 - 2018-02-08 20:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-02-10 08:47 - 2018-02-08 20:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2017-11-27 21:03 - 2017-11-27 21:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll 2017-11-04 20:57 - 2017-11-04 20:57 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll 2017-11-04 20:57 - 2017-11-04 20:57 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 07:24 - 2015-10-30 07:21 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\VIV\Pictures\WallPaper\Grandad and Abs.JPG DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "iTunesHelper" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{5A897D85-AEB7-42B6-B976-4E24357D5C93}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe FirewallRules: [UDP Query User{63711DFC-D477-4057-B496-CB6DBED8248C}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe FirewallRules: [{E6370C48-C939-40EA-AEC5-5D7A2AC3F228}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{E57F0676-9E6F-4C90-8169-77848BDB441F}] => (Allow) LPort=2869 FirewallRules: [{B1948805-471A-4942-B99D-84EEB52B1EE5}] => (Allow) LPort=1900 FirewallRules: [{75DB82AE-0838-4091-AE72-3182C71B70CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{2366D8C2-7251-490E-981E-CB5B5FAB616A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3772E7C4-B09C-4D15-ABEC-5C46F5EF450A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E2E37B12-1EFF-4800-A200-1C489002A72B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{995D74BC-9C2E-4C42-B964-101BC41092FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6CC6C1B3-9509-4099-8DA4-76CEF93C4ED7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{52971463-FF9B-47B3-992F-894689DE941D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{D79DEAC9-6EC0-4B9A-A1C7-1A826AFA652F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{CE538B16-5F95-4873-AA99-8095D1B7E4BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{34230887-2B6E-4998-B3AA-2D19A3FEBD49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{9B39BF6F-BB10-423F-9531-CC9DFBE5E5C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4100553D-5B0D-4D9B-814D-B755498D2FA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{848C261F-8565-4C59-9E1A-0E1DA4B99187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{1CB27F01-5E6E-461D-9CC5-FC8CBA09E1A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F479254F-644A-4303-A629-D70E2C4300E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{4AB9DFBE-FED6-4857-9FD8-92EB6935A210}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{8741FCF8-BA71-4688-8265-6E684C52620A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{7E078FF9-ACEB-4768-ADF6-BCF930770565}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{763A3A0D-6FCA-4DC1-9317-F9814F8E7516}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{854426F9-8B99-4731-8B1B-40E1B25EA71A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F08271E9-CBB7-4371-A1B6-D73275B421D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{52BDFB19-D433-4285-90B7-26195FA7DBEB}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{5AD600CC-3975-43DF-BED3-B2EBF89E6AD6}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe FirewallRules: [{BD003532-A4D4-4FDC-B6DF-D21D67B65486}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{EA6000F4-9CEA-475D-AD6C-70D674C26E39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AAF058CA-02D7-4F7A-BAD3-1B54012AF260}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 02-02-2018 11:21:41 New Hard Drive 07-02-2018 09:43:17 Windows Update 09-02-2018 17:03:18 Installed LibreOffice 6.0.0.3 13-02-2018 16:58:08 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/13/2018 02:41:37 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating Norton Security status to SECURITY_PRODUCT_STATE_EXPIRED. Error: (02/11/2018 04:33:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000 Faulting module name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00052bda Faulting process ID: 0x824 Faulting application start time: 0x01d3a3548f7e7f6a Faulting application path: C:\Program Files (x86)\Claws Mail\claws-mail.exe Faulting module path: C:\Program Files (x86)\Claws Mail\claws-mail.exe Report ID: 2d2dc7bd-4f83-4f6a-94d3-22619f1dbd26 Faulting package full name: Faulting package-relative application ID: Error: (02/11/2018 09:59:37 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program ShellExperienceHost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2084 Start Time: 01d3a31ef6420944 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Report Id: 3f0934a6-80d1-4cb7-8cee-a3cd719f9349 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (02/11/2018 09:59:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1FFI7T5) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (02/06/2018 02:44:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: WINWORD.EXE, version: 14.0.7192.5000, time stamp: 0x5a346f59 Faulting module name: wwlib.dll, version: 14.0.7192.5000, time stamp: 0x5a346f8b Exception code: 0xc0000005 Fault offset: 0x00038fee Faulting process ID: 0x67c Faulting application start time: 0x01d39f538b9bb112 Faulting application path: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE Faulting module path: C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll Report ID: 45df28d7-2b16-4560-aa32-c8d6fcd00c36 Faulting package full name: Faulting package-relative application ID: Error: (02/04/2018 11:04:25 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/04/2018 11:03:25 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2018 