[Resolved] Alureon trojan

I was having difficulty installing Norton Security and eventually they told me my pc was very badly infected with Alureon and it needed to be removed very quickly! I have, in the last 10 days had a new hard drive and am amazed that all the problems they found were there. I have only a day left on my Norton security so need to do something in a hurry - any help very, very welcome. I am pasting FRST and Additions as requested
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by VIV (administrator) on DESKTOP-1FFI7T5 (13-02-2018 19:35:05)
Running from C:\Users\VIV\Desktop
Loaded Profiles: VIV (Available Profiles: VIV & VL)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================
I will continue on page 2

 

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mirics Semiconductor Ltd) C:\Windows\System32\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [ReminderApp] => C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe [185664 2007-08-25] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-08] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-02-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2018-02-02]
ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\Broderbund\PrintMaster\PMremind.exe (TLC Multimedia Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{73e83076-693c-4d47-89f6-b6f4414bcadc}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1150477090-3809027948-3889013003-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000020&geo=GB&ver=22.11.2.7&locale=en_GB&guid=31C74C16-C910-4352-8F41-93FEE609C4BB&doi=2018-02-03&gct=kwd&qsrc=2869
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default [2018-01-29]
FF Extension: (Dashlane) - C:\Users\VIV\AppData\Roaming\Mozilla\Firefox\Profiles\8cb5u05u.default\Extensions\jetpack-extension@dashlane.com.xpi [2017-12-13]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default [2018-02-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-02-04]
CHR Extension: (Norton Identity Safe) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2018-02-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\VIV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "chrome://startpage/"
OPR Session Restore: -> is enabled.
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2018-01-29]
OPR Extension: (Dashlane - Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2018-02-05]
OPR Extension: (LastPass: Free Password Manager) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2018-01-29]
OPR Extension: (Install Chrome Extensions) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-01-29]
OPR Extension: (F.B.(FluffBusting)Purity) - C:\Users\VIV\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppldhdmhmdcedddamaddkbbakkfhgeeo [2018-02-05]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-08] (Dropbox, Inc.)
R2 hcwD3bda_dvbt; C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2641920 2010-12-16] (Mirics Semiconductor Ltd)
R2 NortonWiFiPrivacy; C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe [1363064 2017-08-29] ()
R2 NS; C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-30] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\BASHDefs\20180210.001\BHDrvx64.sys [1879632 2018-02-10] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-02-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-02-13] (Symantec Corporation)
R3 hcwD3bda; C:\WINDOWS\system32\DRIVERS\hcwD3bda64.sys [116352 2010-06-29] (Mirics)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\IPSDefs\20180212.001\IDSvia64.sys [1056920 2018-02-12] (Symantec Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek )
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2018-02-13] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-01-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-01-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

 

