1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Resolved] Alureon trojan

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by White surfer, Feb 13, 2018.

  1. White surfer

    White surfer Established Techie7 Member

    I was having difficulty installing Norton Security and eventually they told me my pc was very badly infected with Alureon and it needed to be removed very quickly! I have, in the last 10 days had a new hard drive and am amazed that all the problems they found were there. I have only a day left on my Norton security so need to do something in a hurry - any help very, very welcome. I am pasting FRST and Additions as requested
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
    Ran by VIV (administrator) on DESKTOP-1FFI7T5 (13-02-2018 19:35:05)
    Running from C:\Users\VIV\Desktop
    Loaded Profiles: VIV (Available Profiles: VIV & VL)
    Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================
    I will continue on page 2
     
  2. White surfer

    White surfer Established Techie7 Member

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Mirics Semiconductor Ltd) C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    () C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
    (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxAccounts.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
    HKLM-x32\...\Run: [ReminderApp] => C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe [185664 2007-08-25] ()
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-08] (Dropbox, Inc.)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-02]
    ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2018-02-02]
    ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\Broderbund\PrintMaster\PMremind.exe (TLC Multimedia Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{73e83076-693c-4d47-89f6-b6f4414bcadc}: [DhcpNameServer] 192.168.1.254

    Internet Explorer:
    ==================
    SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869
    SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869
    BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default [2018-01-29]
    FF Extension: (Dashlane) - C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default\Extensions\jetpack-extension@dashlane.com.xpi [2017-12-13]
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default [2018-02-13]
    CHR Extension: (Norton Security Toolbar) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-02-04]
    CHR Extension: (Norton Identity Safe) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-30]
    CHR Extension: (Chrome Media Router) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13]
    CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

    Opera:
    =======
    OPR StartupUrls: "chrome://startpage/"
    OPR Session Restore: -> is enabled.
    OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2018-01-29]
    OPR Extension: (Dashlane - Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2018-02-05]
    OPR Extension: (LastPass: Free Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2018-01-29]
    OPR Extension: (Install Chrome Extensions) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-01-29]
    OPR Extension: (F.B.(FluffBusting)Purity) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppldhdmhmdcedddamaddkbbakkfhgeeo [2018-02-05]
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-08] (Dropbox, Inc.)
    R2 hcwD3bda_dvbt; C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2641920 2010-12-16] (Mirics Semiconductor Ltd)
    R2 NortonWiFiPrivacy; C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe [1363064 2017-08-29] ()
    R2 NS; C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor)
    S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-30] (Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-30] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\BASHDefs\20180210.001\BHDrvx64.sys [1879632 2018-02-10] (Symantec Corporation)
    R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-02-13] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-02-13] (Symantec Corporation)
    R3 hcwD3bda; C:\WINDOWS\system32\DRIVERS\hcwD3bda64.sys [116352 2010-06-29] (Mirics)
    R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\IPSDefs\20180212.001\IDSvia64.sys [1056920 2018-02-12] (Symantec Corporation)
    R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek )
    R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
    R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
    R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
    S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
    R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2018-02-13] (Symantec Corporation)
    R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
    R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-01-30] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-01-30] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-30] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================
     