04:15:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: operamail.exe, version: 1.0.1044.0, time stamp: 0x56aa20ee Faulting module name: OperaMail.dll, version: 1.0.1044.0, time stamp: 0x56aa23cd Exception code: 0x40000015 Fault offset: 0x009b92fd Faulting process ID: 0x16ec Faulting application start time: 0x01d39d08c4b02af2 Faulting application path: C:\Users\VL\AppData\Local\Opera Mail\operamail.exe Faulting module path: C:\Users\VL\AppData\Local\Opera Mail\OperaMail.dll Report ID: a8526789-486e-4512-ad09-87eef4c07106 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (02/13/2018 07:22:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 06:34:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:32:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/13/2018 04:22:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FFI7T5) Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. Windows Defender: =================================== Date: 2018-02-01 16:02:17.548 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {F243EC95-9A98-4EA5-8B66-73815250BE98} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-01 15:55:43.185 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {EECF3334-B9B4-422F-B818-F578D86FB490} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-02-01 15:48:11.240 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.610.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-01 15:48:11.240 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 118.2.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 2.1.14202.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-01 15:48:11.234 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.610.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-01 15:48:11.234 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.610.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-02-01 15:48:11.234 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.261.610.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14500.5 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =================================== Date: 2018-02-13 19:33:55.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 19:33:55.598 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 19:03:11.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 19:03:11.536 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 18:42:51.688 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 18:42:51.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 18:42:51.679 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-13 18:42:51.676 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Percentage of memory in use: 58% Total physical RAM: 6048.81 MB Available physical RAM: 2520.78 MB Total Virtual: 7008.81 MB Available Virtual: 1849.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:918.8 GB) (Free:705.91 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:11.75 GB) (Free:1.38 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{0d8962b0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{0d8962b0-0000-0000-0000-c0d2e5000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D8962B0) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=918.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=478 MB) - (Type=27) Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
Please, observe following rules: Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer. If you're stuck, or you're not sure about certain step, always ask before doing anything else. Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest. Never run more than one scan at a time. Keep updating me regarding your computer behavior, good, or bad. The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know. If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum. I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me. ===================================== So far I don't see any signs of any rootkit but we'll run some checks. Who told you about that rootkit? Create new restore point before proceeding with the next step.... How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/ Download Malwarebytes Anti-Rootkit (MBAR) to your desktop. Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights. Double click on downloaded file. OK self extracting prompt. MBAR will start. Click "Next" to continue. Click in the following screen "Update" to obtain the latest malware definitions. Once the update is complete select "Next" and click "Scan". When the scan is finished and no malware has been found select "Exit". If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer. Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply: "mbar-log-{date} (xx-xx-xx).txt" "system-log.txt" NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
Thanks Broni - you'll be annoyed with me about this but apparently the Norton phone number I was given was a scam and I fell for it!!!! I feel very ashamed. I got on to my Bank fraud department and they said that I had to check with Norton which of course I did and have spent 2 hours with them resolving the problem and they assure me there is no trojan and they eventually managed to get my Security suite up and running, I am really, really sorry but as you can imagine it was very worrying and I could kick myself for falling for it. I know you say we should not do anything once we have contacted you but in this case I felt following my banks instructions was what I had to do
Look, no reason to apologize. You have to be so vigilant in today's computer world and sometimes we lower our guard and bad thing happen. I'm glad everything ended up OK for you