If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 19:35 - 2018-02-13 19:35 - 000017272 _____ C:\Users\VIV\Desktop\FRST.txt
2018-02-13 19:34 - 2018-02-13 19:35 - 000000000 ____D C:\FRST
2018-02-13 19:31 - 2018-02-13 19:31 - 002405376 _____ (Farbar) C:\Users\VIV\Desktop\FRST64.exe
2018-02-13 19:25 - 2018-02-13 19:26 - 000244472 _____ C:\TDSSKiller.3.1.0.16_13.02.2018_19.25.22_log.txt
2018-02-13 19:24 - 2018-02-13 19:25 - 004944584 _____ (AO Kaspersky Lab) C:\Users\VIV\Downloads\tdsskiller.exe
2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoToAssist Remote Support Customer
2018-02-13 18:47 - 2018-02-13 18:47 - 000000000 ____D C:\Users\VIV\AppData\Local\GoTo Opener
2018-02-13 16:48 - 2018-02-13 16:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2018-02-13 16:24 - 2018-02-13 16:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2018-02-13 16:24 - 2018-02-13 16:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2018-02-13 16:10 - 2018-02-13 16:10 - 000602568 _____ C:\Users\VIV\Downloads\Reference #129557736_ Your order of Creativemark's products.mbs
2018-02-13 15:32 - 2018-02-13 15:32 - 000004354 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for VIV
2018-02-13 15:32 - 2018-02-13 15:32 - 000001541 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2018-02-13 15:32 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2018-02-13 15:25 - 2018-02-13 15:25 - 000047254 _____ C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software.html
2018-02-13 15:25 - 2018-02-13 15:25 - 000000000 ____D C:\Users\VIV\Downloads\Computeractive Software Store - discounted downloadable software_files
2018-02-13 14:49 - 2018-02-13 14:49 - 000001331 _____ C:\Users\VIV\Desktop\Norton WiFi Privacy.lnk
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton WiFi Privacy
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\AppData\Local\Norton WiFi Privacy
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.QtWebEngineProcess
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV\.Norton WiFi Privacy
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\NWPService
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\ProgramData\Norton WiFi Privacy
2018-02-13 14:49 - 2018-02-13 14:49 - 000000000 ____D C:\Program Files (x86)\Norton WiFi Privacy
2018-02-13 14:43 - 2018-02-13 16:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2018-02-13 14:41 - 2018-02-13 14:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-13 14:39 - 2018-02-13 16:24 - 000002315 _____ C:\Users\Public\Desktop\Norton Security.lnk
2018-02-13 14:39 - 2018-02-13 16:22 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2018-02-13 14:39 - 2018-02-13 16:22 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2018-02-13 14:39 - 2018-02-13 14:39 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO1d56.tmp
2018-02-13 14:39 - 2018-02-13 14:39 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2018-02-13 14:37 - 2018-02-13 16:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2018-02-13 14:37 - 2018-02-13 15:32 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-02-13 14:37 - 2018-02-13 14:38 - 000000000 ____D C:\Program Files\Norton Security
2018-02-13 14:25 - 2018-02-13 16:25 - 000001336 _____ C:\Users\VIV\Desktop\Norton Installation Files.lnk
2018-02-13 14:25 - 2018-02-13 14:26 - 077776528 _____ C:\Users\VIV\Downloads\NortonWiFiPrivacy 2018.exe
2018-02-13 14:25 - 2018-02-13 14:25 - 001101088 _____ (Symantec Corporation) C:\Users\VIV\Downloads\NSDeluxeDownloader 2018.exe
2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ C:\Users\VIV\AppData\Roaming\signature.txt
2018-02-11 15:29 - 2018-02-11 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\tovi80alpha@gmail.com
2018-02-11 14:52 - 2018-02-11 14:52 - 000000000 ____D C:\Users\VIV\AppData\Local\enchant
2018-02-11 14:45 - 2018-02-11 14:45 - 000000000 ____D C:\Users\VIV\VCF
2018-02-11 14:26 - 2018-02-11 16:58 - 000000000 ____D C:\Users\VIV\AppData\Roaming\&tovil
2018-02-11 14:21 - 2018-02-11 17:13 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Claws-mail
2018-02-11 14:17 - 2018-02-11 14:18 - 025124405 _____ (claws-mail.org) C:\Users\VIV\Downloads\claws-mail-3.16.0-1-32bit.exe
2018-02-10 15:45 - 2018-02-10 15:45 - 000000000 ____D C:\Users\VIV\Desktop\New folder
2018-02-10 15:30 - 2018-02-10 15:41 - 000012418 _____ C:\Users\VIV\Desktop\Book1.xlsx
2018-02-10 15:17 - 2018-02-10 17:16 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Mozilla
2018-02-10 15:16 - 2018-02-10 15:23 - 000000000 ____D C:\Users\VIV\AppData\Local\Thunderbird
2018-02-10 15:15 - 2018-02-10 15:15 - 040314920 _____ (Mozilla) C:\Users\VIV\Downloads\Thunderbird Setup 52.6.0.exe
2018-02-10 14:46 - 2018-02-10 14:46 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (2).adr
2018-02-10 14:42 - 2018-02-10 14:42 - 000006754 _____ C:\Users\VIV\Downloads\importedcontacts (1).adr
2018-02-10 14:34 - 2018-02-10 14:34 - 000005935 _____ C:\Users\VIV\Desktop\contacts saturday.csv
2018-02-10 13:55 - 2018-02-10 13:55 - 000036864 _____ C:\Users\VIV\Desktop\Agenda feb 2018-1.dot
2018-02-10 08:48 - 2018-02-10 08:48 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-10 08:48 - 2018-02-10 08:48 - 000002207 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-02-10 08:48 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files\Google
2018-02-10 08:47 - 2018-02-10 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-09 17:16 - 2018-02-09 17:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\LibreOffice
2018-02-09 17:07 - 2018-02-09 17:07 - 000001179 _____ C:\Users\Public\Desktop\LibreOffice 6.0.lnk
2018-02-09 17:07 - 2018-02-09 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
2018-02-09 17:05 - 2018-02-09 17:06 - 000000000 ____D C:\Program Files\LibreOffice
2018-02-09 16:51 - 2018-02-09 16:57 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64 (1).msi
2018-02-09 16:49 - 2018-02-09 16:54 - 274030592 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.0_Win_x64.msi
2018-02-09 16:43 - 2018-02-09 16:47 - 273948672 _____ C:\Users\VIV\Downloads\LibreOffice_6.0.1_Win_x64.msi
2018-02-09 15:56 - 2018-02-09 15:56 - 000112644 _____ C:\Users\VIV\Desktop\Valuation Day Poster.pdf
2018-02-08 20:10 - 2018-02-08 20:10 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-02-08 20:10 - 2018-02-08 20:10 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-02-08 20:10 - 2018-02-08 20:10 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-02-08 16:33 - 2018-02-09 11:10 - 000118272 _____ C:\Users\VIV\Desktop\Group Meeting A4.pub
2018-02-05 17:04 - 2018-02-05 17:04 - 000001444 _____ C:\Users\VIV\Desktop\Candy Crush Saga (3).lnk
2018-02-05 15:22 - 2018-02-05 15:22 - 000000000 ____D C:\Users\VIV\AppData\Local\HP
2018-02-05 15:09 - 2018-02-08 16:33 - 000128512 _____ C:\Users\VIV\Desktop\santa with Scroll.pub
2018-02-04 17:21 - 2018-02-04 17:21 - 003511808 _____ C:\Users\VIV\Desktop\3 Valleys Silver.pub
2018-02-04 16:52 - 2018-02-04 16:52 - 000000000 ____D C:\Users\VIV\AppData\Local\Apple
2018-02-04 16:50 - 2018-02-04 17:26 - 003503104 _____ C:\Users\VIV\Desktop\A5.pub
2018-02-04 11:03 - 2018-02-04 11:03 - 000000000 ____D C:\Users\VIV\AppData\Local\Nova Development
2018-02-04 11:00 - 2018-02-04 11:00 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Jasc Software Inc
2018-02-03 16:15 - 2018-02-11 16:33 - 000000000 ____D C:\Users\VIV\AppData\Local\CrashDumps
2018-02-03 16:15 - 2018-02-03 16:15 - 000000000 ____D C:\Users\VIV\AppData\Local\DBG
2018-02-03 12:12 - 2018-02-03 12:12 - 000003463 _____ C:\Users\VIV\Downloads\importedcontacts.adr