  3. White surfer

    White surfer Established Techie7 Member

    If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-02-13 19:35 - 2018-02-13 19:35 - 000017272 _____ C:\Users\VIV\Desktop\FRST.txt
    2018-02-13 19:34 - 2018-02-13 19:35 - 000000000 ____D C:\FRST
    2018-02-13 19:31 - 2018-02-13 19:31 - 002405376 _____ (Farbar) C:\Users\VIV\Desktop\FRST64.exe
    2018-02-13 19:25 - 2018-02-13 19:26 - 000244472 _____ C:\TDSSKiller.3.1.0.16_13.02.2018_19.25.22_log.txt
    2018-02-13 19:24 - 2018-02-13 19:25 - 004944584 _____ (AO Kaspersky Lab) C:\Users\VIV\Downloads\tdsskiller.exe
    2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoToAssist Remote Support Customer
    2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoTo Opener
    2018-02-13 16:48 - 2018-02-13 16:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2018-02-13 16:24 - 2018-02-13 16:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
    2018-02-13 16:24 - 2018-02-13 16:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
    2018-02-13 16:10 - 2018-02-13 16:10 - 000602568 _____ C:\Users\VIV\Downloads\Reference #129557736_ Your order of Creativemark's products.mbs
    2018-02-13 15:32 - 2018-02-13 15:32 - 000004354 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for VIV
    2018-02-13 15:32 - 2018-02-13 15:32 - 000001541 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
    2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
    2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
    2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
    2018-02-13 15:25 - 2018-02-13 15:25 - 000047254 _____ C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software.html
    2018-02-13 15:25 - 2018-02-13 15:25 - 000000000 ____D C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software_files
    2018-02-13 14:49 - 2018-02-13 14:49 - 000001331 _____ C:\Users\VIV\Desktop\Norton WiFi Privacy.lnk
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton WiFi Privacy
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Local\Norton WiFi Privacy
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.QtWebEngineProcess
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.Norton WiFi Privacy
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\NWPService
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\Norton WiFi Privacy
    2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Program Files (x86)\Norton WiFi Privacy
    2018-02-13 14:43 - 2018-02-13 16:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
    2018-02-13 14:41 - 2018-02-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2018-02-13 14:39 - 2018-02-13 16:24 - 000002315 _____ C:\Users\Public\Desktop\Norton Security.lnk
    2018-02-13 14:39 - 2018-02-13 16:22 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
    2018-02-13 14:39 - 2018-02-13 16:22 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
    2018-02-13 14:39 - 2018-02-13 14:39 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO1d56.tmp
    2018-02-13 14:39 - 2018-02-13 14:39 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
    2018-02-13 14:37 - 2018-02-13 16:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
    2018-02-13 14:37 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
    2018-02-13 14:37 - 2018-02-13 14:38 - 000000000 ____D C:\Program Files\Norton Security
    2018-02-13 14:25 - 2018-02-13 16:25 - 000001336 _____ C:\Users\VIV\Desktop\Norton Installation Files.lnk
    2018-02-13 14:25 - 2018-02-13 14:26 - 077776528 _____ C:\Users\VIV\Downloads\NortonWiFiPrivacy 2018.exe
    2018-02-13 14:25 - 2018-02-13 14:25 - 001101088 _____ (Symantec Corporation) C:\Users\VIV\Downloads\NSDeluxeDownloader 2018.exe
    2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ C:\Users\VIV\AppData\Roaming\signature.txt
    2018-02-11 15:29 - 2018-02-11 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\tovi80alpha@gmail.com
    2018-02-11 14:52 - 2018-02-11 14:52 - 000000000 ____D C:\Users\VIV\AppData\Local\enchant
    2018-02-11 14:45 - 2018-02-11 14:45 - 000000000 ____D C:\Users\VIV\VCF
    2018-02-11 14:26 - 2018-02-11 16:58 - 000000000 ____D C:\Users\VIV\AppData\Roaming\&tovil
    2018-02-11 14:21 - 2018-02-11 17:13 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Claws-mail
    2018-02-11 14:17 - 2018-02-11 14:18 - 025124405 _____ (claws-mail.org) C:\Users\VIV\Downloads\claws-mail-3.16.0-1-32bit.exe
    2018-02-10 15:45 - 2018-02-10 15:45 - 000000000 ____D C:\Users\VIV\Desktop\New folder
    2018-02-10 15:30 - 2018-02-10 15:41 - 000012418 _____ C:\Users\VIV\Desktop\Book1.xlsx
    2018-02-10 15:17 - 2018-02-10 17:16 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Mozilla
    2018-02-10 15:16 - 2018-02-10 15:23 - 000000000 ____D C:\Users\VIV\AppData\Local\Thunderbird
    2018-02-10 15:15 - 2018-02-10 15:15 - 040314920 _____ (Mozilla) C:\Users\VIV\Downloads\Thunderbird Setup 52.6.0.exe
    2018-02-10 14:46 - 2018-02-10 14:46 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (2).adr
    2018-02-10 14:42 - 2018-02-10 14:42 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (1).adr
    2018-02-10 14:34 - 2018-02-10 14:34 - 000005935 _____ C:\Users\VIV\Desktop\contacts saturday.csv
    2018-02-10 13:55 - 2018-02-10 13:55 - 000036864 _____ C:\Users\VIV\Desktop\Agenda feb 2018-1.dot
    2018-02-10 08:48 - 2018-02-10 08:48 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
    2018-02-10 08:48 - 2018-02-10 08:48 - 000002207 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
    2018-02-10 08:48 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files\Google
    2018-02-10 08:47 - 2018-02-10 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2018-02-09 17:16 - 2018-02-09 17:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\LibreOffice
    2018-02-09 17:07 - 2018-02-09 17:07 - 000001179 _____ C:\Users\Public\Desktop\LibreOffice 6.0.lnk
    2018-02-09 17:07 - 2018-02-09 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
    2018-02-09 17:05 - 2018-02-09 17:06 - 000000000 ____D C:\Program Files\LibreOffice
    2018-02-09 16:51 - 2018-02-09 16:57 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64 (1).msi
    2018-02-09 16:49 - 2018-02-09 16:54 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64.msi
    2018-02-09 16:43 - 2018-02-09 16:47 - 273948672 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.1_Win_x64.msi
    2018-02-09 15:56 - 2018-02-09 15:56 - 000112644 _____ C:\Users\VIV\Desktop\Valuation Day Poster.pdf
    2018-02-08 20:10 - 2018-02-08 20:10 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2018-02-08 20:10 - 2018-02-08 20:10 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2018-02-08 16:33 - 2018-02-09 11:10 - 000118272 _____ C:\Users\VIV\Desktop\Group Meeting A4.pub
    2018-02-05 17:04 - 2018-02-05 17:04 - 000001444 _____ C:\Users\VIV\Desktop\Candy Crush Saga (3).lnk
    2018-02-05 15:22 - 2018-02-05 15:22 - 000000000 ____D C:\Users\VIV\AppData\Local\HP
    2018-02-05 15:09 - 2018-02-08 16:33 - 000128512 _____ C:\Users\VIV\Desktop\santa with Scroll.pub
    2018-02-04 17:21 - 2018-02-04 17:21 - 003511808 _____ C:\Users\VIV\Desktop\3 Valleys Silver.pub
    2018-02-04 16:52 - 2018-02-04 16:52 - 000000000 ____D C:\Users\VIV\AppData\Local\Apple
    2018-02-04 16:50 - 2018-02-04 17:26 - 003503104 _____ C:\Users\VIV\Desktop\A5.pub
    2018-02-04 11:03 - 2018-02-04 11:03 - 000000000 ____D C:\Users\VIV\AppData\Local\Nova Development
    2018-02-04 11:00 - 2018-02-04 11:00 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Jasc Software Inc
    2018-02-03 16:15 - 2018-02-11 16:33 - 000000000 ____D C:\Users\VIV\AppData\Local\CrashDumps
    2018-02-03 16:15 - 2018-02-03 16:15 - 000000000 ____D C:\Users\VIV\AppData\Local\DBG
    2018-02-03 12:12 - 2018-02-03 12:12 - 000003463 _____ C:\Users\VIV\Downloads\importedcontacts.adr
    2018-02-03 12:01 - 2018-02-10 14:31 - 000001726 _____ C:\Users\VIV\Desktop\contacts 1.csv
    2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Mail
    2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Mail
    2018-02-02 20:40 - 2018-02-02 20:40 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0 (2).lnk
    2018-02-02 20:22 - 2018-02-02 20:22 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Software
    2018-02-02 20:19 - 2018-02-02 20:19 - 000002748 _____ C:\Users\VIV\Desktop\Microsoft Publisher 2010.lnk
    2018-02-02 20:19 - 2018-02-02 20:19 - 000001244 _____ C:\Users\VIV\Desktop\Adobe Photoshop 7.0.lnk
    2018-02-02 20:15 - 2018-02-02 20:15 - 000000000 ____D C:\Users\VIV\AppData\Local\Dropbox
    2018-02-02 16:36 - 2018-02-02 16:51 - 000000000 ___RD C:\Users\VL\Dropbox
    2018-02-02 16:35 - 2018-02-02 16:35 - 000001335 _____ C:\Users\VIV\Dropbox.lnk
    2018-02-02 16:28 - 2018-02-02 16:28 - 000000000 ____D C:\Users\VL\AppData\Roaming\Dropbox
    2018-02-02 16:27 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2018-02-02 16:27 - 2018-02-02 18:14 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2018-02-02 16:27 - 2018-02-02 18:14 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2018-02-02 16:27 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL\AppData\Local\Dropbox
    2018-02-02 16:27 - 2018-02-02 16:27 - 000003992 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2018-02-02 16:27 - 2018-02-02 16:27 - 000003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2018-02-02 16:27 - 2018-02-02 16:27 - 000000000 ____D C:\ProgramData\Dropbox
    2018-02-02 16:26 - 2018-02-02 16:26 - 000690080 _____ (Dropbox, Inc.) C:\Users\VL\Downloads\DropboxInstaller (1).exe
    2018-02-02 16:14 - 2018-02-02 16:14 - 000002097 _____ C:\Users\VIV\Windows Restore.lnk
    2018-02-02 16:08 - 2018-02-02 16:08 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0.lnk
    2018-02-02 15:03 - 2018-02-02 15:03 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2018-02-02 14:58 - 2018-02-02 14:58 - 000007227 _____ C:\Users\VL\Downloads\importedcontacts (4).adr
    2018-02-02 14:53 - 2018-02-02 14:56 - 137329840 _____ (Microsoft Corporation) C:\Users\VL\Downloads\wlsetup-all.exe
    2018-02-02 14:52 - 2018-02-02 14:52 - 000002793 _____ C:\Users\Public\Desktop\Greeting Card Factory Deluxe.lnk
    2018-02-02 14:52 - 2018-02-02 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development
    2018-02-02 14:44 - 2018-02-02 14:44 - 000000000 ____D C:\Program Files (x86)\Nova Development
    2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Web Publish
    2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 _____ C:\WINDOWS\wplog.txt
    2018-02-02 14:28 - 2001-02-26 18:58 - 000237568 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlUp.dll
    2018-02-02 14:28 - 2001-02-23 09:56 - 000184320 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlDn.dll
    2018-02-02 14:26 - 2018-02-02 14:26 - 000001844 _____ C:\Users\Public\Desktop\PrintMaster 11.lnk
    2018-02-02 14:26 - 2018-02-02 14:26 - 000000175 _____ C:\Users\Public\Desktop\ExpressIt.com.url
    2018-02-02 14:26 - 2018-02-02 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMaster
    2018-02-02 14:25 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Broderbund
    2018-02-02 14:25 - 2018-02-02 14:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2018-02-02 14:25 - 2001-02-27 17:08 - 000745472 ____N () C:\WINDOWS\SysWOW64\PMAppBuilder.dll
    2018-02-02 14:25 - 2001-02-27 17:07 - 000090112 ____N () C:\WINDOWS\SysWOW64\PMovieServer.dll
    2018-02-02 14:25 - 2001-02-27 17:07 - 000045056 ____N (The Learning Company, Inc.) C:\WINDOWS\SysWOW64\ImportClient.dll
    2018-02-02 14:25 - 2001-02-27 16:53 - 000081920 ____N C:\WINDOWS\SysWOW64\CONNMGR.OCX
    2018-02-02 14:25 - 2000-11-07 17:08 - 000073728 _____ (Mattel Interactive, Inc.) C:\WINDOWS\SysWOW64\ImageServerMI.dll
    2018-02-02 14:25 - 2000-06-20 01:33 - 000045936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltvdd11w.drv
    2018-02-02 14:25 - 2000-06-20 01:32 - 000392192 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltkrn11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000285184 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP11n.DLL
    2018-02-02 14:25 - 2000-06-20 01:32 - 000262656 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000172032 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpng11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000152064 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lftif11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000127488 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltimg11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000118784 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltfil11n.DLL
    2018-02-02 14:25 - 2000-06-20 01:32 - 000081408 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lffax11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000059392 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwmf11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpsd11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000041472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfgif11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfbmp11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcx11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfeps11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwpg11n.dll
    2018-02-02 14:25 - 2000-06-20 01:32 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcd11n.dll
    2018-02-02 14:25 - 2000-01-19 11:30 - 000053248 _____ () C:\WINDOWS\SysWOW64\PretzelSpellCheck.dll
    2018-02-02 14:25 - 2000-01-19 10:21 - 000114176 _____ (Wintertree Software Inc.) C:\WINDOWS\SysWOW64\SSCE4132.DLL
    2018-02-02 14:25 - 1999-04-21 05:08 - 000029184 ____N (Blue Sky Software) C:\WINDOWS\SysWOW64\Popup.ocx
    2018-02-02 14:17 - 2018-02-04 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
    2018-02-02 14:17 - 2018-02-02 14:17 - 000002711 _____ C:\Users\Public\Desktop\Jasc Paint Shop Pro 8.lnk
    2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Users\VL\AppData\Roaming\Jasc Software Inc
    2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Program Files (x86)\Jasc Software Inc
    2018-02-02 14:13 - 2018-02-02 14:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Macromedia
    2018-02-02 14:12 - 2018-02-02 14:12 - 000001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
    2018-02-02 14:12 - 2018-02-02 14:12 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
    2018-02-02 14:02 - 2018-02-02 14:02 - 000001331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2.0.lnk
    2018-02-02 14:02 - 2018-02-02 14:02 - 000001319 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 2.0.lnk
    2018-02-02 14:01 - 2002-07-17 02:18 - 000087392 ____N (Twain Working Group) C:\WINDOWS\twain.dll
    2018-02-02 14:00 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
    2018-02-01 20:26 - 2018-02-01 20:26 - 000007239 _____ C:\Users\VL\Downloads\importedcontacts (3).adr
    2018-02-01 20:17 - 2018-02-01 20:17 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (2).adr
    2018-02-01 20:04 - 2018-02-01 20:04 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (1).adr
    2018-02-01 19:59 - 2018-02-01 19:59 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts.adr
    2018-02-01 19:52 - 2018-02-01 20:10 - 000005190 _____ C:\Users\VL\Desktop\contacts.csv
    2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\DBG
    2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\CrashDumps
    2018-02-01 19:13 - 2018-02-02 20:40 - 000002186 _____ C:\Users\VIV\Opera Mail.lnk
    2018-02-01 19:13 - 2018-02-01 19:13 - 012218880 _____ (Opera Software ASA) C:\Users\VL\Downloads\Opera-Mail-1.0-1044.i386.exe
    2018-02-01 19:13 - 2018-02-01 19:13 - 000002037 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Mail.lnk
    2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Mail
    2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Mail
    2018-02-01 18:49 - 2018-02-01 18:49 - 000003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517510963
    2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\Users\Public\Desktop\Opera browser.lnk
    2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
    2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Software
    2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Software
    2018-02-01 18:48 - 2018-02-01 18:49 - 000000000 ____D C:\Program Files\Opera
    2018-02-01 18:47 - 2018-02-01 18:47 - 001269744 _____ (Opera Software) C:\Users\VL\Downloads\OperaSetup.exe
    2018-02-01 18:40 - 2018-02-01 18:40 - 000000000 ____D C:\Users\VL\AppData\Local\NetworkTiles
    2018-02-01 18:31 - 2018-02-01 18:31 - 000002752 _____ C:\Users\VIV\Microsoft Word 2010.lnk
    2018-02-01 18:30 - 2018-02-01 18:30 - 000002748 _____ C:\Users\VIV\Microsoft Publisher 2010.lnk
    2018-02-01 18:30 - 2018-02-01 18:30 - 000002714 _____ C:\Users\VIV\Microsoft Excel 2010.lnk
    2018-02-01 18:22 - 2018-02-02 15:03 - 000000000 ____D C:\Users\VL\AppData\Local\Windows Live
    2018-02-01 17:04 - 2018-02-01 17:04 - 000000000 ____D C:\Program Files\Common Files\AV
    2018-02-01 16:34 - 2018-02-13 16:24 - 000000000 ____D C:\ProgramData\NortonInstaller
    2018-02-01 16:32 - 2018-02-13 16:25 - 000000000 ____D C:\ProgramData\Norton
    2018-02-01 16:32 - 2018-02-13 14:25 - 000000000 ____D C:\Users\Public\Downloads\Norton
    2018-02-01 16:32 - 2018-02-01 16:32 - 000001336 _____ C:\Users\VL\Desktop\Norton Installation Files.lnk
    2018-02-01 09:49 - 2018-02-01 09:49 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Apple Computer
    2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Apple Computer
    2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iTunes
    2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iPod
    2018-02-01 09:48 - 2018-02-01 09:48 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\pss
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Users\VL\AppData\Local\Apple
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Common Files\Apple
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Bonjour
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Bonjour
    2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2018-02-01 09:47 - 2018-02-01 09:48 - 000000000 ____D C:\ProgramData\Apple
    2018-02-01 09:46 - 2018-02-01 09:46 - 000001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.5.lnk
    2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
    2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
    2018-02-01 09:44 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Skype
    2018-02-01 09:43 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Package Cache
    2018-02-01 09:41 - 2018-02-01 09:41 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files\VideoLAN
    2018-02-01 09:40 - 2018-02-01 09:40 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
    2018-02-01 09:40 - 2018-02-01 09:40 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
    2018-02-01 09:40 - 2018-02-01 09:40 - 000000000 ____D C:\Users\VL\AppData\Roaming\TeamViewer
    2018-02-01 09:39 - 2018-02-11 17:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-02-01 09:39 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2018-02-01 09:39 - 2018-02-01 09:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2018-02-01 09:39 - 2018-02-01 09:39 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
    2018-02-01 09:38 - 2018-02-01 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2018-02-01 09:37 - 2018-02-01 09:37 - 000425304 _____ (Secure By Design Inc.) C:\Users\VL\Downloads\Ninite Firefox Google Earth OpenOffice Skype Installer.exe
    2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2018-01-30 17:30 - 2018-02-01 15:54 - 000003280 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003
    2018-01-30 17:28 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\CEF
    2018-01-30 17:27 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\Adobe
    2018-01-30 17:27 - 2018-01-30 17:27 - 000000000 ____D C:\Users\VL\AppData\LocalLow\Adobe
    2018-01-30 17:25 - 2018-01-30 17:25 - 000001358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2018-01-30 17:25 - 2018-01-30 17:25 - 000000000 ____D C:\Program Files\Windows Live
    2018-01-30 17:24 - 2018-02-02 15:03 - 000000000 ____D C:\Program Files (x86)\Windows Live
    2018-01-30 17:24 - 2018-01-29 20:10 - 000001895 _____ C:\Users\VIV\Documents\ProduKey.txt
    2018-01-30 17:24 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2018-01-30 17:24 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2018-01-30 17:24 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2018-01-30 17:24 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2018-01-30 17:24 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2018-01-30 17:24 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2018-01-30 17:24 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2018-01-30 17:24 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2018-01-30 17:23 - 2018-02-05 14:16 - 000000000 ____D C:\Users\VIV\AppData\Local\Windows Live
    2018-01-30 17:23 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2018-01-30 17:23 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2018-01-30 17:23 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2018-01-30 17:23 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2018-01-30 17:20 - 2018-01-30 17:20 - 000002714 _____ C:\Users\VIV\Desktop\Microsoft Excel 2010.lnk
    2018-01-30 17:19 - 2018-01-30 17:19 - 000002752 _____ C:\Users\VIV\Desktop\Microsoft Word 2010.lnk
    2018-01-30 17:12 - 2018-02-06 02:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2018-01-30 17:12 - 2018-02-06 02:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\Reference Assemblies
    2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\MSBuild
    2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2018-01-30 17:04 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
    2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\WINDOWS\PCHEALTH
    2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
    2018-01-30 17:00 - 2018-01-30 17:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2018-01-30 16:59 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 __RHD C:\MSOCache
    2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files\Microsoft Office
    2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
    2018-01-30 16:42 - 2018-01-30 16:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
    2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Temp
    2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\Local\Microsoft Help
    2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Adobe
    2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\CEF
    2018-01-30 16:17 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Google
    2018-01-30 16:17 - 2018-02-07 13:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-30 16:17 - 2018-02-07 13:38 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-01-30 16:17 - 2018-01-30 17:27 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2018-01-30 16:17 - 2018-01-30 17:27 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2018-01-30 16:17 - 2018-01-30 16:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
     