2018-02-03 12:01 - 2018-02-10 14:31 - 000001726 _____ C:\Users\VIV\Desktop\contacts 1.csv
2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Mail
2018-02-02 20:45 - 2018-02-02 20:45 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Mail
2018-02-02 20:40 - 2018-02-02 20:40 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0 (2).lnk
2018-02-02 20:22 - 2018-02-02 20:22 - 000000000 ____D C:\Users\VIV\AppData\Local\Opera Software
2018-02-02 20:19 - 2018-02-02 20:19 - 000002748 _____ C:\Users\VIV\Desktop\Microsoft Publisher 2010.lnk
2018-02-02 20:19 - 2018-02-02 20:19 - 000001244 _____ C:\Users\VIV\Desktop\Adobe Photoshop 7.0.lnk
2018-02-02 20:15 - 2018-02-02 20:15 - 000000000 ____D C:\Users\VIV\AppData\Local\Dropbox
2018-02-02 16:36 - 2018-02-02 16:51 - 000000000 ___RD C:\Users\VL\Dropbox
2018-02-02 16:35 - 2018-02-02 16:35 - 000001335 _____ C:\Users\VIV\Dropbox.lnk
2018-02-02 16:28 - 2018-02-02 16:28 - 000000000 ____D C:\Users\VL\AppData\Roaming\Dropbox
2018-02-02 16:27 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-02 16:27 - 2018-02-02 18:14 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-02-02 16:27 - 2018-02-02 18:14 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-02-02 16:27 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL\AppData\Local\Dropbox
2018-02-02 16:27 - 2018-02-02 16:27 - 000003992 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-02-02 16:27 - 2018-02-02 16:27 - 000003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-02-02 16:27 - 2018-02-02 16:27 - 000000000 ____D C:\ProgramData\Dropbox
2018-02-02 16:26 - 2018-02-02 16:26 - 000690080 _____ (Dropbox, Inc.) C:\Users\VL\Downloads\DropboxInstaller (1).exe
2018-02-02 16:14 - 2018-02-02 16:14 - 000002097 _____ C:\Users\VIV\Windows Restore.lnk
2018-02-02 16:08 - 2018-02-02 16:08 - 000001244 _____ C:\Users\VIV\Adobe Photoshop 7.0.lnk
2018-02-02 15:03 - 2018-02-02 15:03 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2018-02-02 14:58 - 2018-02-02 14:58 - 000007227 _____ C:\Users\VL\Downloads\importedcontacts (4).adr
2018-02-02 14:53 - 2018-02-02 14:56 - 137329840 _____ (Microsoft Corporation) C:\Users\VL\Downloads\wlsetup-all.exe
2018-02-02 14:52 - 2018-02-02 14:52 - 000002793 _____ C:\Users\Public\Desktop\Greeting Card Factory Deluxe.lnk
2018-02-02 14:52 - 2018-02-02 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development
2018-02-02 14:44 - 2018-02-02 14:44 - 000000000 ____D C:\Program Files (x86)\Nova Development
2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Web Publish
2018-02-02 14:28 - 2018-02-02 14:28 - 000000000 _____ C:\WINDOWS\wplog.txt
2018-02-02 14:28 - 2001-02-26 18:58 - 000237568 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlUp.dll
2018-02-02 14:28 - 2001-02-23 09:56 - 000184320 _____ (Broderbund) C:\WINDOWS\SysWOW64\PretzlDn.dll
2018-02-02 14:26 - 2018-02-02 14:26 - 000001844 _____ C:\Users\Public\Desktop\PrintMaster 11.lnk
2018-02-02 14:26 - 2018-02-02 14:26 - 000000175 _____ C:\Users\Public\Desktop\ExpressIt.com.url
2018-02-02 14:26 - 2018-02-02 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMaster
2018-02-02 14:25 - 2018-02-02 14:28 - 000000000 ____D C:\Program Files (x86)\Broderbund
2018-02-02 14:25 - 2018-02-02 14:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-02 14:25 - 2001-02-27 17:08 - 000745472 ____N () C:\WINDOWS\SysWOW64\PMAppBuilder.dll
2018-02-02 14:25 - 2001-02-27 17:07 - 000090112 ____N () C:\WINDOWS\SysWOW64\PMovieServer.dll
2018-02-02 14:25 - 2001-02-27 17:07 - 000045056 ____N (The Learning Company, Inc.) C:\WINDOWS\SysWOW64\ImportClient.dll
2018-02-02 14:25 - 2001-02-27 16:53 - 000081920 ____N C:\WINDOWS\SysWOW64\CONNMGR.OCX
2018-02-02 14:25 - 2000-11-07 17:08 - 000073728 _____ (Mattel Interactive, Inc.) C:\WINDOWS\SysWOW64\ImageServerMI.dll
2018-02-02 14:25 - 2000-06-20 01:33 - 000045936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltvdd11w.drv
2018-02-02 14:25 - 2000-06-20 01:32 - 000392192 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltkrn11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000285184 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP11n.DLL
2018-02-02 14:25 - 2000-06-20 01:32 - 000262656 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000172032 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpng11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000152064 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lftif11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000127488 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltimg11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000118784 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltfil11n.DLL
2018-02-02 14:25 - 2000-06-20 01:32 - 000081408 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lffax11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000059392 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwmf11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpsd11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000041472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfgif11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfbmp11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcx11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfeps11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwpg11n.dll
2018-02-02 14:25 - 2000-06-20 01:32 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcd11n.dll
2018-02-02 14:25 - 2000-01-19 11:30 - 000053248 _____ () C:\WINDOWS\SysWOW64\PretzelSpellCheck.dll
2018-02-02 14:25 - 2000-01-19 10:21 - 000114176 _____ (Wintertree Software Inc.) C:\WINDOWS\SysWOW64\SSCE4132.DLL
2018-02-02 14:25 - 1999-04-21 05:08 - 000029184 ____N (Blue Sky Software) C:\WINDOWS\SysWOW64\Popup.ocx
2018-02-02 14:17 - 2018-02-04 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
2018-02-02 14:17 - 2018-02-02 14:17 - 000002711 _____ C:\Users\Public\Desktop\Jasc Paint Shop Pro 8.lnk
2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Users\VL\AppData\Roaming\Jasc Software Inc
2018-02-02 14:17 - 2018-02-02 14:17 - 000000000 ____D C:\Program Files (x86)\Jasc Software Inc
2018-02-02 14:13 - 2018-02-02 14:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Macromedia
2018-02-02 14:12 - 2018-02-02 14:12 - 000001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
2018-02-02 14:12 - 2018-02-02 14:12 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
2018-02-02 14:02 - 2018-02-02 14:02 - 000001331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2.0.lnk
2018-02-02 14:02 - 2018-02-02 14:02 - 000001319 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 2.0.lnk
2018-02-02 14:01 - 2002-07-17 02:18 - 000087392 ____N (Twain Working Group) C:\WINDOWS\twain.dll
2018-02-02 14:00 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2018-02-01 20:26 - 2018-02-01 20:26 - 000007239 _____ C:\Users\VL\Downloads\importedcontacts (3).adr
2018-02-01 20:17 - 2018-02-01 20:17 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (2).adr
2018-02-01 20:04 - 2018-02-01 20:04 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts (1).adr
2018-02-01 19:59 - 2018-02-01 19:59 - 000001360 _____ C:\Users\VL\Downloads\importedcontacts.adr
2018-02-01 19:52 - 2018-02-01 20:10 - 000005190 _____ C:\Users\VL\Desktop\contacts.csv
2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\DBG
2018-02-01 19:48 - 2018-02-01 19:48 - 000000000 ____D C:\Users\VL\AppData\Local\CrashDumps
2018-02-01 19:13 - 2018-02-02 20:40 - 000002186 _____ C:\Users\VIV\Opera Mail.lnk
2018-02-01 19:13 - 2018-02-01 19:13 - 012218880 _____ (Opera Software ASA) C:\Users\VL\Downloads\Opera-Mail-1.0-1044.i386.exe
2018-02-01 19:13 - 2018-02-01 19:13 - 000002037 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Mail.lnk
2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Mail
2018-02-01 19:13 - 2018-02-01 19:13 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Mail
2018-02-01 18:49 - 2018-02-01 18:49 - 000003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517510963
2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\Users\Public\Desktop\Opera browser.lnk
2018-02-01 18:49 - 2018-02-01 18:49 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Opera Software
2018-02-01 18:49 - 2018-02-01 18:49 - 000000000 ____D C:\Users\VL\AppData\Local\Opera Software
2018-02-01 18:48 - 2018-02-01 18:49 - 000000000 ____D C:\Program Files\Opera
2018-02-01 18:47 - 2018-02-01 18:47 - 001269744 _____ (Opera Software) C:\Users\VL\Downloads\OperaSetup.exe
2018-02-01 18:40 - 2018-02-01 18:40 - 000000000 ____D C:\Users\VL\AppData\Local\NetworkTiles
2018-02-01 18:31 - 2018-02-01 18:31 - 000002752 _____ C:\Users\VIV\Microsoft Word 2010.lnk
2018-02-01 18:30 - 2018-02-01 18:30 - 000002748 _____ C:\Users\VIV\Microsoft Publisher 2010.lnk
2018-02-01 18:30 - 2018-02-01 18:30 - 000002714 _____ C:\Users\VIV\Microsoft Excel 2010.lnk
2018-02-01 18:22 - 2018-02-02 15:03 - 000000000 ____D C:\Users\VL\AppData\Local\Windows Live
2018-02-01 17:04 - 2018-02-01 17:04 - 000000000 ____D C:\Program Files\Common Files\AV
2018-02-01 16:34 - 2018-02-13 16:24 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-02-01 16:32 - 2018-02-13 16:25 - 000000000 ____D C:\ProgramData\Norton
2018-02-01 16:32 - 2018-02-13 14:25 - 000000000 ____D C:\Users\Public\Downloads\Norton
2018-02-01 16:32 - 2018-02-01 16:32 - 000001336 _____ C:\Users\VL\Desktop\Norton Installation Files.lnk
2018-02-01 09:49 - 2018-02-01 09:49 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Users\VL\AppData\Roaming\Apple Computer
2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\ProgramData\Apple Computer
2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iTunes
2018-02-01 09:49 - 2018-02-01 09:49 - 000000000 ____D C:\Program Files\iPod
2018-02-01 09:48 - 2018-02-01 09:48 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\WINDOWS\pss
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Users\VL\AppData\Local\Apple
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files\Bonjour
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-02-01 09:48 - 2018-02-01 09:48 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-02-01 09:47 - 2018-02-01 09:48 - 000000000 ____D C:\ProgramData\Apple
2018-02-01 09:46 - 2018-02-01 09:46 - 000001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.5.lnk
2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2018-02-01 09:46 - 2018-02-01 09:46 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2018-02-01 09:44 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Skype
2018-02-01 09:43 - 2018-02-01 09:44 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-01 09:41 - 2018-02-01 09:41 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-01 09:41 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files\VideoLAN
2018-02-01 09:40 - 2018-02-01 09:40 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-02-01 09:40 - 2018-02-01 09:40 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-02-01 09:40 - 2018-02-01 09:40 - 000000000 ____D C:\Users\VL\AppData\Roaming\TeamViewer
2018-02-01 09:39 - 2018-02-11 17:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-01 09:39 - 2018-02-01 09:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-01 09:39 - 2018-02-01 09:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-01 09:39 - 2018-02-01 09:39 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-02-01 09:38 - 2018-02-01 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-01 09:37 - 2018-02-01 09:37 - 000425304 _____ (Secure By Design Inc.) C:\Users\VL\Downloads\Ninite Firefox Google Earth OpenOffice Skype Installer.exe
2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-01-30 17:33 - 2018-01-30 17:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-01-30 17:30 - 2018-02-01 15:54 - 000003280 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003
2018-01-30 17:28 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\CEF
2018-01-30 17:27 - 2018-01-30 17:28 - 000000000 ____D C:\Users\VL\AppData\Local\Adobe
2018-01-30 17:27 - 2018-01-30 17:27 - 000000000 ____D C:\Users\VL\AppData\LocalLow\Adobe
2018-01-30 17:25 - 2018-01-30 17:25 - 000001358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2018-01-30 17:25 - 2018-01-30 17:25 - 000000000 ____D C:\Program Files\Windows Live
2018-01-30 17:24 - 2018-02-02 15:03 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-01-30 17:24 - 2018-01-29 20:10 - 000001895 _____ C:\Users\VIV\Documents\ProduKey.txt
2018-01-30 17:24 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2018-01-30 17:24 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2018-01-30 17:24 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2018-01-30 17:24 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2018-01-30 17:24 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2018-01-30 17:24 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-01-30 17:24 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2018-01-30 17:24 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-01-30 17:23 - 2018-02-05 14:16 - 000000000 ____D C:\Users\VIV\AppData\Local\Windows Live
2018-01-30 17:23 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2018-01-30 17:23 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2018-01-30 17:23 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2018-01-30 17:23 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2018-01-30 17:20 - 2018-01-30 17:20 - 000002714 _____ C:\Users\VIV\Desktop\Microsoft Excel 2010.lnk
2018-01-30 17:19 - 2018-01-30 17:19 - 000002752 _____ C:\Users\VIV\Desktop\Microsoft Word 2010.lnk
2018-01-30 17:12 - 2018-02-06 02:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-30 17:12 - 2018-02-06 02:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files\MSBuild
2018-01-30 17:09 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-30 17:04 - 2018-01-30 17:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-01-30 17:04 - 2018-01-30 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-01-30 17:03 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2018-01-30 17:00 - 2018-01-30 17:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2018-01-30 16:59 - 2018-01-30 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 __RHD C:\MSOCache
2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files\Microsoft Office
2018-01-30 16:59 - 2018-01-30 16:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-01-30 16:42 - 2018-01-30 16:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Temp
2018-01-30 16:41 - 2018-01-30 16:41 - 000000000 ____D C:\Users\VIV\AppData\Local\Microsoft Help
2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Adobe
2018-01-30 16:24 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\CEF
2018-01-30 16:17 - 2018-02-10 08:48 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-30 16:17 - 2018-02-07 13:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-30 16:17 - 2018-02-07 13:38 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-30 16:17 - 2018-01-30 17:27 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-30 16:17 - 2018-01-30 17:27 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-30 16:17 - 2018-01-30 16:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