  4. White surfer

    White surfer Established Techie7 Member

    018-01-30 16:16 - 2018-02-02 14:11 - 000000000 ____D C:\Program Files (x86)\Adobe
    2018-01-30 16:16 - 2018-01-30 16:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2018-01-30 16:16 - 2018-01-30 16:24 - 000000000 ____D C:\ProgramData\Adobe
    2018-01-30 16:16 - 2018-01-30 16:16 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2018-01-30 16:14 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Adobe
    2018-01-30 16:13 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2018-01-30 16:13 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2018-01-30 16:13 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2018-01-30 16:13 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2018-01-30 16:13 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2018-01-30 16:13 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2018-01-30 16:10 - 2018-01-30 16:10 - 000001323 _____ C:\Users\VIV\Desktop\Internet Explorer.lnk
    2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\ProgramData\SystemAcCrux
    2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\Program Files (x86)\EaseUS
    2018-01-30 15:14 - 2018-01-30 15:16 - 000000000 ____D C:\WINDOWS\system32\MRT
    2018-01-30 15:14 - 2018-01-30 15:14 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2018-01-30 15:13 - 2018-01-30 15:13 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2018-01-30 15:12 - 2018-02-02 20:39 - 000000000 ____D C:\Users\VL\AppData\Local\PlaceholderTileLogoFolder
    2018-01-30 15:11 - 2018-02-02 14:23 - 000000000 ____D C:\Users\VL\AppData\Local\Comms
    2018-01-30 15:03 - 2018-01-01 17:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
    2018-01-30 15:03 - 2018-01-01 12:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2018-01-30 15:03 - 2018-01-01 12:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2018-01-30 15:03 - 2018-01-01 12:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
    2018-01-30 15:03 - 2018-01-01 12:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2018-01-30 15:03 - 2018-01-01 12:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2018-01-30 15:03 - 2018-01-01 12:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2018-01-30 15:03 - 2018-01-01 12:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2018-01-30 15:03 - 2018-01-01 12:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
    2018-01-30 15:03 - 2018-01-01 12:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2018-01-30 15:03 - 2018-01-01 12:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2018-01-30 15:03 - 2018-01-01 12:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
    2018-01-30 15:03 - 2018-01-01 12:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2018-01-30 15:03 - 2018-01-01 12:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2018-01-30 15:03 - 2018-01-01 12:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2018-01-30 15:03 - 2018-01-01 12:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2018-01-30 15:03 - 2018-01-01 12:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
    2018-01-30 15:03 - 2018-01-01 12:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2018-01-30 15:03 - 2018-01-01 12:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2018-01-30 15:03 - 2018-01-01 12:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2018-01-30 15:03 - 2018-01-01 12:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2018-01-30 15:03 - 2018-01-01 12:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
    2018-01-30 15:03 - 2018-01-01 12:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2018-01-30 15:03 - 2018-01-01 12:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2018-01-30 15:03 - 2018-01-01 12:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2018-01-30 15:03 - 2018-01-01 12:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2018-01-30 15:03 - 2018-01-01 12:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2018-01-30 15:03 - 2018-01-01 12:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2018-01-30 15:03 - 2018-01-01 12:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2018-01-30 15:03 - 2018-01-01 12:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2018-01-30 15:03 - 2018-01-01 12:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2018-01-30 15:03 - 2018-01-01 12:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
    2018-01-30 15:03 - 2018-01-01 12:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2018-01-30 15:03 - 2018-01-01 12:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2018-01-30 15:03 - 2018-01-01 12:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2018-01-30 15:03 - 2018-01-01 12:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2018-01-30 15:03 - 2018-01-01 12:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
    2018-01-30 15:03 - 2018-01-01 12:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2018-01-30 15:03 - 2018-01-01 12:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2018-01-30 15:03 - 2018-01-01 12:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2018-01-30 15:03 - 2018-01-01 12:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2018-01-30 15:03 - 2018-01-01 12:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2018-01-30 15:03 - 2018-01-01 12:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2018-01-30 15:03 - 2018-01-01 12:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2018-01-30 15:03 - 2018-01-01 12:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2018-01-30 15:03 - 2018-01-01 12:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
    2018-01-30 15:03 - 2018-01-01 12:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2018-01-30 15:03 - 2018-01-01 12:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2018-01-30 15:03 - 2018-01-01 12:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2018-01-30 15:03 - 2018-01-01 12:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2018-01-30 15:03 - 2018-01-01 12:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
    2018-01-30 15:03 - 2018-01-01 12:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2018-01-30 15:03 - 2018-01-01 12:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2018-01-30 15:03 - 2018-01-01 12:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2018-01-30 15:03 - 2018-01-01 12:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
    2018-01-30 15:03 - 2018-01-01 12:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2018-01-30 15:03 - 2018-01-01 12:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
    2018-01-30 15:03 - 2018-01-01 12:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
    2018-01-30 15:03 - 2018-01-01 12:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2018-01-30 15:03 - 2018-01-01 12:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2018-01-30 15:03 - 2018-01-01 12:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2018-01-30 15:03 - 2018-01-01 12:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2018-01-30 15:03 - 2018-01-01 12:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2018-01-30 15:03 - 2018-01-01 12:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2018-01-30 15:03 - 2018-01-01 12:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2018-01-30 15:03 - 2018-01-01 12:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2018-01-30 15:03 - 2018-01-01 12:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2018-01-30 15:03 - 2018-01-01 12:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2018-01-30 15:03 - 2018-01-01 12:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2018-01-30 15:03 - 2018-01-01 12:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2018-01-30 15:03 - 2018-01-01 12:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2018-01-30 15:03 - 2018-01-01 12:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
    2018-01-30 15:03 - 2018-01-01 12:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2018-01-30 15:03 - 2018-01-01 12:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2018-01-30 15:03 - 2018-01-01 12:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2018-01-30 15:03 - 2018-01-01 12:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2018-01-30 15:03 - 2018-01-01 12:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2018-01-30 15:03 - 2018-01-01 12:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2018-01-30 15:03 - 2018-01-01 12:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2018-01-30 15:03 - 2018-01-01 12:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2018-01-30 15:03 - 2018-01-01 12:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2018-01-30 15:03 - 2018-01-01 12:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2018-01-30 15:03 - 2018-01-01 11:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2018-01-30 15:03 - 2018-01-01 11:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2018-01-30 15:03 - 2018-01-01 11:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
    2018-01-30 15:03 - 2018-01-01 11:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2018-01-30 15:03 - 2018-01-01 11:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2018-01-30 15:03 - 2018-01-01 11:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2018-01-30 15:03 - 2018-01-01 11:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2018-01-30 15:03 - 2018-01-01 11:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2018-01-30 15:03 - 2018-01-01 11:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2018-01-30 15:03 - 2018-01-01 11:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2018-01-30 15:03 - 2018-01-01 11:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2018-01-30 15:03 - 2018-01-01 11:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2018-01-30 15:03 - 2018-01-01 11:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2018-01-30 15:03 - 2018-01-01 11:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2018-01-30 15:03 - 2018-01-01 11:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2018-01-30 15:03 - 2018-01-01 11:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
    2018-01-30 15:03 - 2018-01-01 11:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2018-01-30 15:03 - 2018-01-01 11:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
    2018-01-30 15:03 - 2018-01-01 11:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2018-01-30 15:03 - 2018-01-01 11:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