 

018-01-30 16:16 - 2018-02-02 14:11 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-30 16:16 - 2018-01-30 16:25 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-01-30 16:16 - 2018-01-30 16:24 - 000000000 ____D C:\ProgramData\Adobe
2018-01-30 16:16 - 2018-01-30 16:16 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-01-30 16:14 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Adobe
2018-01-30 16:13 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-01-30 16:13 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-30 16:13 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-01-30 16:13 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-01-30 16:13 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-30 16:13 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-01-30 16:10 - 2018-01-30 16:10 - 000001323 _____ C:\Users\VIV\Desktop\Internet Explorer.lnk
2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-01-30 15:34 - 2018-01-30 15:34 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-01-30 15:14 - 2018-01-30 15:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-30 15:14 - 2018-01-30 15:14 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-30 15:13 - 2018-01-30 15:13 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-30 15:12 - 2018-02-02 20:39 - 000000000 ____D C:\Users\VL\AppData\Local\PlaceholderTileLogoFolder
2018-01-30 15:11 - 2018-02-02 14:23 - 000000000 ____D C:\Users\VL\AppData\Local\Comms
2018-01-30 15:03 - 2018-01-01 17:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-30 15:03 - 2018-01-01 12:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-30 15:03 - 2018-01-01 12:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-30 15:03 - 2018-01-01 12:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-30 15:03 - 2018-01-01 12:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-30 15:03 - 2018-01-01 12:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-30 15:03 - 2018-01-01 12:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-30 15:03 - 2018-01-01 12:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-30 15:03 - 2018-01-01 12:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-30 15:03 - 2018-01-01 12:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-30 15:03 - 2018-01-01 12:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-30 15:03 - 2018-01-01 12:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-30 15:03 - 2018-01-01 12:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-30 15:03 - 2018-01-01 12:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-30 15:03 - 2018-01-01 12:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-30 15:03 - 2018-01-01 12:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-30 15:03 - 2018-01-01 12:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-30 15:03 - 2018-01-01 12:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-30 15:03 - 2018-01-01 12:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-30 15:03 - 2018-01-01 12:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-30 15:03 - 2018-01-01 12:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-30 15:03 - 2018-01-01 12:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-30 15:03 - 2018-01-01 12:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-30 15:03 - 2018-01-01 12:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-30 15:03 - 2018-01-01 12:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-30 15:03 - 2018-01-01 12:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-30 15:03 - 2018-01-01 12:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-30 15:03 - 2018-01-01 12:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-30 15:03 - 2018-01-01 12:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-30 15:03 - 2018-01-01 12:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-30 15:03 - 2018-01-01 12:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-30 15:03 - 2018-01-01 12:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-30 15:03 - 2018-01-01 12:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-30 15:03 - 2018-01-01 12:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-30 15:03 - 2018-01-01 12:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-30 15:03 - 2018-01-01 12:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-30 15:03 - 2018-01-01 12:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-30 15:03 - 2018-01-01 12:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-30 15:03 - 2018-01-01 12:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-30 15:03 - 2018-01-01 12:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-30 15:03 - 2018-01-01 12:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-30 15:03 - 2018-01-01 12:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-30 15:03 - 2018-01-01 12:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-30 15:03 - 2018-01-01 12:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-30 15:03 - 2018-01-01 12:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-30 15:03 - 2018-01-01 12:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-30 15:03 - 2018-01-01 12:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-30 15:03 - 2018-01-01 12:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-30 15:03 - 2018-01-01 12:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-30 15:03 - 2018-01-01 12:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-30 15:03 - 2018-01-01 12:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-30 15:03 - 2018-01-01 12:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-30 15:03 - 2018-01-01 12:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-30 15:03 - 2018-01-01 12:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-30 15:03 - 2018-01-01 12:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-30 15:03 - 2018-01-01 12:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-30 15:03 - 2018-01-01 12:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-30 15:03 - 2018-01-01 12:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-30 15:03 - 2018-01-01 12:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-30 15:03 - 2018-01-01 12:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-30 15:03 - 2018-01-01 12:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-30 15:03 - 2018-01-01 12:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-30 15:03 - 2018-01-01 12:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-30 15:03 - 2018-01-01 12:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-30 15:03 - 2018-01-01 12:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-30 15:03 - 2018-01-01 12:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-30 15:03 - 2018-01-01 12:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-30 15:03 - 2018-01-01 12:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-30 15:03 - 2018-01-01 12:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-30 15:03 - 2018-01-01 12:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-30 15:03 - 2018-01-01 12:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-30 15:03 - 2018-01-01 12:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-30 15:03 - 2018-01-01 12:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-30 15:03 - 2018-01-01 12:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-30 15:03 - 2018-01-01 12:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-30 15:03 - 2018-01-01 12:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-30 15:03 - 2018-01-01 12:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-30 15:03 - 2018-01-01 12:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-30 15:03 - 2018-01-01 12:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-30 15:03 - 2018-01-01 12:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-30 15:03 - 2018-01-01 12:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-30 15:03 - 2018-01-01 12:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-30 15:03 - 2018-01-01 11:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-30 15:03 - 2018-01-01 11:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-30 15:03 - 2018-01-01 11:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-30 15:03 - 2018-01-01 11:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-30 15:03 - 2018-01-01 11:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-30 15:03 - 2018-01-01 11:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-30 15:03 - 2018-01-01 11:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-30 15:03 - 2018-01-01 11:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-30 15:03 - 2018-01-01 11:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-30 15:03 - 2018-01-01 11:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-30 15:03 - 2018-01-01 11:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-30 15:03 - 2018-01-01 11:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-30 15:03 - 2018-01-01 11:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-30 15:03 - 2018-01-01 11:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-30 15:03 - 2018-01-01 11:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-30 15:03 - 2018-01-01 11:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-30 15:03 - 2018-01-01 11:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-30 15:03 - 2018-01-01 11:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-30 15:03 - 2018-01-01 11:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-30 15:03 - 2018-01-01 11:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-30 15:03 - 2018-01-01 11:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-30 15:03 - 2018-01-01 11:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-30 15:03 - 2018-01-01 11:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-30 15:03 - 2018-01-01 11:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-30 15:03 - 2018-01-01 11:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-30 15:03 - 2018-01-01 11:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-30 15:03 - 2018-01-01 11:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-30 15:03 - 2018-01-01 11:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-30 15:03 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-30 15:03 - 2018-01-01 11:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-30 15:03 - 2018-01-01 11:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-30 15:03 - 2018-01-01 11:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-30 15:03 - 2018-01-01 11:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-30 15:03 - 2018-01-01 11:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-30 15:03 - 2018-01-01 11:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-30 15:03 - 2018-01-01 11:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-30 15:03 - 2018-01-01 11:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-30 15:03 - 2018-01-01 11:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-30 15:03 - 2018-01-01 11:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-30 15:03 - 2018-01-01 11:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-30 15:03 - 2018-01-01 11:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-30 15:03 - 2018-01-01 11:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-30 15:03 - 2018-01-01 11:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-30 15:03 - 2018-01-01 11:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-30 15:03 - 2018-01-01 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-30 15:03 - 2018-01-01 11:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-30 15:03 - 2018-01-01 11:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-30 15:03 - 2018-01-01 11:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-30 15:03 - 2018-01-01 11:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-30 15:03 - 2018-01-01 11:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-30 15:03 - 2018-01-01 11:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-30 15:03 - 2018-01-01 11:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-30 15:03 - 2018-01-01 11:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-30 15:03 - 2018-01-01 11:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-30 15:03 - 2018-01-01 11:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-30 15:03 - 2018-01-01 11:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-30 15:03 - 2018-01-01 11:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-30 15:03 - 2018-01-01 11:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-30 15:03 - 2018-01-01 11:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-30 15:03 - 2018-01-01 11:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-30 15:03 - 2018-01-01 11:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-30 15:02 - 2018-01-01 11:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-30 15:02 - 2018-01-01 11:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-30 15:02 - 2018-01-01 11:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-30 15:02 - 2018-01-01 11:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-30 15:02 - 2018-01-01 11:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-30 15:02 - 2018-01-01 11:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-30 15:02 - 2018-01-01 11:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-30 15:02 - 2018-01-01 11:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-30 15:02 - 2018-01-01 11:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-30 15:02 - 2018-01-01 11:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-30 15:02 - 2018-01-01 11:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-30 15:02 - 2018-01-01 11:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-30 15:02 - 2018-01-01 11:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-30 15:02 - 2018-01-01 11:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-30 15:02 - 2018-01-01 11:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-30 15:02 - 2018-01-01 11:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-30 15:02 - 2018-01-01 11:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-30 15:02 - 2018-01-01 11:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-30 15:02 - 2018-01-01 11:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-30 15:02 - 2018-01-01 11:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-30 15:02 - 2018-01-01 11:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-30 15:02 - 2018-01-01 11:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-30 15:02 - 2018-01-01 11:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-30 15:02 - 2018-01-01 11:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-30 15:02 - 2018-01-01 11:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-30 15:02 - 2018-01-01 11:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-30 15:02 - 2018-01-01 11:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-30 15:02 - 2018-01-01 11:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-30 15:02 - 2018-01-01 11:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-30 14:57 - 2018-01-30 14:57 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1003
2018-01-30 14:56 - 2018-01-30 14:57 - 000002358 _____ C:\Users\VL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 14:56 - 2018-01-30 14:57 - 000000000 ___RD C:\Users\VL\OneDrive
2018-01-30 14:55 - 2018-02-02 20:21 - 000000000 ____D C:\Users\VL\AppData\Local\Packages
2018-01-30 14:55 - 2018-02-02 20:13 - 000000000 ____D C:\Users\VL\AppData\Local\ConnectedDevicesPlatform
2018-01-30 14:55 - 2018-02-02 17:18 - 000000000 ____D C:\Users\VL\AppData\Local\Publishers
2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Roaming\Adobe
2018-01-30 14:55 - 2018-02-02 14:41 - 000000000 ____D C:\Users\VL\AppData\Local\VirtualStore
2018-01-30 14:55 - 2018-01-30 17:27 - 000000000 ___RD C:\Users\VL\3D Objects
2018-01-30 14:55 - 2018-01-30 14:55 - 000000020 ___SH C:\Users\VL\ntuser.ini
2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ___HD C:\Users\VL\MicrosoftEdgeBackups
2018-01-30 14:55 - 2018-01-30 14:55 - 000000000 ____D C:\Users\VL\AppData\Local\MicrosoftEdge
2018-01-30 13:39 - 2018-01-30 13:39 - 000000000 ____D C:\Users\VIV\AppData\Local\NetworkTiles
2018-01-30 11:06 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\PlaceholderTileLogoFolder
2018-01-30 11:05 - 2018-01-30 11:05 - 000000000 ____D C:\Users\VIV\AppData\Local\Comms
2018-01-30 10:51 - 2018-01-30 10:51 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1002
2018-01-30 10:50 - 2018-01-30 10:51 - 000002361 _____ C:\Users\VIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 10:50 - 2018-01-30 10:51 - 000000000 ___RD C:\Users\VIV\OneDrive
2018-01-30 10:49 - 2018-02-09 11:31 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Adobe
2018-01-30 10:49 - 2018-02-05 15:17 - 000000000 ____D C:\Users\VIV\AppData\Local\Publishers
2018-01-30 10:49 - 2018-02-04 14:51 - 000000000 ____D C:\Users\VIV\AppData\Local\VirtualStore
2018-01-30 10:49 - 2018-02-03 14:34 - 000000000 ____D C:\Users\VIV\AppData\Local\Packages
2018-01-30 10:49 - 2018-01-30 17:12 - 000000000 ___RD C:\Users\VIV\3D Objects
2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ___HD C:\Users\VIV\MicrosoftEdgeBackups
2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\MicrosoftEdge
2018-01-30 10:49 - 2018-01-30 10:49 - 000000000 ____D C:\Users\VIV\AppData\Local\ConnectedDevicesPlatform
2018-01-30 10:48 - 2018-01-30 10:48 - 000000020 ___SH C:\Users\VIV\ntuser.ini
2018-01-30 10:48 - 2018-01-30 10:48 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-30 10:38 - 2018-01-30 10:38 - 000000000 ____D C:\ProgramData\USOShared
2018-01-30 10:35 - 2018-02-13 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-30 10:35 - 2018-01-30 10:49 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1150477090-3809027948-3889013003-1001
2018-01-30 10:34 - 2018-01-30 10:34 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-01-30 10:34 - 2018-01-30 10:34 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-01-30 10:28 - 2018-01-30 10:28 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-30 10:25 - 2018-02-13 14:49 - 000000000 ____D C:\Users\VIV
2018-01-30 10:25 - 2018-02-02 16:36 - 000000000 ____D C:\Users\VL
2018-01-30 10:23 - 2017-09-29 13:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-30 10:21 - 2018-02-13 17:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-30 10:21 - 2018-02-10 15:36 - 000634176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-29 21:20 - 2018-01-30 10:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-29 21:20 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-29 21:06 - 2018-01-29 21:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-29 20:24 - 2018-01-30 10:37 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-29 20:20 - 2018-01-29 20:24 - 000000036 _____ C:\WINDOWS\progress.ini
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Updater
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Serif
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\Open Show 2015
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\sun
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2018-01-29 20:11 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\AKVIS