    2018-01-30 15:03 - 2018-01-01 11:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2018-01-30 15:03 - 2018-01-01 11:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2018-01-30 15:03 - 2018-01-01 11:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2018-01-30 15:03 - 2018-01-01 11:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2018-01-30 15:03 - 2018-01-01 11:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2018-01-30 15:03 - 2018-01-01 11:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2018-01-30 15:03 - 2018-01-01 11:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
    2018-01-30 15:03 - 2018-01-01 11:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
    2018-01-30 15:03 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
    2018-01-30 15:03 - 2018-01-01 11:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2018-01-30 15:03 - 2018-01-01 11:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
    2018-01-30 15:03 - 2018-01-01 11:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2018-01-30 15:03 - 2018-01-01 11:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
    2018-01-30 15:03 - 2018-01-01 11:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
    2018-01-30 15:03 - 2018-01-01 11:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
    2018-01-30 15:03 - 2018-01-01 11:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2018-01-30 15:03 - 2018-01-01 11:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
    2018-01-30 15:03 - 2018-01-01 11:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2018-01-30 15:03 - 2018-01-01 11:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
    2018-01-30 15:03 - 2018-01-01 11:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
    2018-01-30 15:03 - 2018-01-01 11:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2018-01-30 15:03 - 2018-01-01 11:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2018-01-30 15:03 - 2018-01-01 11:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2018-01-30 15:03 - 2018-01-01 11:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2018-01-30 15:03 - 2018-01-01 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2018-01-30 15:03 - 2018-01-01 11:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2018-01-30 15:03 - 2018-01-01 11:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2018-01-30 15:03 - 2018-01-01 11:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2018-01-30 15:03 - 2018-01-01 11:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2018-01-30 15:03 - 2018-01-01 11:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2018-01-30 15:03 - 2018-01-01 11:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2018-01-30 15:03 - 2018-01-01 11:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2018-01-30 15:03 - 2018-01-01 11:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2018-01-30 15:03 - 2018-01-01 11:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
    2018-01-30 15:03 - 2018-01-01 11:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2018-01-30 15:03 - 2018-01-01 11:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2018-01-30 15:03 - 2018-01-01 11:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2018-01-30 15:03 - 2018-01-01 11:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2018-01-30 15:03 - 2018-01-01 11:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2018-01-30 15:03 - 2018-01-01 11:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2018-01-30 15:03 - 2018-01-01 11:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2018-01-30 15:02 - 2018-01-01 11:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2018-01-30 15:02 - 2018-01-01 11:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2018-01-30 15:02 - 2018-01-01 11:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
    2018-01-30 15:02 - 2018-01-01 11:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2018-01-30 15:02 - 2018-01-01 11:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
    2018-01-30 15:02 - 2018-01-01 11:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2018-01-30 15:02 - 2018-01-01 11:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2018-01-30 15:02 - 2018-01-01 11:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
    2018-01-30 15:02 - 2018-01-01 11:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
    2018-01-30 15:02 - 2018-01-01 11:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2018-01-30 15:02 - 2018-01-01 11:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
    2018-01-30 15:02 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
    2018-01-30 15:02 - 2018-01-01 11:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
    2018-01-30 15:02 - 2018-01-01 11:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2018-01-30 15:02 - 2018-01-01 11:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
    2018-01-30 15:02 - 2018-01-01 11:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2018-01-30 15:02 - 2018-01-01 11:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
    2018-01-30 15:02 - 2018-01-01 11:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2018-01-30 15:02 - 2018-01-01 11:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
    2018-01-30 15:02 - 2018-01-01 11:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2018-01-30 15:02 - 2018-01-01 11:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2018-01-30 15:02 - 2018-01-01 11:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
    2018-01-30 15:02 - 2018-01-01 11:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2018-01-30 15:02 - 2018-01-01 11:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2018-01-30 15:02 - 2018-01-01 11:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2018-01-30 15:02 - 2018-01-01 11:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
    2018-01-30 15:02 - 2018-01-01 11:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2018-01-30 15:02 - 2018-01-01 11:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
    2018-01-30 15:02 - 2018-01-01 11:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
    2018-01-30 14:57 - 2018-01-30 14:57 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1003
    2018-01-30 14:56 - 2018-01-30 14:57 - 000002358 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-01-30 14:56 - 2018-01-30 14:57 - 000000000 ___RD C:\Users\VL\OneDrive
    2018-01-30 14:55 - 2018-02-02 20:21 - 000000000 ____D C:\Users\VL\AppData\Local\Packages
    2018-01-30 14:55 - 2018-02-02 20:13 - 000000000 ____D C:\Users\VL\AppData\Local\ConnectedDevicesPlatform
    2018-01-30 14:55 - 2018-02-02 17:18 - 000000000 ____D C:\Users\VL\AppData\Local\Publishers
    2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Roaming\Adobe
    2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Local\VirtualStore
    2018-01-30 14:55 - 2018-01-30 17:27 - 000000000 ___RD C:\Users\VL\3D Objects
    2018-01-30 14:55 - 2018-01-30 14:55 - 000000020 ___SH C:\Users\VL\ntuser.ini
    2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ___HD C:\Users\VL\MicrosoftEdgeBackups
    2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ____D C:\Users\VL\AppData\Local\MicrosoftEdge
    2018-01-30 13:39 - 2018-01-30 13:39 - 000000000 ____D C:\Users\VIV\AppData\Local\NetworkTiles
    2018-01-30 11:06 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\PlaceholderTileLogoFolder
    2018-01-30 11:05 - 2018-01-30 11:05 - 000000000 ____D C:\Users\VIV\AppData\Local\Comms
    2018-01-30 10:51 - 2018-01-30 10:51 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1002
    2018-01-30 10:50 - 2018-01-30 10:51 - 000002361 _____ C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-01-30 10:50 - 2018-01-30 10:51 - 000000000 ___RD C:\Users\VIV\OneDrive
    2018-01-30 10:49 - 2018-02-09 11:31 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Adobe
    2018-01-30 10:49 - 2018-02-05 15:17 - 000000000 ____D C:\Users\VIV\AppData\Local\Publishers
    2018-01-30 10:49 - 2018-02-04 14:51 - 000000000 ____D C:\Users\VIV\AppData\Local\VirtualStore
    2018-01-30 10:49 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\Packages
    2018-01-30 10:49 - 2018-01-30 17:12 - 000000000 ___RD C:\Users\VIV\3D Objects
    2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ___HD C:\Users\VIV\MicrosoftEdgeBackups
    2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\MicrosoftEdge
    2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\ConnectedDevicesPlatform
    2018-01-30 10:48 - 2018-01-30 10:48 - 000000020 ___SH C:\Users\VIV\ntuser.ini
    2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2018-01-30 10:38 - 2018-01-30 10:38 - 000000000 ____D C:\ProgramData\USOShared
    2018-01-30 10:35 - 2018-02-13 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-01-30 10:35 - 2018-01-30 10:49 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1001
    2018-01-30 10:34 - 2018-01-30 10:34 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
    2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagwrn.xml
    2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagerr.xml
    2018-01-30 10:28 - 2018-01-30 10:28 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2018-01-30 10:25 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV
    2018-01-30 10:25 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL
    2018-01-30 10:23 - 2017-09-29 13:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2018-01-30 10:21 - 2018-02-13 17:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-01-30 10:21 - 2018-02-10 15:36 - 000634176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2018-01-29 21:20 - 2018-01-30 10:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2018-01-29 21:20 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2018-01-29 21:06 - 2018-01-29 21:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2018-01-29 20:24 - 2018-01-30 10:37 - 000000000 ___DC C:\WINDOWS\Panther
    2018-01-29 20:20 - 2018-01-29 20:24 - 000000036 _____ C:\WINDOWS\progress.ini
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Updater
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Serif
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Open Show 2015
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\sun
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
    2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\AKVIS
     