 

2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VL\Documents\Fax
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Downloads\Driver Support
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Updater
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\RocketLifeNetwork
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\PassMark
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (3)
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder (2)
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\New folder
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\DrawPad
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\AdobeStockPhotos
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\.tmp.drivedownload
2018-01-29 20:10 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Desktop\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\AppData\Roaming\Skype
2018-01-29 20:08 - 2018-01-29 20:11 - 000000000 ____D C:\Users\Public\Documents\Adobe PDF
2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-01-29 20:08 - 2018-01-29 20:08 - 000000000 ____D C:\Users\Public\Documents\Stroud & Swindon
2018-01-29 19:54 - 2018-02-01 09:45 - 000000000 ____D C:\Users\VL\AppData\Local\Google
2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\RookMilanoInstaller
2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\revouninstaller
2018-01-29 19:54 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\PDFXVwer
2018-01-29 19:53 - 2018-01-29 19:54 - 000000000 ____D C:\Users\VL\Downloads\John Lewis Your receipt_files
2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\HP Downloads
2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Google_files
2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent (1)
2018-01-29 19:53 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\CryptoPrevent
2018-01-29 19:52 - 2018-01-29 19:53 - 000000000 ____D C:\Users\VL\Downloads\Adobe Acrobat XI Pro
2018-01-29 19:42 - 2018-01-30 10:37 - 000000000 ___HD C:\$GetCurrent
2018-01-29 19:41 - 2018-01-30 10:38 - 000000000 ____D C:\Windows10Upgrade
2018-01-29 19:41 - 2018-01-29 19:41 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-01-29 19:39 - 2018-01-29 19:39 - 000000000 ____D C:\Users\VL\Documents\Whisper
2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\VL-HP
2018-01-29 19:38 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Travel Docs
2018-01-29 19:32 - 2018-01-29 19:38 - 000000000 ____D C:\Users\VL\Documents\Transfer Files from old pc
2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tools
2018-01-29 19:32 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site 2006
2018-01-29 19:31 - 2018-01-29 20:11 - 000000000 ____D C:\Users\VL\Documents\samsung
2018-01-29 19:31 - 2018-01-29 19:32 - 000000000 ____D C:\Users\VL\Documents\Tisgrow wenb site
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2011
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisgrow 2010
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbus images
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2011
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls website 2010
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Tisbowls Website 2009
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Symantec
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Stuart
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Soda PDF Files
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\SelfMV
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Scanned Documents
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\recovered photos
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\Problems
2018-01-29 19:31 - 2018-01-29 19:31 - 000000000 ____D C:\Users\VL\Documents\plusnet
2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Open Show Schedule
2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\OneNote Notebooks
2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\NatWest
2018-01-29 19:25 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\Nadder Valley Walks
2018-01-29 19:24 - 2018-02-02 14:18 - 000000000 ____D C:\Users\VL\Documents\My PSP8 Files
2018-01-29 19:24 - 2018-01-29 19:25 - 000000000 ____D C:\Users\VL\Documents\My Scans
2018-01-29 19:24 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Kindle Content
2018-01-29 19:20 - 2018-01-30 10:18 - 000000000 ____D C:\Program Files\UNP
2018-01-29 19:20 - 2018-01-29 19:30 - 000000000 ____D C:\Program Files\rempl
2018-01-29 19:20 - 2018-01-29 19:20 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-01-29 18:57 - 2018-01-29 19:24 - 000000000 ____D C:\Users\VL\Documents\My Documents 2
2018-01-29 16:36 - 2018-01-23 18:58 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Digital Editions
2018-01-29 16:32 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Data Sources
2018-01-29 16:13 - 2018-01-29 16:32 - 000000000 ____D C:\Users\VL\Documents\My Backup
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Medical
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Malwarebites
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Mail
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Legend of the Crystal Skull
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2015
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural Society 2014
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2013
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2012
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2011
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2010
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Horticultural 2009
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2008
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2007
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Hort Soc 2006
2018-01-29 16:13 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Handbooks
2018-01-29 16:12 - 2018-01-29 16:13 - 000000000 ____D C:\Users\VL\Documents\Dinton WI
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Coventry Building Society – Savings - Your new account details_files
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Correspondence
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christmas letters 2014
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Christine
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Cards
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Competition Masters
2018-01-29 16:12 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\bowls alpha web site 2008
2018-01-29 16:11 - 2018-01-29 16:12 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2015
2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2014
2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2013
2018-01-29 16:11 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2012
2018-01-29 16:10 - 2018-01-29 16:11 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2011
2018-01-29 16:10 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2010
2018-01-29 16:09 - 2018-01-29 16:10 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2009
2018-01-29 16:09 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2008
2018-01-29 16:08 - 2018-01-29 16:09 - 000000000 ____D C:\Users\VL\Documents\Bowls Alpha 2007
2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bowling Club Rules
2018-01-29 16:08 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bosch
2018-01-29 16:07 - 2018-01-29 16:08 - 000000000 ____D C:\Users\VL\Documents\Bill
2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Barnsley Building Society
2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Autoruns
2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Andy
2018-01-29 16:07 - 2018-01-29 16:07 - 000000000 ____D C:\Users\VL\Documents\Allotment Accounts
2018-01-29 16:06 - 2018-01-29 19:58 - 000000000 ____D C:\Users\VL\AppData\Roaming\Thunderbird
2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Documents\PDFelement
2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\Desktop\OpenOffice 4.1.1 (en-GB) Installation Files
2018-01-29 16:06 - 2018-01-29 16:06 - 000000000 ____D C:\Users\VL\AppData\Roaming\Mozilla
2018-01-29 16:01 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Skype
2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Opera Software
2018-01-29 15:38 - 2018-01-29 15:38 - 000000000 ____D C:\Users\VIV\AppData\LocalLow\Google
2018-01-29 15:36 - 2018-01-30 16:24 - 000000000 ____D C:\Users\VIV\AppData\Local\Google
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Vivian Longland_files
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\uninstallview-x64
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\SeatingPlanner_Pro2.0EN
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\produkey-x64
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Malwarebites
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\HP Downloads
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\Free File Unlocker Portable
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin10
2018-01-29 15:36 - 2018-01-29 15:36 - 000000000 ____D C:\Users\VIV\Downloads\FixWin 10.0.1.0
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\DriveManager_v1.0.175_Full
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\chromecacheview (1)
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\caesium-1.7.0-port
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (2)
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\browserpasswords (1)
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Barnsley Building Society
2018-01-29 15:35 - 2018-01-29 15:35 - 000000000 ____D C:\Users\VIV\Downloads\Andy
2018-01-29 15:27 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\Scanned Documents
2018-01-29 15:27 - 2018-01-29 15:27 - 000000000 ____D C:\Users\VIV\Documents\SelfMV
2018-01-29 15:26 - 2018-01-30 17:26 - 000000000 ____D C:\Users\VIV\Documents\Outlook Files
2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\samsung
2018-01-29 15:26 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MyHeritage
2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Remote Assistance Logs
2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Photostage Projects
2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\OneNote Notebooks
2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\Norton Identity Safe Backups
2018-01-29 15:26 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Smilebox Creations
2018-01-29 15:25 - 2018-02-04 14:39 - 000000000 ____D C:\Users\VIV\Documents\My PSP8 Files
2018-01-29 15:25 - 2018-01-29 15:26 - 000000000 ____D C:\Users\VIV\Documents\My Scans
2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Print Creations
2018-01-29 15:25 - 2018-01-29 15:25 - 000000000 ____D C:\Users\VIV\Documents\My Filehippo Downloads
2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\My Digital Editions
2018-01-29 15:24 - 2018-01-29 20:10 - 000000000 ____D C:\Users\VIV\Documents\MailStore Home
2018-01-29 15:24 - 2018-01-29 15:41 - 000000000 ____D C:\Users\VIV\Documents\My Data Sources
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Media
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Mail
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\HpReg_Backup
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Hi Slider
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\FixWin10
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\Fax
2018-01-29 15:24 - 2018-01-29 15:24 - 000000000 ____D C:\Users\VIV\Documents\engine1
2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\data1
2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\chromecacheview (1)
2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\Calendar 2018
2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\bOWLS wEB sITE
2018-01-29 15:19 - 2018-01-29 15:19 - 000000000 ____D C:\Users\VIV\Documents\3 November 2017
2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Thunderbird
2018-01-29 14:53 - 2018-02-10 15:16 - 000000000 ____D C:\Users\VIV\AppData\Roaming\Mozilla
2018-01-29 14:40 - 2018-01-29 14:40 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Program Files (x86)\Intel
2018-01-29 14:39 - 2018-01-29 14:39 - 000000000 ____D C:\Intel
2018-01-29 14:38 - 2018-02-13 14:43 - 000970010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-29 14:38 - 2018-01-30 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-01-29 14:38 - 2018-01-29 21:20 - 000000000 ____D C:\Program Files\Realtek
2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Hauppauge
2018-01-29 14:37 - 2018-01-29 21:20 - 000000000 ____D C:\WINDOWS\system32\Hauppauge
2018-01-29 14:33 - 2018-01-30 17:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-18 15:51 - 2018-01-18 15:51 - 000000000 _____ C:\Users\VIV\Documents\Default.rdp
2018-01-16 14:42 - 2018-01-16 14:44 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331 (1).zip
2018-01-16 14:29 - 2018-01-16 14:32 - 136419130 _____ C:\Users\VIV\Downloads\wlsetup-all-2012-16.4.3528.331.zip
2018-01-16 14:26 - 2018-01-16 14:28 - 111401136 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\wlsetup-all.exe
2018-01-15 20:31 - 2018-01-15 20:32 - 022532127 _____ C:\Users\VIV\Downloads\d876844b-3c15-4269-9ba7-bf46fca0d58a.tmp
2018-01-15 20:21 - 2018-01-15 20:21 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (14).diagcab
2018-01-15 20:15 - 2018-01-15 20:15 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (13).diagcab
2018-01-15 20:10 - 2018-01-15 20:10 - 000221662 _____ C:\Users\VIV\Downloads\MicrosoftProgram_Install_and_Uninstall.meta (12).diagcab
2018-01-15 18:50 - 2018-01-15 18:50 - 001239752 _____ (Microsoft Corporation) C:\Users\VIV\Desktop\pair windows.exe
2018-01-15 15:29 - 2018-01-15 15:29 - 002584494 _____ C:\Users\VIV\Downloads\pdf2doc (1).zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 16:31 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-13 16:24 - 2017-09-29 13:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-02-13 16:23 - 2017-09-29 08:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-13 14:49 - 2017-09-29 13:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-13 14:44 - 2017-09-29 08:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-13 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-07 09:43 - 2017-09-29 13:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-04 18:54 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-02-02 14:28 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-02 11:53 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-01 15:49 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-01 10:01 - 2015-10-30 07:24 - 000000167 _____ C:\WINDOWS\win.ini
2018-02-01 09:49 - 2017-09-29 13:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-01 09:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-30 17:09 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-30 17:08 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-30 17:08 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-30 17:04 - 2015-10-30 18:08 - 000000000 ____D C:\WINDOWS\ShellNew
2018-01-30 15:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Web
2018-01-30 15:06 - 2017-09-29 13:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-30 15:06 - 2017-09-29 13:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-30 15:06 - 2017-09-29 13:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-30 10:38 - 2017-09-29 13:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-30 10:35 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-30 10:33 - 2017-09-29 13:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-30 10:25 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-01-30 10:22 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-30 10:20 - 2017-09-29 13:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-30 10:18 - 2017-09-29 13:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-30 10:18 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-30 10:18 - 2015-10-30 07:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-29 16:07 - 2015-03-24 10:34 - 000004180 _____ C:\Users\VL\Documents\Re_.eml
2018-01-29 16:07 - 2015-03-24 10:31 - 000010617 _____ C:\Users\VL\Documents\Transcript of your chat.eml
2018-01-29 16:07 - 2014-03-04 10:02 - 000002393 _____ C:\Users\VL\Documents\Patient Access Registration Submitted.eml
2018-01-29 16:07 - 2013-10-28 12:52 - 000007330 _____ C:\Users\VL\Documents\Your Serif.com password.eml
2018-01-29 16:07 - 2013-10-28 12:50 - 000077147 _____ C:\Users\VL\Documents\Photo from 10 Aug 2013.eml
2018-01-29 15:19 - 2018-01-12 15:16 - 000037246 _____ C:\Users\VIV\Documents\Order number 124293921 Your service guarantee.eml
2018-01-29 15:19 - 2017-10-13 16:14 - 000089164 _____ C:\Users\VIV\Documents\Saved emails 2.eml
2018-01-29 15:19 - 2017-10-13 16:13 - 000089164 _____ C:\Users\VIV\Documents\Your M&S order acknowledgement.eml
2018-01-29 15:19 - 2017-10-07 16:58 - 000031567 _____ C:\Users\VIV\Documents\Saved emails.eml
2018-01-29 15:19 - 2015-11-10 14:12 - 000002393 _____ C:\Users\VIV\Documents\Patient Access Registration Submitted.eml
2018-01-29 15:19 - 2015-09-07 18:06 - 000010617 _____ C:\Users\VIV\Documents\Transcript of your chat.eml
2018-01-29 15:18 - 2017-06-18 13:20 - 000012689 _____ C:\Users\VIV\Documents\Fw_ Another go at the photos from allotment bbq.eml
2018-01-14 15:45 - 2015-09-07 14:02 - 000000420 _____ C:\Users\VIV\Desktop\Computer.lnk