  5. White surfer

    White surfer Established Techie7 Member

    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VL\Documents\Fax
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Downloads\Driver Support
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Updater
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\RocketLifeNetwork
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\PassMark
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (3)
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (2)
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\DrawPad
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\AdobeStockPhotos
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\.tmp.drivedownload
    2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
    2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\AppData\Roaming\Skype
    2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\Adobe PDF
    2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Wondershare
    2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Stroud & Swindon
    2018-01-29 19:54 - 2018-02-01 09:45 - 000000000 ____D C:\Users\VL\AppData\Local\Google
    2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\RookMilanoInstaller
    2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\revouninstaller
    2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\PDFXVwer
    2018-01-29 19:53 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\John Lewis Your receipt_files
    2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\HP Downloads
    2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Google_files
    2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent (1)
    2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent
    2018-01-29 19:52 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Adobe Acrobat XI Pro
    2018-01-29 19:42 - 2018-01-30 10:37 - 000000000 ___HD C:\$GetCurrent
    2018-01-29 19:41 - 2018-01-30 10:38 - 000000000 ____D C:\Windows10Upgrade
    2018-01-29 19:41 - 2018-01-29 19:41 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
    2018-01-29 19:39 - 2018-01-29 19:39 - 000000000 ____D C:\Users\VL\Documents\Whisper
    2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\VL-HP
    2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Travel Docs
    2018-01-29 19:32 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Transfer Files from old pc
    2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tools
    2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site 2006
    2018-01-29 19:31 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\samsung
    2018-01-29 19:31 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2011
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2010
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbus images
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2011
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls website 2010
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2009
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Symantec
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Stuart
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Soda PDF Files
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\SelfMV
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Scanned Documents
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\recovered photos
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Problems
    2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\plusnet
    2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Open Show Schedule
    2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\OneNote Notebooks
    2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\NatWest
    2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Nadder Valley Walks
    2018-01-29 19:24 - 2018-02-02 14:18 - 000000000 ____D C:\Users\VL\Documents\My PSP8 Files
    2018-01-29 19:24 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\My Scans
    2018-01-29 19:24 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Kindle Content
    2018-01-29 19:20 - 2018-01-30 10:18 - 000000000 ____D C:\Program Files\UNP
    2018-01-29 19:20 - 2018-01-29 19:30 - 000000000 ____D C:\Program Files\rempl
    2018-01-29 19:20 - 2018-01-29 19:20 - 000000000 ____D C:\WINDOWS\UpdateAssistant
    2018-01-29 18:57 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Documents 2
    2018-01-29 16:36 - 2018-01-23 18:58 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Digital Editions
    2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Data Sources
    2018-01-29 16:13 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Backup
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Medical
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Malwarebites
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Mail
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Legend of the Crystal Skull
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2015
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2014
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2013
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2012
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2011
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2010
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2009
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2008
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2007
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2006
    2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Handbooks
    2018-01-29 16:12 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Dinton WI
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Coventry Building Society – Savings - Your new account details_files
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Correspondence
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christmas letters 2014
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christine
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Cards
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Competition Masters
    2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\bowls alpha web site 2008
    2018-01-29 16:11 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2015
    2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2014
    2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2013
    2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2012
    2018-01-29 16:10 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2011
    2018-01-29 16:10 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2010
    2018-01-29 16:09 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2009
    2018-01-29 16:09 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2008
    2018-01-29 16:08 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2007
    2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bowling Club Rules
    2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bosch
    2018-01-29 16:07 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bill
    2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Barnsley Building Society
    2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Autoruns
    2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Andy
    2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Allotment Accounts
    2018-01-29 16:06 - 2018-01-29 19:58 - 000000000 ____D C:\Users\VL\AppData\Roaming\Thunderbird
    2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Documents\PDFelement
    2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Desktop\OpenOffice 4.1.1 (en-GB) Installation Files
    2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\AppData\Roaming\Mozilla
    2018-01-29 16:01 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Skype
    2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Software
    2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Google
    2018-01-29 15:36 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Google
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Vivian Longland_files
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\uninstallview-x64
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\SeatingPlanner_Pro2.0EN
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\produkey-x64
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Malwarebites
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\HP Downloads
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Free File Unlocker Portable
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin10
    2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin 10.0.1.0
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\DriveManager_v1.0.175_Full
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\chromecacheview (1)
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\caesium-1.7.0-port
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (2)
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (1)
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Barnsley Building Society
    2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Andy
    2018-01-29 15:27 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Scanned Documents
    2018-01-29 15:27 - 2018-01-29 15:27 - 000000000 ____D C:\Users\VIV\Documents\SelfMV
    2018-01-29 15:26 - 2018-01-30 17:26 - 000000000 ____D C:\Users\VIV\Documents\Outlook Files
    2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\samsung
    2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MyHeritage
    2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Remote Assistance Logs
    2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Photostage Projects
    2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\OneNote Notebooks
    2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Norton Identity Safe Backups
    2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Smilebox Creations
    2018-01-29 15:25 - 2018-02-04 14:39 - 000000000 ____D C:\Users\VIV\Documents\My PSP8 Files
    2018-01-29 15:25 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Scans
    2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Print Creations
    2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Filehippo Downloads
    2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\My Digital Editions
    2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MailStore Home
    2018-01-29 15:24 - 2018-01-29 15:41 - 000000000 ____D C:\Users\VIV\Documents\My Data Sources
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Media
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Mail
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\HpReg_Backup
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Hi Slider
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\FixWin10
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Fax
    2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\engine1
    2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\data1
    2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\chromecacheview (1)
    2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\Calendar 2018
    2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\bOWLS wEB sITE
    2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\3 November 2017
    2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Thunderbird
    2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Mozilla
    2018-01-29 14:40 - 2018-01-29 14:40 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Program Files (x86)\Intel
    2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Intel
    2018-01-29 14:38 - 2018-02-13 14:43 - 000970010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-01-29 14:38 - 2018-01-30 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
    2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\Program Files\Realtek
    2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Hauppauge
    2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\Hauppauge
    2018-01-29 14:33 - 2018-01-30 17:27 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-01-18 15:51 - 2018-01-18 15:51 - 000000000 _____ C:\Users\VIV\Documents\Default.rdp
    2018-01-16 14:42 - 2018-01-16 14:44 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331 (1).zip
    2018-01-16 14:29 - 2018-01-16 14:32 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331.zip
    2018-01-16 14:26 - 2018-01-16 14:28 - 111401136 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\wlsetup-all.exe
    2018-01-15 20:31 - 2018-01-15 20:32 - 022532127 _____ C:\Users\VIV\Downloads\d876844b-3c15-4269-9ba7-bf46fca0d58a.tmp
    2018-01-15 20:21 - 2018-01-15 20:21 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (14).diagcab
    2018-01-15 20:15 - 2018-01-15 20:15 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (13).diagcab
    2018-01-15 20:10 - 2018-01-15 20:10 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (12).diagcab
    2018-01-15 18:50 - 2018-01-15 18:50 - 001239752 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\pair windows.exe
    2018-01-15 15:29 - 2018-01-15 15:29 - 002584494 _____ C:\Users\VIV\Downloads\pdf2doc (1).zip