==================== Files in the root of some directories =======

2018-02-11 15:49 - 2018-02-11 15:49 - 000000000 _____ () C:\Users\VIV\AppData\Roaming\signature.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-09 12:17

==================== End of FRST.txt ============================
Now I will do additions

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by VIV (13-02-2018 19:36:14)
Running from C:\Users\VIV\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2018-01-30 10:37:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1150477090-3809027948-3889013003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1150477090-3809027948-3889013003-503 - Limited - Disabled)
Guest (S-1-5-21-1150477090-3809027948-3889013003-501 - Limited - Disabled)
VIV (S-1-5-21-1150477090-3809027948-3889013003-1002 - Administrator - Enabled) => C:\Users\VIV
VL (S-1-5-21-1150477090-3809027948-3889013003-1003 - Administrator - Enabled) => C:\Users\VL
WDAGUtilityAccount (S-1-5-21-1150477090-3809027948-3889013003-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
Greeting Card Factory Deluxe 7.0 (HKLM-x32\...\{55D6B4DA-50E9-47AF-99C1-9A8E3A234763}) (Version: 7.0.0.11 - Nova Development)
iTunes (HKLM\...\{7EE6E263-19DA-4A33-BB8C-9BDC12BA1918}) (Version: 12.7.3.46 - Apple Inc.)
Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.3000 - Jasc Software Inc)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LibreOffice 6.0.0.3 (HKLM\...\{DD7E9D37-CA78-459A-8BA8-29BBF29CF257}) (Version: 6.0.0.3 - The Document Foundation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
Mozilla Firefox 58.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 58.0.1 (x64 en-GB)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.2.7 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
Norton WiFi Privacy (HKLM-x32\...\Norton WiFi Privacy) (Version: 1.2.162 - Symantec Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{708F0253-F566-48F3-9B88-06F48F16548B}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
PrintMaster (HKLM-x32\...\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.2.7\NavShExt.dll [2017-11-11] (Symantec Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {31A7E136-B553-4B42-B295-2AC1EE53B317} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.)
Task: {3EEF8687-4121-414A-8F15-DCAD3AB8B0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {606A7CFB-0BF6-4A5E-AC38-CCB37F46886D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-11-11] (Symantec Corporation)
Task: {6DD5F55C-FF5F-4B87-A6B5-44A5767FD09A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.)
Task: {782D2CCB-971C-4FD7-96E4-538DC874846A} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {86732E5A-F919-493B-880D-61FAB22A9A1B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-02] (Dropbox, Inc.)
Task: {8F24CF9F-E307-42BA-9F57-5B8C1F640A6D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1150477090-3809027948-3889013003-1003
Task: {A2F48631-9E08-4A66-9029-11B0E58E1DE0} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {A9B4F320-8754-4769-A4BF-476A66CC1F71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {BFECE911-950F-4B12-973E-B0FCB25F27ED} - System32\Tasks\Norton Security Scan for VIV => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
Task: {C9ABD8F3-388B-4EAA-A1B6-9DCC7DF42596} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E8919733-2BF1-44FD-B923-85D17C3F67B2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {E9520C04-EA3F-4ECA-8547-8875667D6C95} - System32\Tasks\Opera scheduled Autoupdate 1517510963 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {F01429E1-6241-465D-9773-0FEBFFEBE0AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-30] (Google Inc.)
Task: {FD96073D-183A-48B3-8094-DD588B4DAABC} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.2.7\WSCStub.exe [2017-11-11] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 13:41 - 2017-09-29 13:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2009-12-19 00:18 - 2009-12-19 00:18 - 000420864 _____ () C:\WINDOWS\system32\hauppauge\hcwD3dvb\DVBT\cutil64.dll
2017-08-29 16:02 - 2017-08-29 16:02 - 001363064 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\NWPService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-12-14 01:33 - 2017-12-14 01:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 01:33 - 2017-12-14 01:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 11:20 - 2018-01-30 11:20 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 11:20 - 2018-01-30 11:20 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 11:20 - 2018-01-30 11:20 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 11:20 - 2018-01-30 11:20 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2007-08-25 01:03 - 2007-08-25 01:03 - 000185664 _____ () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 7.0\ReminderApp.exe
2018-02-02 08:50 - 2018-02-02 08:50 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-01-30 11:19 - 2018-01-30 11:20 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-01-30 11:19 - 2018-01-30 11:19 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-30 14:37 - 2017-09-30 14:37 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-01-30 11:19 - 2018-01-30 11:20 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2018-02-06 15:57 - 2018-02-06 16:02 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-02-07 13:38 - 2018-02-01 06:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
2018-02-07 13:38 - 2018-02-01 06:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
2018-02-01 18:49 - 2018-01-22 06:02 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll
2018-02-01 18:49 - 2018-01-22 06:02 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll
2018-02-01 18:49 - 2018-01-22 06:02 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll
2017-08-29 16:02 - 2017-08-29 16:02 - 000085624 _____ () C:\Program Files (x86)\Norton WiFi Privacy\client\ZLIB1.dll
2018-02-10 08:47 - 2018-02-08 20:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-02-10 08:47 - 2018-02-08 20:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-02-02 16:30 - 2018-02-08 20:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-02-02 16:30 - 2018-02-08 20:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-02-02 16:30 - 2018-02-08 20:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-02-02 16:30 - 2018-02-08 20:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-02-02 16:30 - 2018-02-08 20:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-02-02 16:30 - 2018-02-08 20:12 - 000100704 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-02-02 16:30 - 2018-02-08 20:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-02-02 16:30 - 2018-02-08 20:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-02-10 08:47 - 2018-02-08 20:12 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-02-10 08:47 - 2018-02-08 20:10 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-02-02 16:30 - 2018-02-08 20:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-02-02 16:30 - 2018-02-08 20:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-10 08:47 - 2018-02-08 20:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-02-10 08:47 - 2018-02-08 20:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-02-02 16:30 - 2018-02-08 20:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2017-11-27 21:03 - 2017-11-27 21:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2017-11-04 20:57 - 2017-11-04 20:57 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-11-04 20:57 - 2017-11-04 20:57 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 07:24 - 2015-10-30 07:21 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1150477090-3809027948-3889013003-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\VIV\Pictures\WallPaper\Grandad and Abs.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{5A897D85-AEB7-42B6-B976-4E24357D5C93}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [UDP Query User{63711DFC-D477-4057-B496-CB6DBED8248C}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [{E6370C48-C939-40EA-AEC5-5D7A2AC3F228}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E57F0676-9E6F-4C90-8169-77848BDB441F}] => (Allow) LPort=2869
FirewallRules: [{B1948805-471A-4942-B99D-84EEB52B1EE5}] => (Allow) LPort=1900
FirewallRules: [{75DB82AE-0838-4091-AE72-3182C71B70CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2366D8C2-7251-490E-981E-CB5B5FAB616A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3772E7C4-B09C-4D15-ABEC-5C46F5EF450A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E2E37B12-1EFF-4800-A200-1C489002A72B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{995D74BC-9C2E-4C42-B964-101BC41092FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6CC6C1B3-9509-4099-8DA4-76CEF93C4ED7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{52971463-FF9B-47B3-992F-894689DE941D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D79DEAC9-6EC0-4B9A-A1C7-1A826AFA652F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE538B16-5F95-4873-AA99-8095D1B7E4BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{34230887-2B6E-4998-B3AA-2D19A3FEBD49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9B39BF6F-BB10-423F-9531-CC9DFBE5E5C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4100553D-5B0D-4D9B-814D-B755498D2FA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{848C261F-8565-4C59-9E1A-0E1DA4B99187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1CB27F01-5E6E-461D-9CC5-FC8CBA09E1A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F479254F-644A-4303-A629-D70E2C4300E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{4AB9DFBE-FED6-4857-9FD8-92EB6935A210}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{8741FCF8-BA71-4688-8265-6E684C52620A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{7E078FF9-ACEB-4768-ADF6-BCF930770565}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{763A3A0D-6FCA-4DC1-9317-F9814F8E7516}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{854426F9-8B99-4731-8B1B-40E1B25EA71A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F08271E9-CBB7-4371-A1B6-D73275B421D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{52BDFB19-D433-4285-90B7-26195FA7DBEB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5AD600CC-3975-43DF-BED3-B2EBF89E6AD6}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
FirewallRules: [{BD003532-A4D4-4FDC-B6DF-D21D67B65486}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EA6000F4-9CEA-475D-AD6C-70D674C26E39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AAF058CA-02D7-4F7A-BAD3-1B54012AF260}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