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-02-13 16:31 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2018-02-13 16:24 - 2017-09-29 13:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2018-02-13 16:23 - 2017-09-29 08:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
    2018-02-13 14:49 - 2017-09-29 13:44 - 000000000 ____D C:\WINDOWS\INF
    2018-02-13 14:44 - 2017-09-29 08:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-02-07 09:43 - 2017-09-29 13:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-02-04 18:54 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
    2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Help
    2018-02-02 11:53 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\rescache
    2018-02-01 15:49 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\NDF
    2018-02-01 10:01 - 2015-10-30 07:24 - 000000167 _____ C:\WINDOWS\win.ini
    2018-02-01 09:49 - 2017-09-29 13:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2018-02-01 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\appcompat
    2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\TextInput
    2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\system32\F12
    2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\oobe
    2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Provisioning
    2018-01-30 17:08 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Dism
    2018-01-30 17:04 - 2015-10-30 18:08 - 000000000 ____D C:\WINDOWS\ShellNew
    2018-01-30 15:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Web
    2018-01-30 15:06 - 2017-09-29 13:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2018-01-30 15:06 - 2017-09-29 13:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2018-01-30 15:06 - 2017-09-29 13:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2018-01-30 10:38 - 2017-09-29 13:46 - 000000000 ____D C:\ProgramData\USOPrivate
    2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Registration
    2018-01-30 10:33 - 2017-09-29 13:46 - 000000000 __RHD C:\Users\Public\Libraries
    2018-01-30 10:25 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2018-01-30 10:20 - 2017-09-29 13:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2018-01-30 10:18 - 2017-09-29 13:49 - 000000000 ____D C:\WINDOWS\Setup
    2018-01-30 10:18 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\spool
    2018-01-30 10:18 - 2015-10-30 07:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2018-01-29 16:07 - 2015-03-24 10:34 - 000004180 _____ C:\Users\VL\Documents\Re_.eml
    2018-01-29 16:07 - 2015-03-24 10:31 - 000010617 _____ C:\Users\VL\Documents\Transcript of your chat.eml
    2018-01-29 16:07 - 2014-03-04 10:02 - 000002393 _____ C:\Users\VL\Documents\Patient Access Registration Submitted.eml
    2018-01-29 16:07 - 2013-10-28 12:52 - 000007330 _____ C:\Users\VL\Documents\Your Serif.com password.eml
    2018-01-29 16:07 - 2013-10-28 12:50 - 000077147 _____ C:\Users\VL\Documents\Photo from 10 Aug 2013.eml
    2018-01-29 15:19 - 2018-01-12 15:16 - 000037246 _____ C:\Users\VIV\Documents\Order number 124293921 Your service guarantee.eml
    2018-01-29 15:19 - 2017-10-13 16:14 - 000089164 _____ C:\Users\VIV\Documents\Saved emails 2.eml
    2018-01-29 15:19 - 2017-10-13 16:13 - 000089164 _____ C:\Users\VIV\Documents\Your M&S order acknowledgement.eml
    2018-01-29 15:19 - 2017-10-07 16:58 - 000031567 _____ C:\Users\VIV\Documents\Saved emails.eml
    2018-01-29 15:19 - 2015-11-10 14:12 - 000002393 _____ C:\Users\VIV\Documents\Patient Access Registration Submitted.eml
    2018-01-29 15:19 - 2015-09-07 18:06 - 000010617 _____ C:\Users\VIV\Documents\Transcript of your chat.eml
    2018-01-29 15:18 - 2017-06-18 13:20 - 000012689 _____ C:\Users\VIV\Documents\Fw_ Another go at the photos from allotment bbq.eml
    2018-01-14 15:45 - 2015-09-07 14:02 - 000000420 _____ C:\Users\VIV\Desktop\Computer.lnk

    ==================== Files in the root of some directories =======

    2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ () C:\Users\VIV\AppData\Roaming\signature.txt

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-02-09 12:17

    ==================== End of FRST.txt ============================
    Now I will do additions
     
  6. White surfer

    White surfer Established Techie7 Member

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
    Ran by VIV (13-02-2018 19:36:14)
    Running from C:\Users\VIV\Desktop
    Windows 10 Home Version 1709 16299.192 (X64) (2018-01-30 10:37:47)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1150477090-3809027948-3889013003-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1150477090-3809027948-3889013003-503 - Limited - Disabled)
    Guest (S-1-5-21-1150477090-3809027948-3889013003-501 - Limited - Disabled)
    VIV (S-1-5-21-1150477090-3809027948-3889013003-1002 - Administrator - Enabled) => C:\Users\VIV
    VL (S-1-5-21-1150477090-3809027948-3889013003-1003 - Administrator - Enabled) => C:\Users\VL
    WDAGUtilityAccount (S-1-5-21-1150477090-3809027948-3889013003-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
    FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
    Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
    Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
    Greeting Card Factory Deluxe 7.0 (HKLM-x32\...\{55D6B4DA-50E9-47AF-99C1-9A8E3A234763}) (Version: 7.0.0.11 - Nova Development)
    iTunes (HKLM\...\{7EE6E263-19DA-4A33-BB8C-9BDC12BA1918}) (Version: 12.7.3.46 - Apple Inc.)
    Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.3000 - Jasc Software Inc)
    Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    LibreOffice 6.0.0.3 (HKLM\...\{DD7E9D37-CA78-459A-8BA8-29BBF29CF257}) (Version: 6.0.0.3 - The Document Foundation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
    Mozilla Firefox 58.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-GB)) (Version: 58.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
    Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
    Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
    Norton WiFi Privacy (HKLM-x32\...\Norton WiFi Privacy) (Version: 1.2.162 - Symantec Corporation)
    OpenOffice 4.1.5 (HKLM-x32\...\{708F0253-F566-48F3-9B88-06F48F16548B}) (Version: 4.15.9789 - Apache Software Foundation)
    Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
    PrintMaster (HKLM-x32\...\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}) (Version: - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
    UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)
    ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
    ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
    ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {31A7E136-B553-4B42-B295-2AC1EE53B317} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.)
    Task: {3EEF8687-4121-414A-8F15-DCAD3AB8B0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {606A7CFB-0BF6-4A5E-AC38-CCB37F46886D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-11] (Symantec Corporation)
    Task: {6DD5F55C-FF5F-4B87-A6B5-44A5767FD09A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.)
    Task: {782D2CCB-971C-4FD7-96E4-538DC874846A} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {86732E5A-F919-493B-880D-61FAB22A9A1B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.)
    Task: {8F24CF9F-E307-42BA-9F57-5B8C1F640A6D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003
    Task: {A2F48631-9E08-4A66-9029-11B0E58E1DE0} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {A9B4F320-8754-4769-A4BF-476A66CC1F71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
    Task: {BFECE911-950F-4B12-973E-B0FCB25F27ED} - System32\Tasks\Norton Security Scan for VIV => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
    Task: {C9ABD8F3-388B-4EAA-A1B6-9DCC7DF42596} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {E8919733-2BF1-44FD-B923-85D17C3F67B2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
    Task: {E9520C04-EA3F-4ECA-8547-8875667D6C95} - System32\Tasks\Opera scheduled Autoupdate 1517510963 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
    Task: {F01429E1-6241-465D-9773-0FEBFFEBE0AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.)
    Task: {FD96073D-183A-48B3-8094-DD588B4DAABC} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-11] (Symantec Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-09-29 13:41 - 2017-09-29 13:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2009-12-19 00:18 - 2009-12-19 00:18 - 000420864 _____ () C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\cutil64.dll
    2017-08-29 16:02 - 2017-08-29 16:02 - 001363064 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe
    2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2017-12-14 01:33 - 2017-12-14 01:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-12-14 01:33 - 2017-12-14 01:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2018-01-30 11:20 - 2018-01-30 11:20 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2018-01-30 11:20 - 2018-01-30 11:20 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2018-01-30 11:20 - 2018-01-30 11:20 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2018-01-30 11:20 - 2018-01-30 11:20 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
    2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2007-08-25 01:03 - 2007-08-25 01:03 - 000185664 _____ () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
    2018-02-02 08:50 - 2018-02-02 08:50 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    2018-01-30 11:19 - 2018-01-30 11:20 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
    2018-01-30 11:19 - 2018-01-30 11:19 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
    2017-09-30 14:37 - 2017-09-30 14:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
    2018-01-30 11:19 - 2018-01-30 11:20 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
    2018-02-06 15:57 - 2018-02-06 16:02 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
    2018-02-07 13:38 - 2018-02-01 06:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
    2018-02-07 13:38 - 2018-02-01 06:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
    2018-02-01 18:49 - 2018-01-22 06:02 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll
    2018-02-01 18:49 - 2018-01-22 06:02 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll
    2018-02-01 18:49 - 2018-01-22 06:02 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll
    2017-08-29 16:02 - 2017-08-29 16:02 - 000085624 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\ZLIB1.dll
    2018-02-10 08:47 - 2018-02-08 20:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
    2018-02-10 08:47 - 2018-02-08 20:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
    2018-02-02 16:30 - 2018-02-08 20:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2018-02-02 16:30 - 2018-02-08 20:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2018-02-02 16:30 - 2018-02-08 20:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2018-02-02 16:30 - 2018-02-08 20:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
    2018-02-02 16:30 - 2018-02-08 20:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
    2018-02-02 16:30 - 2018-02-08 20:12 - 000100704 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2018-02-02 16:30 - 2018-02-08 20:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
    2018-02-02 16:30 - 2018-02-08 20:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2018-02-10 08:47 - 2018-02-08 20:12 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
    2018-02-10 08:47 - 2018-02-08 20:10 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
    2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2018-02-02 16:30 - 2018-02-08 20:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
    2018-02-10 08:47 - 2018-02-08 20:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
    2018-02-10 08:47 - 2018-02-08 20:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
    2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2017-11-27 21:03 - 2017-11-27 21:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
    2017-11-04 20:57 - 2017-11-04 20:57 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
    2017-11-04 20:57 - 2017-11-04 20:57 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 07:24 - 2015-10-30 07:21 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\VIV\Pictures\WallPaper\Grandad and Abs.JPG
    DNS Servers: 192.168.1.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: TeamViewer => 2
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{5A897D85-AEB7-42B6-B976-4E24357D5C93}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
    FirewallRules: [UDP Query User{63711DFC-D477-4057-B496-CB6DBED8248C}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
    FirewallRules: [{E6370C48-C939-40EA-AEC5-5D7A2AC3F228}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{E57F0676-9E6F-4C90-8169-77848BDB441F}] => (Allow) LPort=2869
    FirewallRules: [{B1948805-471A-4942-B99D-84EEB52B1EE5}] => (Allow) LPort=1900
    FirewallRules: [{75DB82AE-0838-4091-AE72-3182C71B70CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{2366D8C2-7251-490E-981E-CB5B5FAB616A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{3772E7C4-B09C-4D15-ABEC-5C46F5EF450A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{E2E37B12-1EFF-4800-A200-1C489002A72B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{995D74BC-9C2E-4C42-B964-101BC41092FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{6CC6C1B3-9509-4099-8DA4-76CEF93C4ED7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{52971463-FF9B-47B3-992F-894689DE941D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{D79DEAC9-6EC0-4B9A-A1C7-1A826AFA652F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{CE538B16-5F95-4873-AA99-8095D1B7E4BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{34230887-2B6E-4998-B3AA-2D19A3FEBD49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{9B39BF6F-BB10-423F-9531-CC9DFBE5E5C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{4100553D-5B0D-4D9B-814D-B755498D2FA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{848C261F-8565-4C59-9E1A-0E1DA4B99187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{1CB27F01-5E6E-461D-9CC5-FC8CBA09E1A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
    FirewallRules: [{F479254F-644A-4303-A629-D70E2C4300E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
    FirewallRules: [{4AB9DFBE-FED6-4857-9FD8-92EB6935A210}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
    FirewallRules: [{8741FCF8-BA71-4688-8265-6E684C52620A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{7E078FF9-ACEB-4768-ADF6-BCF930770565}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{763A3A0D-6FCA-4DC1-9317-F9814F8E7516}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{854426F9-8B99-4731-8B1B-40E1B25EA71A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{F08271E9-CBB7-4371-A1B6-D73275B421D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{52BDFB19-D433-4285-90B7-26195FA7DBEB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{5AD600CC-3975-43DF-BED3-B2EBF89E6AD6}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
    FirewallRules: [{BD003532-A4D4-4FDC-B6DF-D21D67B65486}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{EA6000F4-9CEA-475D-AD6C-70D674C26E39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{AAF058CA-02D7-4F7A-BAD3-1B54012AF260}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

    ==================== Restore Points =========================

    02-02-2018 11:21:41 New Hard Drive
    07-02-2018 09:43:17 Windows Update
    09-02-2018 17:03:18 Installed LibreOffice 6.0.0.3
    13-02-2018 16:58:08 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/13/2018 02:41:37 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating Norton Security status to SECURITY_PRODUCT_STATE_EXPIRED.

    Error: (02/11/2018 04:33:03 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000
    Faulting module name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00052bda
    Faulting process ID: 0x824
    Faulting application start time: 0x01d3a3548f7e7f6a
    Faulting application path: C:\Program Files (x86)\Claws Mail\claws-mail.exe
    Faulting module path: C:\Program Files (x86)\Claws Mail\claws-mail.exe
    Report ID: 2d2dc7bd-4f83-4f6a-94d3-22619f1dbd26
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (02/11/2018 09:59:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program ShellExperienceHost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 2084

    Start Time: 01d3a31ef6420944

    Termination Time: 4294967295

    Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

    Report Id: 3f0934a6-80d1-4cb7-8cee-a3cd719f9349

    Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

    Faulting package-relative application ID: App

    Error: (02/11/2018 09:59:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1FFI7T5)
    Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

    Error: (02/06/2018 02:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WINWORD.EXE, version: 14.0.7192.5000, time stamp: 0x5a346f59
    Faulting module name: wwlib.dll, version: 14.0.7192.5000, time stamp: 0x5a346f8b
    Exception code: 0xc0000005
    Fault offset: 0x00038fee
    Faulting process ID: 0x67c
    Faulting application start time: 0x01d39f538b9bb112
    Faulting application path: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    Faulting module path: C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll
    Report ID: 45df28d7-2b16-4560-aa32-c8d6fcd00c36
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (02/04/2018 11:04:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/04/2018 11:03:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (02/03/2018 04:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: operamail.exe, version: 1.0.1044.0, time stamp: 0x56aa20ee
    Faulting module name: OperaMail.dll, version: 1.0.1044.0, time stamp: 0x56aa23cd
    Exception code: 0x40000015
    Fault offset: 0x009b92fd
    Faulting process ID: 0x16ec
    Faulting application start time: 0x01d39d08c4b02af2
    Faulting application path: C:\Users\VL\AppData\Local\Opera Mail\operamail.exe
    Faulting module path: C:\Users\VL\AppData\Local\Opera Mail\OperaMail.dll
    Report ID: a8526789-486e-4512-ad09-87eef4c07106
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (02/13/2018 07:22:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 06:34:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:32:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (02/13/2018 04:22:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FFI7T5)
    Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.


    Windows Defender:
    ===================================
    Date: 2018-02-01 16:02:17.548
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {F243EC95-9A98-4EA5-8B66-73815250BE98}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-02-01 15:55:43.185
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {EECF3334-B9B4-422F-B818-F578D86FB490}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-02-01 15:48:11.240
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.261.610.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14500.5
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2018-02-01 15:48:11.240
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 118.2.0.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: Network Inspection System
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 2.1.14202.0
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2018-02-01 15:48:11.234
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.261.610.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14500.5
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2018-02-01 15:48:11.234
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.261.610.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiSpyware
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14500.5
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2018-02-01 15:48:11.234
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.261.610.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14500.5
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    CodeIntegrity:
    ===================================

    Date: 2018-02-13 19:33:55.599
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 19:33:55.598
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 19:03:11.538
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 19:03:11.536
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 18:42:51.688
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 18:42:51.685
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 18:42:51.679
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-02-13 18:42:51.676
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    Percentage of memory in use: 58%
    Total physical RAM: 6048.81 MB
    Available physical RAM: 2520.78 MB
    Total Virtual: 7008.81 MB
    Available Virtual: 1849.5 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:918.8 GB) (Free:705.91 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.75 GB) (Free:1.38 GB) NTFS ==>[system with boot components (obtained from drive)]

    \\?\Volume{0d8962b0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
    \\?\Volume{0d8962b0-0000-0000-0000-c0d2e5000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D8962B0)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=918.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=478 MB) - (Type=27)
    Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  7. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =====================================

    So far I don't see any signs of any rootkit but we'll run some checks.
    Who told you about that rootkit?

    Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [​IMG] Malwarebytes Anti-Rootkit (MBAR) to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
    NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
     
  8. White surfer

    White surfer Established Techie7 Member

    Thanks Broni - you'll be annoyed with me about this but apparently the Norton phone number I was given was a scam and I fell for it!!!! I feel very ashamed. I got on to my Bank fraud department and they said that I had to check with Norton which of course I did and have spent 2 hours with them resolving the problem and they assure me there is no trojan and they eventually managed to get my Security suite up and running, I am really, really sorry but as you can imagine it was very worrying and I could kick myself for falling for it. I know you say we should not do anything once we have contacted you but in this case I felt following my banks instructions was what I had to do
     
  9. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Look, no reason to apologize. You have to be so vigilant in today's computer world and sometimes we lower our guard and bad thing happen.
    I'm glad everything ended up OK for you :)