02-02-2018 11:21:41 New Hard Drive
07-02-2018 09:43:17 Windows Update
09-02-2018 17:03:18 Installed LibreOffice 6.0.0.3
13-02-2018 16:58:08 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2018 02:41:37 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Norton Security status to SECURITY_PRODUCT_STATE_EXPIRED.

Error: (02/11/2018 04:33:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: claws-mail.exe, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00052bda
Faulting process ID: 0x824
Faulting application start time: 0x01d3a3548f7e7f6a
Faulting application path: C:\Program Files (x86)\Claws Mail\claws-mail.exe
Faulting module path: C:\Program Files (x86)\Claws Mail\claws-mail.exe
Report ID: 2d2dc7bd-4f83-4f6a-94d3-22619f1dbd26
Faulting package full name:
Faulting package-relative application ID:

Error: (02/11/2018 09:59:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2084

Start Time: 01d3a31ef6420944

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Report Id: 3f0934a6-80d1-4cb7-8cee-a3cd719f9349

Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Error: (02/11/2018 09:59:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-1FFI7T5)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (02/06/2018 02:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 14.0.7192.5000, time stamp: 0x5a346f59
Faulting module name: wwlib.dll, version: 14.0.7192.5000, time stamp: 0x5a346f8b
Exception code: 0xc0000005
Fault offset: 0x00038fee
Faulting process ID: 0x67c
Faulting application start time: 0x01d39f538b9bb112
Faulting application path: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
Faulting module path: C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll
Report ID: 45df28d7-2b16-4560-aa32-c8d6fcd00c36
Faulting package full name:
Faulting package-relative application ID:

Error: (02/04/2018 11:04:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2018 11:03:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2018 04:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: operamail.exe, version: 1.0.1044.0, time stamp: 0x56aa20ee
Faulting module name: OperaMail.dll, version: 1.0.1044.0, time stamp: 0x56aa23cd
Exception code: 0x40000015
Fault offset: 0x009b92fd
Faulting process ID: 0x16ec
Faulting application start time: 0x01d39d08c4b02af2
Faulting application path: C:\Users\VL\AppData\Local\Opera Mail\operamail.exe
Faulting module path: C:\Users\VL\AppData\Local\Opera Mail\OperaMail.dll
Report ID: a8526789-486e-4512-ad09-87eef4c07106
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (02/13/2018 07:22:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 06:34:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:32:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1FFI7T5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-1FFI7T5\VIV SID (S-1-5-21-1150477090-3809027948-3889013003-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/13/2018 04:22:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FFI7T5)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-02-01 16:02:17.548
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F243EC95-9A98-4EA5-8B66-73815250BE98}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-01 15:55:43.185
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EECF3334-B9B4-422F-B818-F578D86FB490}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-01 15:48:11.240
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.610.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-02-01 15:48:11.240
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-02-01 15:48:11.234
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.610.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-02-01 15:48:11.234
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.610.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-02-01 15:48:11.234
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.610.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2018-02-13 19:33:55.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 19:33:55.598
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 19:03:11.538
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 19:03:11.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 18:42:51.688
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 18:42:51.685
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 18:42:51.679
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-13 18:42:51.676
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 58%
Total physical RAM: 6048.81 MB
Available physical RAM: 2520.78 MB
Total Virtual: 7008.81 MB
Available Virtual: 1849.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:918.8 GB) (Free:705.91 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.75 GB) (Free:1.38 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{0d8962b0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0d8962b0-0000-0000-0000-c0d2e5000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D8962B0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=478 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================

So far I don't see any signs of any rootkit but we'll run some checks.
Who told you about that rootkit?

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.

• Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
• Double click on downloaded file. OK self extracting prompt.
• MBAR will start. Click "Next" to continue.
• Click in the following screen "Update" to obtain the latest malware definitions.
• Once the update is complete select "Next" and click "Scan".
• When the scan is finished and no malware has been found select "Exit".
• If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
• Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

 

Thanks Broni - you'll be annoyed with me about this but apparently the Norton phone number I was given was a scam and I fell for it!!!! I feel very ashamed. I got on to my Bank fraud department and they said that I had to check with Norton which of course I did and have spent 2 hours with them resolving the problem and they assure me there is no trojan and they eventually managed to get my Security suite up and running, I am really, really sorry but as you can imagine it was very worrying and I could kick myself for falling for it. I know you say we should not do anything once we have contacted you but in this case I felt following my banks instructions was what I had to do

 

Look, no reason to apologize. You have to be so vigilant in today's computer world and sometimes we lower our guard and bad thing happen.
I'm glad everything ended up OK for you